2023-07-16 18:16:07 +00:00
|
|
|
---
|
|
|
|
# https://code.samourai.io/dojo/samourai-dojo/-/tree/develop/docker/my-dojo/nginx/mainnet.conf
|
|
|
|
- name: Dojo | Configure nginx to include the template
|
|
|
|
ansible.builtin.import_role:
|
|
|
|
name: nginxinc.nginx_core.nginx_config
|
|
|
|
vars:
|
|
|
|
nginx_config_http_template_enable: true
|
|
|
|
nginx_config_http_template:
|
|
|
|
- template_file: http/default.conf.j2
|
|
|
|
deployment_location: "/etc/nginx/conf.d/samourai-dojo_{{ inventory_hostname }}.conf"
|
|
|
|
backup: false
|
|
|
|
config:
|
|
|
|
servers:
|
|
|
|
- core:
|
|
|
|
listen:
|
|
|
|
- address: "{{ default_interface_ipv4_address|default(ansible_default_ipv4.address) }}:{{ samourai_dojo_https_port|default(4440) }} ssl"
|
|
|
|
include:
|
|
|
|
- "/etc/nginx/acme_{{ inventory_hostname }}.conf"
|
|
|
|
log:
|
|
|
|
access:
|
|
|
|
- off
|
|
|
|
locations:
|
2023-07-16 21:55:02 +00:00
|
|
|
# Proxy WebSocket connections first
|
|
|
|
- location: /v2/inv
|
|
|
|
proxy:
|
|
|
|
pass: "http://127.0.0.1:{{ samourai_dojo_ws_http_port|default(8080)}}"
|
|
|
|
http_version: '1.1'
|
|
|
|
set_header:
|
|
|
|
- field: Host
|
|
|
|
value: $http_host
|
|
|
|
- field: Connection
|
|
|
|
value: $connection_upgrade
|
|
|
|
- field: Upgrade
|
|
|
|
value: $http_upgrade
|
|
|
|
# PushTX server is separate, so proxy first
|
|
|
|
- location: /v2/pushtx/
|
|
|
|
proxy:
|
|
|
|
pass: "http://127.0.0.1:{{ samourai_dojo_pushtx_http_port|default(8081)}}/"
|
|
|
|
# Tracker server is separate, so proxy first
|
|
|
|
- location: /v2/tracker/
|
|
|
|
proxy:
|
|
|
|
pass: "http://127.0.0.1:{{ samourai_dojo_tracker_http_port|default(8082)}}/"
|
|
|
|
# Proxy requests to maintenance tool
|
|
|
|
- location: /admin/
|
|
|
|
proxy:
|
|
|
|
pass: "http://127.0.0.1:{{ samourai_dojo_ws_http_port|default(8080)}}/static/admin/"
|
|
|
|
# Proxy all other v2 requests to the accounts server
|
|
|
|
- location: /v2/
|
|
|
|
proxy:
|
|
|
|
pass: "http://127.0.0.1:{{ samourai_dojo_ws_http_port|default(8080)}}/"
|
|
|
|
# Redirect onion address to maintenance tool
|
2023-07-16 18:16:07 +00:00
|
|
|
- location: = /
|
|
|
|
rewrite:
|
|
|
|
return:
|
|
|
|
url: /admin
|
|
|
|
code: 301
|
2023-07-16 21:55:02 +00:00
|
|
|
# Serve remaining requests
|
|
|
|
- location: /
|
|
|
|
rewrite:
|
|
|
|
return:
|
|
|
|
code: 200
|
|
|
|
text: >
|
|
|
|
'{"status":"ok"}'
|
|
|
|
headers:
|
|
|
|
add_headers:
|
|
|
|
- name: Content-Type
|
|
|
|
value: application/json
|
2023-07-16 18:16:07 +00:00
|
|
|
- core:
|
2023-07-16 21:55:02 +00:00
|
|
|
server_name: "{{ samourai_dojo_onion_address|default('_') }}"
|
2023-07-16 18:16:07 +00:00
|
|
|
listen:
|
|
|
|
- address: "127.0.0.1:{{ samourai_dojo_onion_port|default(80) }}"
|
|
|
|
send_timeout: 600s
|
|
|
|
log:
|
|
|
|
access:
|
|
|
|
- off
|
|
|
|
locations:
|
2023-07-16 21:55:02 +00:00
|
|
|
# Proxy WebSocket connections first
|
2023-07-16 18:16:07 +00:00
|
|
|
- location: /v2/inv
|
|
|
|
proxy:
|
|
|
|
pass: "http://127.0.0.1:{{ samourai_dojo_ws_http_port|default(8080)}}"
|
|
|
|
connect_timeout: 600s
|
|
|
|
read_timeout: 600s
|
|
|
|
send_timeout: 600s
|
|
|
|
http_version: '1.1'
|
|
|
|
set_header:
|
|
|
|
- field: Host
|
|
|
|
value: $http_host
|
|
|
|
- field: Connection
|
|
|
|
value: $connection_upgrade
|
|
|
|
- field: Upgrade
|
|
|
|
value: $http_upgrade
|
|
|
|
# PushTX server is separate, so proxy first
|
|
|
|
- location: /v2/pushtx/
|
|
|
|
proxy:
|
|
|
|
pass: "http://127.0.0.1:{{ samourai_dojo_pushtx_http_port|default(8081)}}/"
|
|
|
|
connect_timeout: 600s
|
|
|
|
read_timeout: 600s
|
|
|
|
send_timeout: 600s
|
|
|
|
# Tracker server is separate, so proxy first
|
|
|
|
- location: /v2/tracker/
|
|
|
|
proxy:
|
|
|
|
pass: "http://127.0.0.1:{{ samourai_dojo_tracker_http_port|default(8082)}}/"
|
|
|
|
connect_timeout: 600s
|
|
|
|
read_timeout: 600s
|
|
|
|
send_timeout: 600s
|
|
|
|
# Proxy requests to maintenance tool
|
|
|
|
- location: /admin/
|
|
|
|
proxy:
|
|
|
|
pass: "http://127.0.0.1:{{ samourai_dojo_ws_http_port|default(8080)}}/static/admin/"
|
|
|
|
connect_timeout: 600s
|
|
|
|
read_timeout: 600s
|
|
|
|
send_timeout: 600s
|
|
|
|
# Proxy all other v2 requests to the accounts server
|
|
|
|
- location: /v2/
|
|
|
|
proxy:
|
|
|
|
pass: "http://127.0.0.1:{{ samourai_dojo_ws_http_port|default(8080)}}/"
|
|
|
|
connect_timeout: 600s
|
|
|
|
read_timeout: 600s
|
|
|
|
send_timeout: 600s
|
|
|
|
# Redirect onion address to maintenance tool
|
|
|
|
- location: = /
|
|
|
|
rewrite:
|
|
|
|
return:
|
|
|
|
url: /admin
|
|
|
|
code: 301
|
|
|
|
# Serve remaining requests
|
|
|
|
- location: /
|
|
|
|
rewrite:
|
|
|
|
return:
|
|
|
|
code: 200
|
|
|
|
text: >
|
|
|
|
'{"status":"ok"}'
|
|
|
|
headers:
|
|
|
|
add_headers:
|
|
|
|
- name: Content-Type
|
2023-07-16 21:55:02 +00:00
|
|
|
value: application/json
|