# Nginx configuration to proxy to Docker workflow application # Add this to your main nginx configuration or create a new site configuration upstream selfservice_docker { server localhost:9080; } upstream selfservice_docker_ssl { server localhost:9443; } # Drone Detection System upstreams upstream drone_frontend { server localhost:3001; # Frontend container port } upstream drone_backend { server localhost:3002; # Backend API container port } # HTTP configuration server { listen 80; server_name selfservice.local selfservice.cqers.com; # Change to your domain # Redirect HTTP to HTTPS (optional) # return 301 https://$server_name$request_uri; # Drone Detection System routes location /drones/ { proxy_pass http://drone_frontend/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Port $server_port; # WebSocket support for real-time updates proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # Timeouts proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; # Handle large payloads client_max_body_size 10M; } # Drone static assets (CSS, JS, images) - handle /drones/assets/ paths location /drones/assets/ { proxy_pass http://drone_frontend/assets/; proxy_set_header Host $host; # Cache static assets expires 1y; add_header Cache-Control "public, immutable"; # CORS headers for assets add_header Access-Control-Allow-Origin "*"; } # Drone favicon from /drones/ path location /drones/favicon.ico { proxy_pass http://drone_frontend/favicon.ico; proxy_set_header Host $host; # Cache favicon expires 1y; add_header Cache-Control "public, immutable"; } # Legacy asset routes (in case some assets still use absolute paths) location /assets/ { proxy_pass http://drone_frontend/assets/; proxy_set_header Host $host; # Cache static assets expires 1y; add_header Cache-Control "public, immutable"; # CORS headers for assets add_header Access-Control-Allow-Origin "*"; } # Legacy favicon route location /favicon.ico { proxy_pass http://drone_frontend/favicon.ico; proxy_set_header Host $host; # Cache favicon expires 1y; add_header Cache-Control "public, immutable"; } # Drone API routes location /drones/api/ { proxy_pass http://drone_backend/api/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Port $server_port; # API specific headers proxy_set_header Content-Type application/json; # Timeouts for API calls proxy_connect_timeout 30s; proxy_send_timeout 30s; proxy_read_timeout 60s; # Handle large API payloads client_max_body_size 10M; } # Drone health check location /drones/health { proxy_pass http://drone_backend/health; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } # Drone WebSocket endpoint for real-time updates location /drones/socket.io/ { proxy_pass http://drone_backend/socket.io/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # WebSocket specific headers proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_cache_bypass $http_upgrade; # Longer timeouts for persistent connections proxy_connect_timeout 60s; proxy_send_timeout 300s; proxy_read_timeout 300s; } # Original selfservice application - proxy directly to Docker container location / { proxy_pass http://selfservice_docker; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Port $server_port; # WebSocket support (if needed) proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # Timeouts proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; } # API specific routing (optional optimization) for selfservice location /api/ { proxy_pass http://selfservice_docker; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } # HTTPS configuration (optional) server { listen 443 ssl http2; server_name selfservice.local selfservice.cqers.com; # Change to your domain # SSL certificate configuration (adjust paths to your certificates) # ssl_certificate /path/to/your/certificate.crt; # ssl_certificate_key /path/to/your/private.key; # Drone Detection System routes (HTTPS) location /drones/ { proxy_pass http://drone_frontend/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Port $server_port; # WebSocket support for real-time updates proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # Timeouts proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; # Handle large payloads client_max_body_size 10M; } # Drone static assets (CSS, JS, images) - handle /drones/assets/ paths (HTTPS) location /drones/assets/ { proxy_pass http://drone_frontend/assets/; proxy_set_header Host $host; # Cache static assets expires 1y; add_header Cache-Control "public, immutable"; # CORS headers for assets add_header Access-Control-Allow-Origin "*"; } # Drone favicon from /drones/ path (HTTPS) location /drones/favicon.ico { proxy_pass http://drone_frontend/favicon.ico; proxy_set_header Host $host; # Cache favicon expires 1y; add_header Cache-Control "public, immutable"; } # Legacy asset routes (HTTPS) location /assets/ { proxy_pass http://drone_frontend/assets/; proxy_set_header Host $host; # Cache static assets expires 1y; add_header Cache-Control "public, immutable"; # CORS headers for assets add_header Access-Control-Allow-Origin "*"; } # Legacy favicon route (HTTPS) location /favicon.ico { proxy_pass http://drone_frontend/favicon.ico; proxy_set_header Host $host; # Cache favicon expires 1y; add_header Cache-Control "public, immutable"; } # Drone API routes (HTTPS) location /drones/api/ { proxy_pass http://drone_backend/api/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Port $server_port; # API specific headers proxy_set_header Content-Type application/json; # Timeouts for API calls proxy_connect_timeout 30s; proxy_send_timeout 30s; proxy_read_timeout 60s; # Handle large API payloads client_max_body_size 10M; } # Drone health check (HTTPS) location /drones/health { proxy_pass http://drone_backend/health; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } # Drone WebSocket endpoint (HTTPS) location /drones/socket.io/ { proxy_pass http://drone_backend/socket.io/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; # WebSocket specific headers proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_cache_bypass $http_upgrade; # Longer timeouts for persistent connections proxy_connect_timeout 60s; proxy_send_timeout 300s; proxy_read_timeout 300s; } # Original selfservice application - proxy to Docker container's HTTPS location / { proxy_pass https://selfservice_docker_ssl; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Port $server_port; # SSL verification for upstream (adjust as needed) proxy_ssl_verify off; # WebSocket support proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # Timeouts proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; } }