SL-78: added settings to support protected recordings (#11)

* updates to docker-compose-dev * added proxy-nginx config files for handling requests to protected recordings * added template for protected recordings * completed changes for protected recordngs * completed changes for protected recordngs
author: Jesus Federico <jesus@123it.ca> 2021-09-16 10:38:07 -0400
committer: GitHub <noreply@github.com> 2021-09-16 10:38:07 -0400
commit: 390030bafcacd73690c6ae52314b8875adf85bb7 (patch)
tree: 639dda9cf61b2723a2963283b550e06cd6824dcf /data/proxy
parent: a20eca048908ff96e73e376fe6279044cae02ca8 (diff)
download: scalelite-run-itzks-390030bafcacd73690c6ae52314b8875adf85bb7.tar.gz
scalelite-run-itzks-390030bafcacd73690c6ae52314b8875adf85bb7.tar.bz2
scalelite-run-itzks-390030bafcacd73690c6ae52314b8875adf85bb7.zip
2 files changed, 122 insertions, 0 deletions
diff --git a/data/proxy/nginx/sites.template.scalelite-local-protected b/data/proxy/nginx/sites.template.scalelite-local-protected
new file mode 100644
index 0000000..239c09e
--- /dev/null
+++ b/data/proxy/nginx/sites.template.scalelite-local-protected
@@ -0,0 +1,61 @@
+#### For <$NGINX_HOSTNAME>
+
+upstream docker-scalelite-api {
+    server $NGINX_HOSTNAME:3000;
+}
+
+upstream docker-scalelite-recordings {
+    server scalelite-recordings:80;
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen  80;
+    listen [::]:80;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    location / {
+        return  301 https://$host$request_uri;
+    }
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    ## Configuration for Letsencrypt SSL Certificate
+    ssl_certificate /etc/letsencrypt/live/$NGINX_HOSTNAME/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/$NGINX_HOSTNAME/privkey.pem;
+
+    ## Configuration for SSL Certificate from a CA other than LetsEncrypt
+    #ssl_certificate /etc/ssl/fullchain.pem;
+    #ssl_certificate_key /etc/ssl/privkey.pem;
+
+    location /health_check {
+        proxy_pass http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+
+    location /static-resource {
+        rewrite /static-resource(/|$)(.*) /$2 break;
+        proxy_pass http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+        internal;
+    }
+
+    location /playback {
+        proxy_pass http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+    }
+
+    location / {
+        proxy_pass http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+}
diff --git a/data/proxy/nginx/sites.template.scalelite-proxy-protected b/data/proxy/nginx/sites.template.scalelite-proxy-protected
new file mode 100644
index 0000000..a4bb314
--- /dev/null
+++ b/data/proxy/nginx/sites.template.scalelite-proxy-protected
@@ -0,0 +1,61 @@
+#### For <$NGINX_HOSTNAME>
+
+upstream docker-scalelite-api {
+    server scalelite-api:3000;
+}
+
+upstream docker-scalelite-recordings {
+    server scalelite-recordings:80;
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen  80;
+    listen [::]:80;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    location / {
+        return  301 https://$host$request_uri;
+    }
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    ## Configuration for Letsencrypt SSL Certificate
+    ssl_certificate /etc/letsencrypt/live/$NGINX_HOSTNAME/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/$NGINX_HOSTNAME/privkey.pem;
+
+    ## Configuration for SSL Certificate from a CA other than LetsEncrypt
+    #ssl_certificate /etc/ssl/fullchain.pem;
+    #ssl_certificate_key /etc/ssl/privkey.pem;
+
+    location /health_check {
+        proxy_pass http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+
+    location /static-resource {
+        rewrite /static-resource(/|$)(.*) /$2 break;
+        proxy_pass http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+        internal;
+    }
+
+    location /playback {
+        proxy_pass http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+    }
+
+    location / {
+        proxy_pass http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+}
author	Jesus Federico <jesus@123it.ca>	2021-09-16 10:38:07 -0400
committer	GitHub <noreply@github.com>	2021-09-16 10:38:07 -0400
commit	390030bafcacd73690c6ae52314b8875adf85bb7 (patch)
tree	639dda9cf61b2723a2963283b550e06cd6824dcf /data/proxy
parent	a20eca048908ff96e73e376fe6279044cae02ca8 (diff)
download	scalelite-run-itzks-390030bafcacd73690c6ae52314b8875adf85bb7.tar.gz scalelite-run-itzks-390030bafcacd73690c6ae52314b8875adf85bb7.tar.bz2 scalelite-run-itzks-390030bafcacd73690c6ae52314b8875adf85bb7.zip