Rather see the data/ folder as examples/ for the docker host configuration.

6 files changed, 345 insertions, 0 deletions

diff --git a/examples/proxy/nginx/sites-common b/examples/proxy/nginx/sites-common
new file mode 100644
index 0000000..d906992
--- /dev/null
+++ b/examples/proxy/nginx/sites-common
@@ -0,0 +1,13 @@
+proxy_read_timeout 60s;
+proxy_redirect off;
+
+proxy_set_header  Host $http_host;
+
+proxy_set_header  X-Real-IP $remote_addr;
+proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
+
+proxy_set_header  X-Forwarded-Proto $scheme;
+
+proxy_http_version 1.1;
+proxy_set_header Upgrade $http_upgrade;
+proxy_set_header Connection "upgrade";
diff --git a/examples/proxy/nginx/sites.template.scalelite-cluster b/examples/proxy/nginx/sites.template.scalelite-cluster
new file mode 100644
index 0000000..395fabe
--- /dev/null
+++ b/examples/proxy/nginx/sites.template.scalelite-cluster
@@ -0,0 +1,77 @@
+#### For <$NGINX_HOSTNAME>
+
+upstream docker-scalelite-api {
+    server scalelite-api-1:80 max_fails=3 fail_timeout=30s;
+    server scalelite-api-2:80 max_fails=3 fail_timeout=30s;
+}
+
+upstream docker-scalelite-recordings {
+    server scalelite-recordings-1:80  max_fails=3 fail_timeout=30s;
+    server scalelite-recordings-2:80  max_fails=3 fail_timeout=30s;
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen  80;
+    listen [::]:80;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    location / {
+        return  301 https://$host$request_uri;
+    }
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    ## Configuration for Letsencrypt SSL Certificate
+    ssl_certificate /etc/letsencrypt/live/$NGINX_HOSTNAME/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/$NGINX_HOSTNAME/privkey.pem;
+
+    ## Configuration for SSL Certificate from a CA other than LetsEncrypt
+    #ssl_certificate /etc/ssl/fullchain.pem;
+    #ssl_certificate_key /etc/ssl/privkey.pem;
+
+    location /bigbluebutton/api/ {
+        proxy_pass  http://docker-scalelite-api;
+
+        proxy_read_timeout 60s;
+        proxy_redirect off;
+
+        proxy_set_header  Host $http_host;
+
+        proxy_set_header  X-Real-IP $remote_addr;
+        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
+
+        proxy_set_header  X-Forwarded-Proto $scheme;
+
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+    }
+
+    location / {
+        proxy_pass  http://docker-scalelite-recordings;
+
+        proxy_read_timeout 60s;
+        proxy_redirect off;
+
+        proxy_set_header  Host $http_host;
+
+        proxy_set_header  X-Real-IP $remote_addr;
+        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
+
+        proxy_set_header  X-Forwarded-Proto $scheme;
+
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+    }
+}
diff --git a/examples/proxy/nginx/sites.template.scalelite-local b/examples/proxy/nginx/sites.template.scalelite-local
new file mode 100644
index 0000000..dfb5f97
--- /dev/null
+++ b/examples/proxy/nginx/sites.template.scalelite-local
@@ -0,0 +1,64 @@
+#### For <$NGINX_HOSTNAME>
+
+upstream docker-scalelite-api {
+    server $NGINX_HOSTNAME:3000;
+}
+
+upstream docker-scalelite-recordings {
+    server scalelite-recordings:80;
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen  80;
+    listen [::]:80;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    location / {
+        return  301 https://$host$request_uri;
+    }
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    ## Configuration for Letsencrypt SSL Certificate
+    ssl_certificate /etc/letsencrypt/live/$NGINX_HOSTNAME/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/$NGINX_HOSTNAME/privkey.pem;
+
+    ## Configuration for SSL Certificate from a CA other than LetsEncrypt
+    #ssl_certificate /etc/ssl/fullchain.pem;
+    #ssl_certificate_key /etc/ssl/privkey.pem;
+
+    location /health_check {
+        proxy_pass  http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+
+    location /bigbluebutton/api/ {
+        proxy_pass  http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+
+    location /presentation/ {
+        proxy_pass  http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+    }
+
+    location /playback/ {
+        proxy_pass  http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+    }
+
+    location / {
+        proxy_pass http://docker-scalelite-api/health_check;
+        include /etc/nginx/sites-common;
+    }
+}
diff --git a/examples/proxy/nginx/sites.template.scalelite-local-protected b/examples/proxy/nginx/sites.template.scalelite-local-protected
new file mode 100644
index 0000000..d53d130
--- /dev/null
+++ b/examples/proxy/nginx/sites.template.scalelite-local-protected
@@ -0,0 +1,61 @@
+#### For <$NGINX_HOSTNAME>
+
+upstream docker-scalelite-api {
+    server $NGINX_HOSTNAME:3000;
+}
+
+upstream docker-scalelite-recordings {
+    server scalelite-recordings:80;
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen  80;
+    listen [::]:80;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    location / {
+        return  301 https://$host$request_uri;
+    }
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    ## Configuration for Letsencrypt SSL Certificate
+    ssl_certificate /etc/letsencrypt/live/$NGINX_HOSTNAME/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/$NGINX_HOSTNAME/privkey.pem;
+
+    ## Configuration for SSL Certificate from a CA other than LetsEncrypt
+    #ssl_certificate /etc/ssl/fullchain.pem;
+    #ssl_certificate_key /etc/ssl/privkey.pem;
+
+    location /health_check {
+        proxy_pass http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+
+    location /static-resource/ {
+        rewrite /static-resource(/|$)(.*) /$2 break;
+        proxy_pass http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+        internal;
+    }
+
+    location /playback {
+        proxy_pass http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+    }
+
+    location / {
+        proxy_pass http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+}
diff --git a/examples/proxy/nginx/sites.template.scalelite-proxy b/examples/proxy/nginx/sites.template.scalelite-proxy
new file mode 100644
index 0000000..c099bcb
--- /dev/null
+++ b/examples/proxy/nginx/sites.template.scalelite-proxy
@@ -0,0 +1,69 @@
+#### For <$NGINX_HOSTNAME>
+
+upstream docker-scalelite-api {
+    server scalelite-api:3000;
+}
+
+upstream docker-scalelite-recordings {
+    server scalelite-recordings:80;
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen  80;
+    listen [::]:80;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    location / {
+        return  301 https://$host$request_uri;
+    }
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+    ssl_prefer_server_ciphers on;
+    ssl_session_cache       shared:SSL:10m;
+
+    ## Configuration for Letsencrypt SSL Certificate
+    ssl_certificate /etc/letsencrypt/live/$NGINX_HOSTNAME/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/$NGINX_HOSTNAME/privkey.pem;
+
+    ## Configuration for SSL Certificate from a CA other than LetsEncrypt
+    #ssl_certificate /etc/ssl/fullchain.pem;
+    #ssl_certificate_key /etc/ssl/privkey.pem;
+
+    location /health_check {
+        proxy_pass  http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+
+    location /bigbluebutton/api/ {
+        proxy_pass  http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+
+    location /presentation/ {
+        proxy_pass  http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+    }
+
+    location /playback/ {
+        proxy_pass  http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+    }
+
+    location / {
+        proxy_pass http://docker-scalelite-api/health_check;
+        include /etc/nginx/sites-common;
+    }
+}
diff --git a/examples/proxy/nginx/sites.template.scalelite-proxy-protected b/examples/proxy/nginx/sites.template.scalelite-proxy-protected
new file mode 100644
index 0000000..5a8403a
--- /dev/null
+++ b/examples/proxy/nginx/sites.template.scalelite-proxy-protected
@@ -0,0 +1,61 @@
+#### For <$NGINX_HOSTNAME>
+
+upstream docker-scalelite-api {
+    server scalelite-api:3000;
+}
+
+upstream docker-scalelite-recordings {
+    server scalelite-recordings:80;
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen  80;
+    listen [::]:80;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    location / {
+        return  301 https://$host$request_uri;
+    }
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    ## Configuration for Letsencrypt SSL Certificate
+    ssl_certificate /etc/letsencrypt/live/$NGINX_HOSTNAME/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/$NGINX_HOSTNAME/privkey.pem;
+
+    ## Configuration for SSL Certificate from a CA other than LetsEncrypt
+    #ssl_certificate /etc/ssl/fullchain.pem;
+    #ssl_certificate_key /etc/ssl/privkey.pem;
+
+    location /health_check {
+        proxy_pass http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+
+    location /static-resource/ {
+        rewrite /static-resource(/|$)(.*) /$2 break;
+        proxy_pass http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+        internal;
+    }
+
+    location /playback {
+        proxy_pass http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+    }
+
+    location / {
+        proxy_pass http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+}