From 390030bafcacd73690c6ae52314b8875adf85bb7 Mon Sep 17 00:00:00 2001
From: Jesus Federico <jesus@123it.ca>
Date: Thu, 16 Sep 2021 10:38:07 -0400
Subject: SL-78: added settings to support protected recordings (#11)

* updates to docker-compose-dev

* added proxy-nginx config files for handling requests to protected recordings

* added template for protected recordings

* completed changes for protected recordngs

* completed changes for protected recordngs
---
 .../nginx/sites.template.scalelite-proxy-protected | 61 ++++++++++++++++++++++
 1 file changed, 61 insertions(+)
 create mode 100644 data/proxy/nginx/sites.template.scalelite-proxy-protected

(limited to 'data/proxy/nginx/sites.template.scalelite-proxy-protected')

diff --git a/data/proxy/nginx/sites.template.scalelite-proxy-protected b/data/proxy/nginx/sites.template.scalelite-proxy-protected
new file mode 100644
index 0000000..a4bb314
--- /dev/null
+++ b/data/proxy/nginx/sites.template.scalelite-proxy-protected
@@ -0,0 +1,61 @@
+#### For <$NGINX_HOSTNAME>
+
+upstream docker-scalelite-api {
+    server scalelite-api:3000;
+}
+
+upstream docker-scalelite-recordings {
+    server scalelite-recordings:80;
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen  80;
+    listen [::]:80;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    location / {
+        return  301 https://$host$request_uri;
+    }
+}
+
+server {
+    server_name $NGINX_HOSTNAME;
+
+    listen 443 ssl;
+    listen [::]:443 ssl;
+
+    ## Configuration for Letsencrypt SSL Certificate
+    ssl_certificate /etc/letsencrypt/live/$NGINX_HOSTNAME/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/$NGINX_HOSTNAME/privkey.pem;
+
+    ## Configuration for SSL Certificate from a CA other than LetsEncrypt
+    #ssl_certificate /etc/ssl/fullchain.pem;
+    #ssl_certificate_key /etc/ssl/privkey.pem;
+
+    location /health_check {
+        proxy_pass http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+
+    location /static-resource {
+        rewrite /static-resource(/|$)(.*) /$2 break;
+        proxy_pass http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+        internal;
+    }
+
+    location /playback {
+        proxy_pass http://docker-scalelite-recordings;
+        include /etc/nginx/sites-common;
+    }
+
+    location / {
+        proxy_pass http://docker-scalelite-api;
+        include /etc/nginx/sites-common;
+    }
+}
-- 
cgit v1.2.3