From cfc23d65d69c7ac3500773f2ba651e70adaa2dea Mon Sep 17 00:00:00 2001 From: narendra modi Date: Fri, 15 Mar 2024 13:29:24 +0000 Subject: [PATCH] fix: NGINX --- nginx/nginx.conf | 117 ++++++++++++++++++++++++++--------------------- 1 file changed, 64 insertions(+), 53 deletions(-) diff --git a/nginx/nginx.conf b/nginx/nginx.conf index af3fb1c..96c96d3 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -1,60 +1,71 @@ +user nginx; # Server block for your application # create a limit -geo $limit { - default 1; - 10.0.0.0/8 0; - 192.168.0.0/24 0; +events { + worker_connections 5000; } -map $limit $limit_key { - 0 ""; - 1 $binary_remote_addr; -} +http { + geo $limit { + default 1; + 10.0.0.0/8 0; + 192.168.0.0/24 0; + } + + map $limit $limit_key { + 0 ""; + 1 $binary_remote_addr; + } + + limit_req_zone $limit_key zone=api_limit:10m rate=10r/s; + + server { +# Listen on the port exposed by the container (80 in this example) + listen 80; + http2 on; + server_name devsoc-24-api.codechefvit.com; + gzip on; + gzip_proxied any; + gzip_types text/plain text/css application/json application/javascript; + +# Access log for debugging + access_log /var/log/nginx/access.log; + +# Serve static files from the application directory + location / { + + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' 'https://for-your-eyes-only.codechefvit.com'; + add_header 'Access-Control-Allow-Credentials' 'true'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE, PATCH'; + add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; + add_header 'Access-Control-Max-Age' 1728000; + add_header 'Content-Type' 'text/plain charset=UTF-8'; + add_header 'Content-Length' 0; + return 204; + } + + add_header 'Access-Control-Allow-Origin' 'https://for-your-eyes-only.codechefvit.com' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PATCH, DELETE' always; + add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always; + add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; + add_header 'Access-Control-Allow-Credentials' 'true' always; + +# Adjust these settings based on your application's needs + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_cache_bypass $http_upgrade; + proxy_buffering off; + proxy_cache off; + +# Set the rate limit + limit_req zone=api_limit burst=10 nodelay; + limit_req_status 429; + -limit_req_zone $limit_key zone=api_limit:10m rate=10r/s; - -server { - # Listen on the port exposed by the container (80 in this example) - listen 80; - http2 on; - gzip on; - gzip_proxied any; - gzip_types text/plain text/css application/json application/javascript; - - # Access log for debugging - access_log /var/log/nginx/access.log; - - # Serve static files from the application directory - location / { - - if ($request_method = 'OPTIONS') { - add_header 'Access-Control-Allow-Origin' 'http://localhost:3000'; - add_header 'Access-Control-Allow-Credentials' 'true'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE, PATCH'; - add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,Authorization,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; - add_header 'Access-Control-Max-Age' 1728000; - add_header 'Content-Type' 'text/plain charset=UTF-8'; - add_header 'Content-Length' 0; - return 204; - } - - add_header 'Access-Control-Allow-Origin' 'http://localhost:3000' always; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PATCH, DELETE' always; - add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always; - add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; - add_header 'Access-Control-Allow-Credentials' 'true' always; - - # Adjust these settings based on your application's needs - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_cache_bypass $http_upgrade; - - # Set the rate limit - limit_req zone=api_limit burst=20 nodelay; - limit_req_status 429; - - # Forward requests to the application container (change 127.0.0.1 to your API container name if different) - proxy_pass http://api:8080; - } +# Forward requests to the application container (change 127.0.0.1 to your API container name if different) + proxy_pass http://api:8080; + } + } }