aguia-pescadora-alpha (#17), aguia-pescadora-bravo (#16), https-para-…

…portas-localhost (#57): implementado http(s) para porta em AP Alpha; mensagem de 502 Bad Gateway substituída por 501 Not Implemented

logbook/aguia-pescadora-alpha.sh

@@ -454,6 +454,28 @@ sudo certbot --nginx -d aguia-pescadora-alpha.etica.ai -d apa.etica.ai
 ### Userdir
 # Userdir não implementado em Alpha
 
+### Portas internas ____________________________________________________________
+# Subdomínios padronizados com HTTP/HTTPS para portas comuns
+# ISSUE: https://github.com/fititnt/cplp-aiops/issues/57
+
+vim /etc/nginx/sites-available/PORTAS-INTERNAS.apa.etica.ai.conf
+# Adicione as configurações desejadas neste servidor no arquivo acima...
+sudo ln -s /etc/nginx/sites-available/PORTAS-INTERNAS.apa.etica.ai.conf /etc/nginx/sites-enabled/
+sudo nginx -t
+sudo systemctl reload nginx
+
+sudo certbot --nginx \
+  -d 2000.apa.etica.ai \
+  -d 3000.apa.etica.ai \
+  -d 4000.apa.etica.ai \
+  -d 5000.apa.etica.ai \
+  -d 6000.apa.etica.ai \
+  -d 7000.apa.etica.ai \
+  -d 8000.apa.etica.ai \
+  -d 8080.apa.etica.ai \
+  -d 8888.apa.etica.ai \
+  -d 9000.apa.etica.ai
+
 
 # PROTIP: acompanhe os arquivos a seguir para debugar
 #             tail -f /var/log/nginx/access.log

logbook/aguia-pescadora-alpha/etc/nginx/sites-available/PORTAS-INTERNAS.apa.etica.ai.conf

@@ -0,0 +1,201 @@
+server {
+    listen 80;
+    listen [::]:80;
+    server_name 2000.apa.etica.ai 2000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
+    location / {
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
+        proxy_pass   http://127.0.0.1:2000;
+    }
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    listen 80;
+    listen [::]:80;
+    server_name 3000.apa.etica.ai 3000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
+    location / {
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
+        proxy_pass   http://127.0.0.1:3000;
+    }
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    listen 80;
+    listen [::]:80;
+    server_name 4000.apa.etica.ai 4000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
+    location / {
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
+        proxy_pass   http://127.0.0.1:4000;
+    }
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    listen 80;
+    listen [::]:80;
+    server_name 5000.apa.etica.ai 5000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
+    location / {
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
+        proxy_pass   http://127.0.0.1:5000;
+    }
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    listen 80;
+    listen [::]:80;
+    server_name 6000.apa.etica.ai 6000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
+    location / {
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
+        proxy_pass   http://127.0.0.1:6000;
+    }
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    listen 80;
+    listen [::]:80;
+    server_name 7000.apa.etica.ai 7000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
+    location / {
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
+        proxy_pass   http://127.0.0.1:7000;
+    }
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    listen 80;
+    listen [::]:80;
+    server_name 8000.apa.etica.ai 8000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
+    location / {
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
+        proxy_pass   http://127.0.0.1:8000;
+    }
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    listen 80;
+    listen [::]:80;
+    server_name 8080.apa.etica.ai 8080.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
+    location / {
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
+        proxy_pass   http://127.0.0.1:8080;
+    }
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    listen 80;
+    listen [::]:80;
+    server_name 8888.apa.etica.ai 8888.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
+    location / {
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
+        proxy_pass   http://127.0.0.1:8888;
+    }
+
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    listen 80;
+    listen [::]:80;
+    server_name 9000.apa.etica.ai 9000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
+    location / {
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
+        proxy_pass   http://127.0.0.1:9000;
+    }
+
+    listen [::]:443 ssl; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}

logbook/aguia-pescadora-alpha/etc/nginx/snippets/PORTAS-INTERNAS-location.conf

@@ -0,0 +1,5 @@
+# FILE:         /etc/nginx/snippets/PORTAS-INTERNAS-server.conf
+# DESCRIPTION:  Arquivo importado no escopo de location / de
+#               /etc/nginx/sites-available/PORTAS-INTERNAS.apa.etica.ai.conf
+
+proxy_ignore_client_abort on;

logbook/aguia-pescadora-alpha/etc/nginx/snippets/PORTAS-INTERNAS-server.conf

@@ -0,0 +1,24 @@
+# FILE:         /etc/nginx/snippets/PORTAS-INTERNAS-server.conf
+# DESCRIPTION:  Arquivo importado no escopo de server de
+#               /etc/nginx/sites-available/PORTAS-INTERNAS.apa.etica.ai.conf
+
+location = /favicon.ico {
+    access_log off;
+    log_not_found off;
+    return 204;
+    #try_files $uri = 204;
+}
+
+location = /robots.txt {
+    access_log off;
+    log_not_found off;
+    #add_header Content-Type 'text/plain charset=UTF-8' always;
+    return 200 "#robots.txt padrao (sobrescreve a aplicacao)\nUser-agent: *\nDisallow: /\n";
+}
+
+error_page 502 =501 /502.html;
+location /502.html {
+    #more_set_headers 'Content-Type: application/json charset=UTF-8';
+    add_header 'Content-Type' 'application/json charset=UTF-8' always;
+    return 501 '{"error": {"status_code": 501,"status": "Não Implementado"}, "Server": "aguia-pescadora-alpha.etica.ai"}';
+}

logbook/aguia-pescadora-bravo/etc/nginx/sites-available/PORTAS-INTERNAS.apb.etica.ai.conf

@@ -2,8 +2,11 @@ server {
     listen 80;
     listen [::]:80;
     server_name 2000.apb.etica.ai 2000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
     location / {
-        proxy_ignore_client_abort on;
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
         proxy_pass   http://127.0.0.1:2000;
     }
 
@@ -19,8 +22,11 @@ server {
     listen 80;
     listen [::]:80;
     server_name 3000.apb.etica.ai 3000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
     location / {
-        proxy_ignore_client_abort on;
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
         proxy_pass   http://127.0.0.1:3000;
     }
 
@@ -36,8 +42,11 @@ server {
     listen 80;
     listen [::]:80;
     server_name 4000.apb.etica.ai 4000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
     location / {
-        proxy_ignore_client_abort on;
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
         proxy_pass   http://127.0.0.1:4000;
     }
 
@@ -53,8 +62,11 @@ server {
     listen 80;
     listen [::]:80;
     server_name 5000.apb.etica.ai 5000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
     location / {
-        proxy_ignore_client_abort on;
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
         proxy_pass   http://127.0.0.1:5000;
     }
 
@@ -70,8 +82,11 @@ server {
     listen 80;
     listen [::]:80;
     server_name 6000.apb.etica.ai 6000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
     location / {
-        proxy_ignore_client_abort on;
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
         proxy_pass   http://127.0.0.1:6000;
     }
 
@@ -87,8 +102,11 @@ server {
     listen 80;
     listen [::]:80;
     server_name 7000.apb.etica.ai 7000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
     location / {
-        proxy_ignore_client_abort on;
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
         proxy_pass   http://127.0.0.1:7000;
     }
 
@@ -104,8 +122,11 @@ server {
     listen 80;
     listen [::]:80;
     server_name 8000.apb.etica.ai 8000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
     location / {
-        proxy_ignore_client_abort on;
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
         proxy_pass   http://127.0.0.1:8000;
     }
 
@@ -121,8 +142,11 @@ server {
     listen 80;
     listen [::]:80;
     server_name 8080.apb.etica.ai 8080.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
     location / {
-        proxy_ignore_client_abort on;
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
         proxy_pass   http://127.0.0.1:8080;
     }
 
@@ -138,8 +162,11 @@ server {
     listen 80;
     listen [::]:80;
     server_name 8888.apb.etica.ai 8888.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
     location / {
-        proxy_ignore_client_abort on;
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
         proxy_pass   http://127.0.0.1:8888;
     }
 
@@ -155,8 +182,11 @@ server {
     listen 80;
     listen [::]:80;
     server_name 9000.apb.etica.ai 9000.lb-ap.etica.ai;
+
+    include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf;
+
     location / {
-        proxy_ignore_client_abort on;
+        include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf;
         proxy_pass   http://127.0.0.1:9000;
     }