Add a Dockerfile for frontend test container; adapt code to simplify synchronization or Docker linkage
This commit is contained in:
nemunaire
parent
6c69867bcc
commit
bca09af2e0
15 changed files with 329 additions and 218 deletions
108
front/nginx.conf
Normal file
108
front/nginx.conf
Normal file
|
|
@ -0,0 +1,108 @@
|
|||
server_tokens off;
|
||||
client_header_buffer_size 512;
|
||||
client_max_body_size 512;
|
||||
|
||||
server {
|
||||
listen 80 default;
|
||||
listen [::]:80 ipv6only=on default;
|
||||
|
||||
rewrite ^ https://$host$uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ipv6only=on ssl;
|
||||
|
||||
root /var/www/fic-server/out/htdocs/;
|
||||
|
||||
access_log /var/log/nginx/fic.access_log;
|
||||
error_log /var/log/nginx/fic.error_log;
|
||||
|
||||
ssl_certificate /var/www/fic-server/misc/shared/server.crt;
|
||||
ssl_certificate_key /var/www/fic-server/misc/shared/server.key;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_prefer_server_ciphers on;
|
||||
# ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:!ADH:!AECDH:!MD5:!DSS;
|
||||
ssl_ciphers AES256+EECDH:AES256+EDH;
|
||||
ssl_client_certificate /var/www/fic-server/misc/shared/cacert.crt;
|
||||
ssl_verify_client optional;
|
||||
ssl_crl /var/www/fic-server/misc/shared/crl.pem;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
|
||||
add_header X-Frame-Options DENY;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
|
||||
error_page 400 /errors/400/index.html;
|
||||
error_page 403 /errors/403/index.html;
|
||||
error_page 404 /errors/404/index.html;
|
||||
error_page 413 414 /errors/413/index.html;
|
||||
error_page 500 503 /errors/500/index.html;
|
||||
error_page 502 504 /errors/502/index.html;
|
||||
|
||||
location /
|
||||
{
|
||||
default_type text/html;
|
||||
expires epoch;
|
||||
|
||||
set $team 0;
|
||||
|
||||
include /var/www/fic-server/misc/shared/nginx-teams.conf;
|
||||
|
||||
if ($team) {
|
||||
root /var/www/fic-server/out/teams/$team$1;
|
||||
rewrite ^/([0-9]+-?[a-zA-Z0-9_-]*)/([a-zA-Z0-9_]+)/submission$ /submission.php?team=$team&theme=$1&exercice=$2 last;
|
||||
}
|
||||
if ($team = 0) {
|
||||
root /var/www/fic-server/out/htdocs/;
|
||||
}
|
||||
}
|
||||
|
||||
location /errors
|
||||
{
|
||||
root /var/www/fic-server/out/;
|
||||
}
|
||||
|
||||
location /connected
|
||||
{
|
||||
return 403;
|
||||
}
|
||||
|
||||
location /files
|
||||
{
|
||||
root /var/www/fic-server/;
|
||||
|
||||
# option to accelerate file delivery, require a custom nginx
|
||||
#aio on;
|
||||
directio 512;
|
||||
output_buffers 1 128k;
|
||||
}
|
||||
|
||||
location ~* \favicon.ico$ {
|
||||
root /var/www/fic-server/out/htdocs/;
|
||||
access_log off;
|
||||
expires 1d;
|
||||
add_header Cache-Control public;
|
||||
}
|
||||
|
||||
location ~ ^/(assets|img|js|css|fonts)/ {
|
||||
root /var/www/fic-server/out/htdocs/;
|
||||
access_log off;
|
||||
expires 7d;
|
||||
add_header Cache-Control public;
|
||||
}
|
||||
|
||||
location ~ /(\.ht|\.git|\.svn|\.onyx) {
|
||||
return 403;
|
||||
}
|
||||
|
||||
location /submission.php
|
||||
{
|
||||
root /var/www/fic-server/front/;
|
||||
|
||||
limit_rate 4k;
|
||||
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_pass unix:/var/run/php-fpm.sock;
|
||||
break;
|
||||
}
|
||||
}
|
||||
Reference in a new issue