server_tokens off; proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=STATIC:10m inactive=24h max_size=1g; proxy_connect_timeout 1s; server { listen 80 default; listen [::]:80 default; root /srv/htdocs-frontend/; error_page 401 /welcome.html; error_page 403 404 /e404.html; error_page 413 404 /e413.html; error_page 500 502 504 /e500.html; location = / { #auth_basic "Secure Zone"; #auth_basic_user_file ficpasswd; } location = /index.html { #auth_basic "Secure Zone"; #auth_basic_user_file ficpasswd; } location = /welcome.html { internal; if ($http_accept ~ "^application/json") { rewrite ^/(.*).html$ /$1.json; } } location = /e404.html { internal; if ($http_accept ~ "^application/json") { rewrite ^/(.*).html$ /$1.json; } } location = /e413.html { internal; if ($http_accept ~ "^application/json") { rewrite ^/(.*).html$ /$1.json; } } location = /e500.html { internal; if ($http_accept ~ "^application/json") { rewrite ^/(.*).html$ /$1.json; } } location /edit { rewrite ^/.*$ /index.html; } location /rank { rewrite ^/.*$ /index.html; } location /rules { rewrite ^/.*$ /index.html; } location /tags/ { rewrite ^/.*$ /index.html; } location /register { rewrite ^/.*$ /index.html; } location ~ ^/[A-Z] { rewrite ^/.*$ /index.html; } location /files/ { alias /srv/FILES/; tcp_nodelay on; } location /wait.json { #auth_basic "Secure Zone"; #auth_basic_user_file ficpasswd; include /etc/nginx/auth.conf; root /srv/TEAMS/$team/; expires epoch; add_header Cache-Control no-cache; } location /stats.json { root /srv/TEAMS/; expires epoch; add_header Cache-Control no-cache; } location /my.json { #auth_basic "Secure Zone"; #auth_basic_user_file ficpasswd; include /etc/nginx/auth.conf; root /srv/TEAMS/$team/; expires epoch; add_header Cache-Control no-cache; if (!-f $document_root/../../startingblock/started) { rewrite ^/ /wait.json; } } location /settings.json { root /srv/SETTINGS/; expires epoch; add_header X-FIC-time $msec; add_header Cache-Control no-cache; } location /teams.json { root /srv/TEAMS/; expires epoch; add_header Cache-Control no-cache; } location /themes.json { root /srv/TEAMS/; expires epoch; add_header Cache-Control no-cache; } location /dashboard/ { #auth_basic "Secure Zone"; #auth_basic_user_file ficpasswd; #if ($remote_user !~ "^nemunaire|bombal_s$") { # return 403; #} proxy_pass http://fic-dashboard:8082; proxy_set_header X-Forwarded-For $remote_addr; proxy_redirect off; } location /api/ { #auth_basic "Secure Zone"; #auth_basic_user_file ficpasswd; #if ($remote_user !~ "^nemunaire|bombal_s$") { # return 403; #} proxy_pass http://fic-admin:8081/admin/api/; proxy_set_header X-Forwarded-For $remote_addr; proxy_redirect off; } location /admin/ { #auth_basic "Secure Zone"; #auth_basic_user_file ficpasswd; #if ($remote_user !~ "^nemunaire|bombal_s$") { # return 403; #} proxy_pass http://fic-admin:8081; proxy_set_header X-Forwarded-For $remote_addr; proxy_redirect off; } location /submit/ { #auth_basic "Secure Zone"; #auth_basic_user_file ficpasswd; include /etc/nginx/auth.conf; rewrite ^/submit/(.*)$ /submission/$team/$1 break; proxy_pass http://fic-frontend:8080/; proxy_set_header X-Forwarded-For $remote_addr; proxy_redirect off; } location /submit/name { #auth_basic "Secure Zone"; #auth_basic_user_file ficpasswd; include /etc/nginx/auth.conf; rewrite ^/submit/.*$ /chname/$team break; proxy_pass http://fic-frontend:8080/; proxy_set_header X-Forwarded-For $remote_addr; proxy_redirect off; } location /qa/ { proxy_pass http://fic-qa:8083; proxy_set_header X-Forwarded-For $remote_addr; proxy_redirect off; } location /registration { #auth_basic "Secure Zone"; #auth_basic_user_file ficpasswd; include /etc/nginx/auth.conf; rewrite ^/registration /registration/$team break; proxy_pass http://fic-frontend:8080; proxy_set_header X-Forwarded-For $remote_addr; proxy_redirect off; } location /openhint/ { #auth_basic "Secure Zone"; #auth_basic_user_file ficpasswd; include /etc/nginx/auth.conf; rewrite ^/openhint/(.*)$ /openhint/$team/$1 break; proxy_pass http://fic-frontend:8080/; proxy_set_header X-Forwarded-For $remote_addr; proxy_redirect off; } location /wantchoices/ { #auth_basic "Secure Zone"; #auth_basic_user_file ficpasswd; include /etc/nginx/auth.conf; rewrite ^/wantchoices/(.*)$ /wantchoices/$team/$1 break; proxy_pass http://fic-frontend:8080/; proxy_set_header X-Forwarded-For $remote_addr; proxy_redirect off; } location = /events.json { proxy_pass http://fic-admin:8081/api/events/; proxy_method GET; proxy_pass_request_body off; proxy_set_header Content-Length ""; proxy_set_header X-Forwarded-For $remote_addr; proxy_redirect off; proxy_cache STATIC; proxy_cache_valid 3s; } }