From 62f77e3d4249301810b874b070e655feca809502 Mon Sep 17 00:00:00 2001 From: Arvindh <30824765+arvindh123@users.noreply.github.com> Date: Tue, 21 Jan 2025 21:29:48 +0530 Subject: [PATCH] NOISSUE - Update Nginx conf (#49) Signed-off-by: Arvindh --- docker/nginx/nginx-key.conf | 96 ++++++++---------------------------- docker/nginx/nginx-x509.conf | 94 ++++++++--------------------------- 2 files changed, 41 insertions(+), 149 deletions(-) diff --git a/docker/nginx/nginx-key.conf b/docker/nginx/nginx-key.conf index 70acf211f..7fdce7d55 100644 --- a/docker/nginx/nginx-key.conf +++ b/docker/nginx/nginx-key.conf @@ -57,134 +57,80 @@ http { add_header Access-Control-Allow-Methods '*'; add_header Access-Control-Allow-Headers '*'; - location ~ ^/(channels)/(.+)/(things)/(.+) { - include snippets/proxy-headers.conf; - add_header Access-Control-Expose-Headers Location; - proxy_pass http://things:${MG_THINGS_HTTP_PORT}; - } - # Proxy pass to users & groups id to things service for listing of channels - # /users/{userID}/channels - Listing of channels belongs to userID - # /groups/{userGroupID}/channels - Listing of channels belongs to userGroupID - location ~ ^/(users|groups)/(.+)/(channels|things) { - include snippets/proxy-headers.conf; - add_header Access-Control-Expose-Headers Location; - if ($request_method = GET) { - proxy_pass http://things:${MG_THINGS_HTTP_PORT}; - break; - } - proxy_pass http://users:${MG_USERS_HTTP_PORT}; - } - - # Proxy pass to channel id to users service for listing of channels - # /channels/{channelID}/users - Listing of Users belongs to channelID - # /channels/{channelID}/groups - Listing of User Groups belongs to channelID - location ~ ^/(channels|things)/(.+)/(users|groups) { - include snippets/proxy-headers.conf; - add_header Access-Control-Expose-Headers Location; - if ($request_method = GET) { - proxy_pass http://users:${MG_USERS_HTTP_PORT}; - break; - } - proxy_pass http://things:${MG_THINGS_HTTP_PORT}; - } - - # Proxy pass to user id to auth service for listing of domains - # /users/{userID}/domains - Listing of Domains belongs to userID - location ~ ^/(users)/(.+)/(domains) { - include snippets/proxy-headers.conf; - add_header Access-Control-Expose-Headers Location; - if ($request_method = GET) { - proxy_pass http://auth:${MG_AUTH_HTTP_PORT}; - break; - } - proxy_pass http://users:${MG_USERS_HTTP_PORT}; - } - - # Proxy pass to domain id to users service for listing of users - # /domains/{domainID}/users - Listing of Users belongs to domainID - location ~ ^/(domains)/(.+)/(users) { - include snippets/proxy-headers.conf; - add_header Access-Control-Expose-Headers Location; - if ($request_method = GET) { - proxy_pass http://users:${MG_USERS_HTTP_PORT}; - break; - } - proxy_pass http://auth:${MG_AUTH_HTTP_PORT}; - } - - - # Proxy pass to auth service + # Proxy pass to domains service location ~ ^/(domains) { include snippets/proxy-headers.conf; add_header Access-Control-Expose-Headers Location; - proxy_pass http://auth:${MG_AUTH_HTTP_PORT}; + proxy_pass http://domains:${SMQ_DOMAINS_HTTP_PORT}; } # Proxy pass to users service - location ~ ^/(users|groups|password|authorize|oauth/callback/[^/]+) { + location ~ ^/(users|password|authorize|oauth/callback/[^/]+) { include snippets/proxy-headers.conf; add_header Access-Control-Expose-Headers Location; - proxy_pass http://users:${MG_USERS_HTTP_PORT}; + proxy_pass http://users:${SMQ_USERS_HTTP_PORT}; } - location ^~ /users/policies { + # Proxy pass to groups service + location ~ "^/([a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12})/(groups)" { include snippets/proxy-headers.conf; add_header Access-Control-Expose-Headers Location; - proxy_pass http://users:${MG_USERS_HTTP_PORT}/policies; + proxy_pass http://groups:${SMQ_GROUPS_HTTP_PORT}; } - # Proxy pass to things service - location ~ ^/(things|channels|connect|disconnect|identify) { + # Proxy pass to clients service + location ~ "^/([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})/(clients)" { include snippets/proxy-headers.conf; add_header Access-Control-Expose-Headers Location; - proxy_pass http://things:${MG_THINGS_HTTP_PORT}; + proxy_pass http://clients:${SMQ_CLIENTS_HTTP_PORT}; } - location ^~ /things/policies { + # Proxy pass to channels service + location ~ "^/([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})/(channels)" { include snippets/proxy-headers.conf; add_header Access-Control-Expose-Headers Location; - proxy_pass http://things:${MG_THINGS_HTTP_PORT}/policies; + proxy_pass http://channels:${SMQ_CHANNELS_HTTP_PORT}; } # Proxy pass to invitations service location ~ ^/(invitations) { include snippets/proxy-headers.conf; add_header Access-Control-Expose-Headers Location; - proxy_pass http://invitations:${MG_INVITATIONS_HTTP_PORT}; + proxy_pass http://invitations:${SMQ_INVITATIONS_HTTP_PORT}; } location /health { include snippets/proxy-headers.conf; - proxy_pass http://things:${MG_THINGS_HTTP_PORT}; + proxy_pass http://clients:${SMQ_CLIENTS_HTTP_PORT}; } location /metrics { include snippets/proxy-headers.conf; - proxy_pass http://things:${MG_THINGS_HTTP_PORT}; + proxy_pass http://clients:${SMQ_CLIENTS_HTTP_PORT}; } - # Proxy pass to magistrala-http-adapter + # Proxy pass to http-adapter location /http/ { include snippets/proxy-headers.conf; # Trailing `/` is mandatory. Refer to the http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass # If the proxy_pass directive is specified with a URI, then when a request is passed to the server, # the part of a normalized request URI matching the location is replaced by a URI specified in the directive - proxy_pass http://http-adapter:${MG_HTTP_ADAPTER_PORT}/; + proxy_pass http://http-adapter:${SMQ_HTTP_ADAPTER_PORT}/; } - # Proxy pass to magistrala-mqtt-adapter over WS + # Proxy pass to mqtt-adapter over WS location /mqtt { include snippets/proxy-headers.conf; include snippets/ws-upgrade.conf; proxy_pass http://mqtt_ws_cluster; } - # Proxy pass to magistrala-ws-adapter + # Proxy pass to ws-adapter location /ws/ { include snippets/proxy-headers.conf; include snippets/ws-upgrade.conf; - proxy_pass http://ws-adapter:${MG_WS_ADAPTER_HTTP_PORT}/; + proxy_pass http://ws-adapter:${SMQ_WS_ADAPTER_HTTP_PORT}/; } } } diff --git a/docker/nginx/nginx-x509.conf b/docker/nginx/nginx-x509.conf index bcf6b2eb9..305aead87 100644 --- a/docker/nginx/nginx-x509.conf +++ b/docker/nginx/nginx-x509.conf @@ -66,113 +66,59 @@ http { add_header Access-Control-Allow-Methods '*'; add_header Access-Control-Allow-Headers '*'; - location ~ ^/(channels)/(.+)/(things)/(.+) { - include snippets/proxy-headers.conf; - add_header Access-Control-Expose-Headers Location; - proxy_pass http://things:${MG_THINGS_HTTP_PORT}; - } - # Proxy pass to users & groups id to things service for listing of channels - # /users/{userID}/channels - Listing of channels belongs to userID - # /groups/{userGroupID}/channels - Listing of channels belongs to userGroupID - location ~ ^/(users|groups)/(.+)/(channels|things) { - include snippets/proxy-headers.conf; - add_header Access-Control-Expose-Headers Location; - if ($request_method = GET) { - proxy_pass http://things:${MG_THINGS_HTTP_PORT}; - break; - } - proxy_pass http://users:${MG_USERS_HTTP_PORT}; - } - - # Proxy pass to channel id to users service for listing of channels - # /channels/{channelID}/users - Listing of Users belongs to channelID - # /channels/{channelID}/groups - Listing of User Groups belongs to channelID - location ~ ^/(channels|things)/(.+)/(users|groups) { - include snippets/proxy-headers.conf; - add_header Access-Control-Expose-Headers Location; - if ($request_method = GET) { - proxy_pass http://users:${MG_USERS_HTTP_PORT}; - break; - } - proxy_pass http://things:${MG_THINGS_HTTP_PORT}; - } - - # Proxy pass to user id to auth service for listing of domains - # /users/{userID}/domains - Listing of Domains belongs to userID - location ~ ^/(users)/(.+)/(domains) { - include snippets/proxy-headers.conf; - add_header Access-Control-Expose-Headers Location; - if ($request_method = GET) { - proxy_pass http://auth:${MG_AUTH_HTTP_PORT}; - break; - } - proxy_pass http://users:${MG_USERS_HTTP_PORT}; - } - - # Proxy pass to domain id to users service for listing of users - # /domains/{domainID}/users - Listing of Users belongs to domainID - location ~ ^/(domains)/(.+)/(users) { - include snippets/proxy-headers.conf; - add_header Access-Control-Expose-Headers Location; - if ($request_method = GET) { - proxy_pass http://users:${MG_USERS_HTTP_PORT}; - break; - } - proxy_pass http://auth:${MG_AUTH_HTTP_PORT}; - } - - - # Proxy pass to auth service + # Proxy pass to domains service location ~ ^/(domains) { include snippets/proxy-headers.conf; add_header Access-Control-Expose-Headers Location; - proxy_pass http://auth:${MG_AUTH_HTTP_PORT}; + proxy_pass http://domains:${SMQ_DOMAINS_HTTP_PORT}; } # Proxy pass to users service location ~ ^/(users|groups|password|authorize|oauth/callback/[^/]+) { include snippets/proxy-headers.conf; add_header Access-Control-Expose-Headers Location; - proxy_pass http://users:${MG_USERS_HTTP_PORT}; + proxy_pass http://users:${SMQ_USERS_HTTP_PORT}; } - location ^~ /users/policies { + # Proxy pass to groups service + location ~ "^/([a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12})/(groups)" { include snippets/proxy-headers.conf; add_header Access-Control-Expose-Headers Location; - proxy_pass http://users:${MG_USERS_HTTP_PORT}/policies; + proxy_pass http://groups:${SMQ_GROUPS_HTTP_PORT}; } - # Proxy pass to things service - location ~ ^/(things|channels|connect|disconnect|identify) { + # Proxy pass to clients service + location ~ "^/([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})/(clients)" { include snippets/proxy-headers.conf; add_header Access-Control-Expose-Headers Location; - proxy_pass http://things:${MG_THINGS_HTTP_PORT}; + proxy_pass http://clients:${SMQ_CLIENTS_HTTP_PORT}; } - location ^~ /things/policies { + # Proxy pass to channels service + location ~ "^/([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})/(channels)" { include snippets/proxy-headers.conf; add_header Access-Control-Expose-Headers Location; - proxy_pass http://things:${MG_THINGS_HTTP_PORT}/policies; + proxy_pass http://channels:${SMQ_CHANNELS_HTTP_PORT}; } # Proxy pass to invitations service location ~ ^/(invitations) { include snippets/proxy-headers.conf; add_header Access-Control-Expose-Headers Location; - proxy_pass http://invitations:${MG_INVITATIONS_HTTP_PORT}; + proxy_pass http://invitations:${SMQ_INVITATIONS_HTTP_PORT}; } location /health { include snippets/proxy-headers.conf; - proxy_pass http://things:${MG_THINGS_HTTP_PORT}; + proxy_pass http://clients:${SMQ_CLIENTS_HTTP_PORT}; } location /metrics { include snippets/proxy-headers.conf; - proxy_pass http://things:${MG_THINGS_HTTP_PORT}; + proxy_pass http://clients:${SMQ_CLIENTS_HTTP_PORT}; } - # Proxy pass to magistrala-http-adapter + # Proxy pass to http-adapter location /http/ { include snippets/verify-ssl-client.conf; include snippets/proxy-headers.conf; @@ -181,10 +127,10 @@ http { # Trailing `/` is mandatory. Refer to the http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass # If the proxy_pass directive is specified with a URI, then when a request is passed to the server, # the part of a normalized request URI matching the location is replaced by a URI specified in the directive - proxy_pass http://http-adapter:${MG_HTTP_ADAPTER_PORT}/; + proxy_pass http://http-adapter:${SMQ_HTTP_ADAPTER_PORT}/; } - # Proxy pass to magistrala-mqtt-adapter over WS + # Proxy pass to mqtt-adapter over WS location /mqtt { include snippets/verify-ssl-client.conf; include snippets/proxy-headers.conf; @@ -192,12 +138,12 @@ http { proxy_pass http://mqtt_ws_cluster; } - # Proxy pass to magistrala-ws-adapter + # Proxy pass to ws-adapter location /ws/ { include snippets/verify-ssl-client.conf; include snippets/proxy-headers.conf; include snippets/ws-upgrade.conf; - proxy_pass http://ws-adapter:${MG_WS_ADAPTER_HTTP_PORT}/; + proxy_pass http://ws-adapter:${SMQ_WS_ADAPTER_HTTP_PORT}/; } } }