Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
ipgallery
/
devops
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Registry
Issues
0
Merge Requests
0
Wiki
Settings
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
3948d6b1
authored
Feb 03, 2020
by
Amir Aharon
Browse files
Options
_('Browse Files')
Download
Email Patches
Plain Diff
adding Profile file as env to front-end
parent
34a31d5d
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
957 additions
and
22 deletions
config/local-testing/front-end/default.conf.org
config/local-testing/front-end/default/default.conf
config/local-testing/front-end/nginx.conf
config/local-testing/mcx-frontend.yml
config/local-testing/front-end/default.conf.org
0 → 100644
View file @
3948d6b1
upstream ui_server { server ui-api:8080; }
upstream ws_server { server srg:7681; }
upstream ps_server { server public-safety:50005; }
###upstream ic_ps_server { server public-safety-ic:50004; }
upstream otp_server { server ipgallery-mcz.com:8099; }
upstream kibana_server { server kibana:5601; }
upstream camera_stream { server 62.90.201.74:9081; }
upstream camera_api { server 62.90.201.74:9090; }
upstream public_safety_camera { server 24.172.188.211:16000; }
upstream transportation_server { server transportation:50035; }
upstream parking_server { server parking:50055; }
upstream analytics_server { server analytics:50080; }
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# client_max_body_size 0;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# List of application servers
#upstream ui_server {
# server 172.16.1.151:8080;
#}
#upstream ws_server {
# server 172.16.1.97:7681;
#}
#upstream ps_server {
# server 172.16.1.97:7681;
#}
server {
# new configuration for latest lets-encrypt support
# SSL configuration
#
# listen 443 ssl default_server;
# root /config/www;
# index index.html index.htm index.php;
server_name _;
# http listen
listen 80 default_server;
listen [::]:80 default_server;
# all ssl related config moved to ssl.conf
#include /config/nginx/ssl.conf;
client_max_body_size 0;
# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate /config/keys/letsencrypt/fullchain.pem;
ssl_certificate_key /config/letsencrypt//keys/privkey.pem;
# ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
# ssl_prefer_server_ciphers on;
root /usr/share/nginx/html;
index index.html index.htm;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
proxy_pass http://ws_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 400s;
if ($http_origin) {
set $cors "true";
}
if ($request_method = 'OPTIONS') {
set $cors "${cors}options";
add_header 'Access-Control-Allow-Origin' $http_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'GET') {
set $cors "${cors}get";
add_header 'Access-Control-Allow-Origin' $http_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
}
if ($request_method = 'POST') {
set $cors "${cors}post";
add_header 'Access-Control-Allow-Origin' $http_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
}
if ($cors = "trueget") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
}
if ($cors = "truepost") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
}
if ($cors = "trueoptions") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
add_header 'Content-Length' 0;
add_header 'Content-Type' 'text/plain charset=UTF-8';
return 204;
}
}
# Client
location = /app {
root /usr/share/nginx/html/app;
#return 301 /$scheme://localhost/app/index.html;
}
location /mcweb/ {
alias /opt/mcz/;
}
# SRG
location /srg {
proxy_pass http://ws_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
# mqtt
location /mqtt {
rewrite /mqtt / break;
proxy_pass http://mqtt:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
# UI Server
location ~ ^/control/app/(.*)\.htm$ {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/app/api/async/ {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/app/Profiles {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/app/PushRegistration {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
location ~ ^/control/app/user_images/* {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/ui/ {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://ui_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/publicSafety {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://ps_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# location ~ ^/control/ic-public-safety {
# rewrite ^/control/(.*) /$1 break;
# proxy_pass http://ic_ps_server;
# proxy_set_header Host $host:$server_port;
# proxy_set_header X-Real-IP $remote_addr;
# }
# UI Server
location ~ ^/control/public-safety {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://ps_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Open Trip Planner Server
location ~ ^/client/otp/routers {
rewrite ^/client/(.*) /$1 break;
proxy_pass http://otp_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Kibana Server
location ~ (/app/kibana|^/bundles/|/kibana4|/status|^/plugins|^/elasticsearch|^/api/xpack|^/api/monitoring|^/api/reporting|^/api/security) {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://kibana_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header Authorization "Basic ZWxhc3RpYzpjaGFuZ2VtZQ==";
rewrite /kibana/#/(.*)$ /$1 break;
}
# Kibana Server - cont.
location ~ (^/ui/fonts|^/control/api/timelion|^/control/api/console|^/es_admin) {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://kibana_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header Authorization "Basic ZWxhc3RpYzpjaGFuZ2VtZQ==";
rewrite /kibana/#/(.*)$ /$1 break;
}
# Grafana Server
location /grafana/ {
proxy_pass http://grafana:3000/;
}
# predictions
location /predictions/ {
proxy_pass http://predictions:50065/;
}
# activities
location /activities/ {
proxy_pass http://activities:50070/;
}
# reports
location /reports/ {
add_header "Access-Control-Allow-Origin" "*";
proxy_pass http://reports:50075/;
}
# analytics
location /analytics/ {
add_header "Access-Control-Allow-Origin" "*";
proxy_pass http://analytics:50080/;
}
# alerts
location /alerts/ {
add_header "Access-Control-Allow-Origin" "*";
proxy_pass http://alerts:50090/;
}
# services
location /services/ {
add_header "Access-Control-Allow-Origin" "*";
proxy_pass http://scp:10010/;
}
# heatmap3d
location /map3d/ {
proxy_pass http://172.16.1.72:8080/;
}
# Camera Stream
location ~ /streetCamera {
rewrite ^/(.*) /videostream.cgi?user=admin&pwd=giptmgr break;
proxy_pass http://camera_stream;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Camera API
location ~ ^/api/cam/ {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://camera_api;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Public Safety Camera
location ~ /polCamera {
rewrite ^/(.*) /control/faststream.jpg?stream=full&stream=MxPEG&fps=10 break;
proxy_pass https://public_safety_camera;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
# return 301 http://24.172.188.211:16000/control/faststream.jpg?stream=full&stream=MxPEG&fps=10;
}
# Trafice Lanes
location ~ ^/control/transportation/ {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://transportation_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Parking Spots
location ~ ^/control/parking/ {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://parking_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Web Control Center
location ~ ^/control {
rewrite /control/(.*)$ /$1 break;
proxy_pass http://ui-web-control;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Web Client
location ~ ^/client/transportation/ {
rewrite ^/client/(.*) /$1 break;
proxy_pass http://transportation_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
location ~ ^/client {
rewrite ^/client/(.*)$ /$1 break;
proxy_pass http://ui-web-client;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Web Driver
location ~ ^/driver {
rewrite ^/driver/(.*)$ /$1 break;
proxy_pass http://ui-web-driver;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# New Control-Center
location ~ (^/center|^/static) {
rewrite ^/center/(.*)$ /$1 break;
proxy_pass http://control-center;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI - old images
location ~ ^/ui {
proxy_pass http://ui_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# cms server
location /cms/ {
proxy_pass https://municipalitybank.com:8085/;
}
location /ride-service/ {
proxy_pass http://159.65.83.13:10010/;
}
location /polling/ {
proxy_pass http://159.65.83.13:8085/;
}
}
config/local-testing/front-end/default/default.conf
0 → 100644
View file @
3948d6b1
include
/
usr
/
share
/
nginx
/
modules
/*.
conf
;
#load_module /etc/nginx/modules/ngx_http_lua_module.so;
upstream
ui_server
{
server
ui
-
api
:
8080
; }
upstream
ws_server
{
server
srg
:
7681
; }
upstream
ps_server
{
server
public
-
safety
:
50005
; }
###upstream ic_ps_server { server public-safety-ic:50004; }
upstream
otp_server
{
server
ipgallery
-
mcz
.
com
:
8099
; }
upstream
kibana_server
{
server
kibana
:
5601
; }
upstream
camera_stream
{
server
62
.
90
.
201
.
74
:
9081
; }
upstream
camera_api
{
server
62
.
90
.
201
.
74
:
9090
; }
upstream
public_safety_camera
{
server
24
.
172
.
188
.
211
:
16000
; }
upstream
transportation_server
{
server
transportation
:
50035
; }
upstream
parking_server
{
server
parking
:
50055
; }
upstream
analytics_server
{
server
analytics
:
50080
; }
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# client_max_body_size 0;
map
$
http_upgrade
$
connection_upgrade
{
default
upgrade
;
''
close
;
}
# List of application servers
#upstream ui_server {
# server 172.16.1.151:8080;
#}
#upstream ws_server {
# server 172.16.1.97:7681;
#}
#upstream ps_server {
# server 172.16.1.97:7681;
#}
server
{
# env PROFILE_FILE_NAME;
set_by_lua
$
profile_file_name
'return os.getenv("PROFILE_FILE_NAME")'
;
# new configuration for latest lets-encrypt support
# SSL configuration
#
# listen 443 ssl default_server;
# root /config/www;
# index index.html index.htm index.php;
server_name
_
;
# http listen
listen
80
default_server
;
listen
[::]:
80
default_server
;
# all ssl related config moved to ssl.conf
#include /config/nginx/ssl.conf;
client_max_body_size
0
;
# SSL configuration
#
listen
443
ssl
default_server
;
listen
[::]:
443
ssl
default_server
;
ssl_certificate
/
config
/
keys
/
letsencrypt
/
fullchain
.
pem
;
ssl_certificate_key
/
config
/
letsencrypt
//
keys
/
privkey
.
pem
;
# ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
# ssl_prefer_server_ciphers on;
root
/
usr
/
share
/
nginx
/
html
;
index
index
.
html
index
.
htm
;
location
/ {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files
$
uri
$
uri
/ =
404
;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
proxy_pass
http
://
ws_server
;
proxy_http_version
1
.
1
;
proxy_set_header
Upgrade
$
http_upgrade
;
proxy_set_header
Connection
$
connection_upgrade
;
proxy_read_timeout
400
s
;
if
($
http_origin
) {
set
$
cors
"true"
;
}
if
($
request_method
=
'OPTIONS'
) {
set
$
cors
"${cors}options"
;
add_header
'Access-Control-Allow-Origin'
$
http_origin
;
add_header
'Access-Control-Allow-Credentials'
'true'
;
add_header
'Access-Control-Allow-Methods'
'GET, POST, OPTIONS'
;
add_header
'Access-Control-Allow-Headers'
'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'
;
add_header
'Access-Control-Max-Age'
1728000
;
add_header
'Content-Type'
'text/plain charset=UTF-8'
;
add_header
'Content-Length'
0
;
return
204
;
}
if
($
request_method
=
'GET'
) {
set
$
cors
"${cors}get"
;
add_header
'Access-Control-Allow-Origin'
$
http_origin
;
add_header
'Access-Control-Allow-Credentials'
'true'
;
add_header
'Access-Control-Allow-Methods'
'GET, POST, OPTIONS'
;
}
if
($
request_method
=
'POST'
) {
set
$
cors
"${cors}post"
;
add_header
'Access-Control-Allow-Origin'
$
http_origin
;
add_header
'Access-Control-Allow-Credentials'
'true'
;
add_header
'Access-Control-Allow-Methods'
'GET, POST, OPTIONS'
;
}
if
($
cors
=
"trueget"
) {
add_header
'Access-Control-Allow-Origin'
"$http_origin"
;
add_header
'Access-Control-Allow-Credentials'
'true'
;
}
if
($
cors
=
"truepost"
) {
add_header
'Access-Control-Allow-Origin'
"$http_origin"
;
add_header
'Access-Control-Allow-Credentials'
'true'
;
}
if
($
cors
=
"trueoptions"
) {
add_header
'Access-Control-Allow-Origin'
"$http_origin"
;
add_header
'Access-Control-Allow-Credentials'
'true'
;
add_header
'Access-Control-Max-Age'
1728000
;
add_header
'Access-Control-Allow-Methods'
'GET, POST, OPTIONS'
;
add_header
'Access-Control-Allow-Headers'
'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'
;
add_header
'Content-Length'
0
;
add_header
'Content-Type'
'text/plain charset=UTF-8'
;
return
204
;
}
}
# Client
location
= /
app
{
root
/
usr
/
share
/
nginx
/
html
/
app
;
#return 301 /$scheme://localhost/app/index.html;
}
location
/
mcweb
/ {
alias
/
opt
/
mcz
/;
}
# SRG
location
/
srg
{
proxy_pass
http
://
ws_server
;
proxy_http_version
1
.
1
;
proxy_set_header
Upgrade
$
http_upgrade
;
proxy_set_header
Connection
$
connection_upgrade
;
}
# mqtt
location
/
mqtt
{
rewrite
/
mqtt
/
break
;
proxy_pass
http
://
mqtt
:
8080
;
proxy_http_version
1
.
1
;
proxy_set_header
Upgrade
$
http_upgrade
;
proxy_set_header
Connection
$
connection_upgrade
;
}
# UI Server
location
~ ^/
control
/
app
/(.*)\.
htm
$ {
rewrite
^/
control
/
app
/(.*) /
ui
$
1
break
;
proxy_pass
http
://
ui_server
/
ui
/$
1
?$
args
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# UI Server
location
~ ^/
control
/
app
/
api
/
async
/ {
rewrite
^/
control
/
app
/(.*) /
ui
$
1
break
;
proxy_pass
http
://
ui_server
/
ui
/$
1
?$
args
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# UI Server
location
~ ^/
control
/
app
/
Profiles
{
rewrite
^/
control
/
app
/(.*) /
ui
$
1
break
;
proxy_pass
http
://
ui_server
/
ui
/$
1
?$
args
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# UI Server
location
~ ^/
control
/
app
/
PushRegistration
{
rewrite
^/
control
/
app
/(.*) /
ui
$
1
break
;
proxy_pass
http
://
ui_server
/
ui
/$
1
?$
args
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
location
~ ^/
control
/
app
/
user_images
/* {
rewrite
^/
control
/
app
/(.*) /
ui
$
1
break
;
proxy_pass
http
://
ui_server
/
ui
/$
1
?$
args
;
proxy_set_header
Host
$
host
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# UI Server
location
~ ^/
control
/
ui
/ {
rewrite
^/
control
/(.*) /$
1
break
;
proxy_pass
http
://
ui_server
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# UI Server
location
~ ^/
control
/
publicSafety
{
rewrite
^/
control
/(.*) /$
1
break
;
proxy_pass
http
://
ps_server
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# location ~ ^/control/ic-public-safety {
# rewrite ^/control/(.*) /$1 break;
# proxy_pass http://ic_ps_server;
# proxy_set_header Host $host:$server_port;
# proxy_set_header X-Real-IP $remote_addr;
# }
# UI Server
location
~ ^/
control
/
public
-
safety
{
rewrite
^/
control
/(.*) /$
1
break
;
proxy_pass
http
://
ps_server
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# Open Trip Planner Server
location
~ ^/
client
/
otp
/
routers
{
rewrite
^/
client
/(.*) /$
1
break
;
proxy_pass
http
://
otp_server
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# Kibana Server
location
~ (/
app
/
kibana
|^/
bundles
/|/
kibana4
|/
status
|^/
plugins
|^/
elasticsearch
|^/
api
/
xpack
|^/
api
/
monitoring
|^/
api
/
reporting
|^/
api
/
security
) {
rewrite
^/
control
/(.*) /$
1
break
;
proxy_pass
http
://
kibana_server
;
proxy_http_version
1
.
1
;
proxy_set_header
Upgrade
$
http_upgrade
;
proxy_set_header
Connection
"upgrade"
;
proxy_set_header
Host
$
host
;
proxy_set_header
Authorization
"Basic ZWxhc3RpYzpjaGFuZ2VtZQ=="
;
rewrite
/
kibana
/
#/(.*)$ /$1 break;
}
# Kibana Server - cont.
location
~ (^/
ui
/
fonts
|^/
control
/
api
/
timelion
|^/
control
/
api
/
console
|^/
es_admin
) {
rewrite
^/
control
/(.*) /$
1
break
;
proxy_pass
http
://
kibana_server
;
proxy_http_version
1
.
1
;
proxy_set_header
Upgrade
$
http_upgrade
;
proxy_set_header
Connection
"upgrade"
;
proxy_set_header
Host
$
host
;
proxy_set_header
Authorization
"Basic ZWxhc3RpYzpjaGFuZ2VtZQ=="
;
rewrite
/
kibana
/
#/(.*)$ /$1 break;
}
# Grafana Server
location
/
grafana
/ {
proxy_pass
http
://
grafana
:
3000
/;
}
# predictions
location
/
predictions
/ {
proxy_pass
http
://
predictions
:
50065
/;
}
# activities
location
/
activities
/ {
proxy_pass
http
://
activities
:
50070
/;
}
# reports
location
/
reports
/ {
add_header
"Access-Control-Allow-Origin"
"*"
;
proxy_pass
http
://
reports
:
50075
/;
}
# analytics
location
/
analytics
/ {
add_header
"Access-Control-Allow-Origin"
"*"
;
proxy_pass
http
://
analytics
:
50080
/;
}
# alerts
location
/
alerts
/ {
add_header
"Access-Control-Allow-Origin"
"*"
;
proxy_pass
http
://
alerts
:
50090
/;
}
# services
location
/
services
/ {
add_header
"Access-Control-Allow-Origin"
"*"
;
proxy_pass
http
://
scp
:
10010
/;
}
# heatmap3d
location
/
map3d
/ {
proxy_pass
http
://
172
.
16
.
1
.
72
:
8080
/;
}
# Camera Stream
location
~ /
streetCamera
{
rewrite
^/(.*) /
videostream
.
cgi
?
user
=
admin
&
pwd
=
giptmgr
break
;
proxy_pass
http
://
camera_stream
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# Camera API
location
~ ^/
api
/
cam
/ {
rewrite
^/
control
/(.*) /$
1
break
;
proxy_pass
http
://
camera_api
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# Public Safety Camera
location
~ /
polCamera
{
rewrite
^/(.*) /
control
/
faststream
.
jpg
?
stream
=
full
&
stream
=
MxPEG
&
fps
=
10
break
;
proxy_pass
https
://
public_safety_camera
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
# return 301 http://24.172.188.211:16000/control/faststream.jpg?stream=full&stream=MxPEG&fps=10;
}
# Trafice Lanes
location
~ ^/
control
/
transportation
/ {
rewrite
^/
control
/(.*) /$
1
break
;
proxy_pass
http
://
transportation_server
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# Parking Spots
location
~ ^/
control
/
parking
/ {
rewrite
^/
control
/(.*) /$
1
break
;
proxy_pass
http
://
parking_server
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# Web Control Center
location
~ ^/
control
{
rewrite
/
control
/(.*)$ /$
1
break
;
proxy_pass
http
://
ui
-
web
-
control
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# Web Client
location
~ ^/
client
/
transportation
/ {
rewrite
^/
client
/(.*) /$
1
break
;
proxy_pass
http
://
transportation_server
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
location
~ ^/
client
{
rewrite
^/
client
/(.*)$ /$
1
break
;
proxy_pass
http
://
ui
-
web
-
client
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# Web Driver
location
~ ^/
driver
{
rewrite
^/
driver
/(.*)$ /$
1
break
;
proxy_pass
http
://
ui
-
web
-
driver
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# New Control-Center
location
~ (^/
center
|^/
static
) {
rewrite
^/
center
/(.*)$ /$
1
break
;
proxy_pass
http
://
control
-
center
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# UI - old images
location
~ ^/
ui
{
proxy_pass
http
://
ui_server
;
proxy_set_header
Host
$
host
:$
server_port
;
proxy_set_header
X
-
Real
-
IP
$
remote_addr
;
}
# cms server
location
/
cms
/ {
proxy_pass
https
://
municipalitybank
.
com
:
8085
/;
}
# cms server
location
/
profiles
/
profile
.
json
{
# proxy_pass https://municipalitybank.com:8085/s/38DT6ptK3WL0NYi/download;
proxy_pass
https
://
municipalitybank
.
com
:
8085
/
s
/$
profile_file_name
/
download
;
}
location
/
ride
-
service
/ {
proxy_pass
http
://
159
.
65
.
83
.
13
:
10010
/;
}
location
/
polling
/ {
proxy_pass
http
://
159
.
65
.
83
.
13
:
8085
/;
}
}
config/local-testing/front-end/nginx.conf
0 → 100644
View file @
3948d6b1
user
nginx
;
worker_processes
1
;
error_log
/var/log/nginx/error.log
warn
;
pid
/var/run/nginx.pid
;
env
PROFILE_FILE_NAME
;
events
{
worker_connections
1024
;
}
http
{
include
/etc/nginx/mime.types
;
default_type
application/octet-stream
;
log_format
main
'
$remote_addr
-
$remote_user
[
$time_local
]
"
$request
"
'
'
$status
$body_bytes_sent
"
$http_referer
"
'
'"
$http_user_agent
"
"
$http_x_forwarded_for
"'
;
access_log
/var/log/nginx/access.log
main
;
sendfile
on
;
#tcp_nopush on;
keepalive_timeout
65
;
#gzip on;
include
/etc/nginx/conf.d/*.conf
;
}
config/local-testing/mcx-frontend.yml
View file @
3948d6b1
...
...
@@ -3,8 +3,8 @@ services:
### UI-WEB-CONTROL (NGINX + WEB)
ui-web-control
:
environment
:
OTP_SERVER
:
"
otp:8081
"
KIBANA_SERVER
:
"
elk
:5601"
OTP_SERVER
:
"
ipgallery-mcz.com:8099
"
KIBANA_SERVER
:
"
kibana
:5601"
CAMERA_STREAM
:
"
62.90.201.74:9081"
CAMERA_API
:
"
62.90.201.74:9090"
PUBLIC_SAFETY_CAMERA
:
"
24.172.188.211:16000"
...
...
@@ -14,20 +14,32 @@ services:
UI_SERVER_HOSTPORT
:
"
ui-api:8080"
PUBLIC_SAFETY_IC_PORT_50004_TCP_ADDR
:
"
public-safety-ic"
SRG_SERVER_HOSTPORT
:
"
srg:7681"
image
:
municipalitybank.com:5050/mcx/ui-web/control-center:15-ac1b3bf
#image: municipalitybank.com:5050/mcx/ui-web:control-center-4-bcf87bc0003a3ed214fabb45e684bb837bb593ef
image
:
municipalitybank.com:5050/mcx/ui-web/control-center-v2:43-da07258
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:41-485bdaa
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:40-5dfdcda
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:39-ffad3bf
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:38-1048a5b
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:37-a980cf0
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:36-c942063
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:35-43efe5b
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:34-47bf4a9
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:33-9b31cf8
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:32-968ff76
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:30-8b4e45a
volumes
:
-
"
/opt/mcx/config/repo/public-safety:/usr/share/nginx/html/repo/public-safety"
networks
:
-
backend
### UI-WEB-CLIENT (NGINX + WEB)
ui-web-client
:
image
:
municipalitybank.com:5050/mcx/ui-web/client:21-dfcfa2d
image
:
municipalitybank.com:5050/mcx/ui-web/client:28-6d88ee7
# image: municipalitybank.com:5050/mcx/ui-web/client:27-d55dad3
# image: municipalitybank.com:5050/mcx/ui-web/client:21-dfcfa2d
#image: municipalitybank.com:5050/mcx/ui-web:client-8-dea10d499084c4340ed08dd3bedc54a62e127965
# image: 172.16.1.212:5050/mcx/ui-web:client-25-fc74e8fe1b9cf7fbca90ad3b4da9fc3187bf4d1e
environment
:
OTP_SERVER
:
"
otp:8081
"
KIBANA_SERVER
:
"
elk
:5601"
OTP_SERVER
:
"
ipgallery-mcz.com:8099
"
KIBANA_SERVER
:
"
kibana
:5601"
CAMERA_STREAM
:
"
62.90.201.74:9081"
CAMERA_API
:
"
62.90.201.74:9090"
PUBLIC_SAFETY_CAMERA
:
"
24.172.188.211:16000"
...
...
@@ -41,11 +53,12 @@ services:
-
backend
### UI-WEB-DRIVER (NGINX + WEB)
ui-web-driver
:
image
:
municipalitybank.com:5050/ipgallery.web/driver:2-8af1450
# image: 172.16.1.212:5050/mcx/ui-web:driver-11-0a1f26cdf30b6734909f9c815a0b98c83b1a2c01
image
:
municipalitybank.com:5050/mcx/ui-web:driver-2-963a1f8b75479192f5de29eb797422e67102fdbb
#
image: municipalitybank.com:5050/mcx/ui-web:driver-2-963a1f8b75479192f5de29eb797422e67102fdbb
environment
:
OTP_SERVER
:
"
otp:8081
"
KIBANA_SERVER
:
"
elk
:5601"
OTP_SERVER
:
"
ipgallery-mcz.com:8099
"
KIBANA_SERVER
:
"
kibana
:5601"
CAMERA_STREAM
:
"
62.90.201.74:9081"
CAMERA_API
:
"
62.90.201.74:9090"
PUBLIC_SAFETY_CAMERA
:
"
24.172.188.211:16000"
...
...
@@ -57,11 +70,36 @@ services:
SRG_SERVER_HOSTPORT
:
"
srg:7681"
networks
:
-
backend
## CONTROL-CENTER-NEW
control-center
:
image
:
municipalitybank.com:5050/ipgallery.web/control-center:52-3a16cae
# image: municipalitybank.com:5050/ipgallery.web/control-center:51-b52ae5d
# image: municipalitybank.com:5050/ipgallery.web/control-center:50-d2832a9
# image: municipalitybank.com:5050/ipgallery.web/control-center:49-3699a0e
# image: municipalitybank.com:5050/ipgallery.web/control-center:48-2035470
# image: municipalitybank.com:5050/ipgallery.web/control-center:45-dfc8e44
# image: municipalitybank.com:5050/ipgallery.web/control-center:44-cd53f18
# image: municipalitybank.com:5050/ipgallery.web/control-center:44-cd53f18
# image: municipalitybank.com:5050/ipgallery.web/control-center:43-d617167
# image: municipalitybank.com:5050/ipgallery.web/control-center:42-6af9c7a
# image: municipalitybank.com:5050/ipgallery.web/control-center:38-e011a84
# image: municipalitybank.com:5050/ipgallery.web/control-center:36-ccb08f4
# image: municipalitybank.com:5050/ipgallery.web/control-center:34-969ced1
# image: municipalitybank.com:5050/ipgallery.web/control-center:33-6d624c9
# image: municipalitybank.com:5050/ipgallery.web/control-center:32-1182ad7
# image: municipalitybank.com:5050/ipgallery.web/control-center:31-cdab784
# image: municipalitybank.com:5050/ipgallery.web/control-center:30-3f6ec96
# image: municipalitybank.com:5050/ipgallery.web/control-center:25-39b1f5d
networks
:
-
backend
## FRONT END
front-end
:
image
:
firesh/nginx-lua
# image: nginx
environment
:
OTP_SERVER
:
"
otp:8081
"
KIBANA_SERVER
:
"
elk
:5601"
OTP_SERVER
:
"
ipgallery-mcz.com:8099
"
KIBANA_SERVER
:
"
kibana
:5601"
CAMERA_STREAM
:
"
62.90.201.74:9081"
CAMERA_API
:
"
62.90.201.74:9090"
PUBLIC_SAFETY_CAMERA
:
"
24.172.188.211:16000"
...
...
@@ -73,21 +111,55 @@ services:
PUBLIC_SAFETY_IC_PORT_50004_TCP_ADDR
:
"
public-safety-ic"
SRG_PORT_7681_TCP_ADDR
:
"
srg"
SRG_PORT_7681_TCP_PORT
:
"
7681"
PGID
:
"
911"
PUID
:
"
911"
ONLY_SUBDOMAINS
:
"
false"
URL
:
"
ipgallery-mcz.com"
TZ
:
"
Israel"
image
:
municipalitybank.com:5050/mcx/front-end:19-d2f0bbb
# image: municipalitybank.com:5050/mcx/front-end/develop-new-letsencrypt
# image: municipalitybank.com:5050/mcx/front-end:18-c45b301
PROFILE_FILE_NAME
:
"
38DT6ptK3WL0NYi"
ports
:
-
"
80:80"
-
"
443:443"
volumes
:
-
"
/opt/mcz/config-letsencrypt/:/config:rw"
-
"
/opt/mcz/config-letsencrypt/tmp:/var/tmp/nginx:rw"
-
"
/opt/mcz/config-letsencrypt/:/config"
-
"
/opt/mcx/config/front-end/default:/etc/nginx/conf.d"
-
"
/opt/mcx/config/front-end/nginx.conf:/etc/nginx/nginx.conf"
-
"
/tmp/log:/var/log/nginx"
extra_hosts
:
-
"
mqtt:172.16.1.80"
-
"
grafana:172.16.1.80"
-
"
kibana:172.16.1.80"
# - "scp:172.16.1.244"
networks
:
-
backend
## FRONT END
# front-end:
# environment:
# OTP_SERVER: "ipgallery-mcz.com:8099"
# KIBANA_SERVER: "kibana:5601"
# CAMERA_STREAM: "62.90.201.74:9081"
# CAMERA_API: "62.90.201.74:9090"
# PUBLIC_SAFETY_CAMERA: "24.172.188.211:16000"
# TRANSPORTATION_SERVER: "transportation:50035"
# PARKING_SERVER: "parking:50055"
# PUBLIC_SAFETY_PORT_50005_TCP_ADDR: "public-safety"
# PUBLIC_SAFETY_PORT_50005_TCP_PORT: "50005"
# UI_API_PORT_8080_TCP_ADDR: "ui-api"
# PUBLIC_SAFETY_IC_PORT_50004_TCP_ADDR: "public-safety-ic"
# SRG_PORT_7681_TCP_ADDR: "srg"
# SRG_PORT_7681_TCP_PORT: "7681"
# PGID: "911"
# PUID: "911"
# ONLY_SUBDOMAINS: "false"
# URL: "ipgallery-mcz.com"
# TZ: "Israel"
# MAKE_CERT: "false"
# image: municipalitybank.com:5050/mcx/front-end:26-29ece50
## image: municipalitybank.com:5050/mcx/front-end:24-ebb7806
# ports:
# - "443:443"
# volumes:
# - "/opt/mcz/config-letsencrypt/:/config:rw"
# - "/opt/mcz/config-letsencrypt/tmp:/var/tmp/nginx:rw"
## extra_hosts:
## - "grafana:172.16.1.244"
# networks:
# - backend
networks
:
backend
:
driver
:
bridge
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment