Commit 3948d6b1 by Amir Aharon

adding Profile file as env to front-end

parent 34a31d5d
upstream ui_server { server ui-api:8080; }
upstream ws_server { server srg:7681; }
upstream ps_server { server public-safety:50005; }
###upstream ic_ps_server { server public-safety-ic:50004; }
upstream otp_server { server ipgallery-mcz.com:8099; }
upstream kibana_server { server kibana:5601; }
upstream camera_stream { server 62.90.201.74:9081; }
upstream camera_api { server 62.90.201.74:9090; }
upstream public_safety_camera { server 24.172.188.211:16000; }
upstream transportation_server { server transportation:50035; }
upstream parking_server { server parking:50055; }
upstream analytics_server { server analytics:50080; }
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# client_max_body_size 0;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# List of application servers
#upstream ui_server {
# server 172.16.1.151:8080;
#}
#upstream ws_server {
# server 172.16.1.97:7681;
#}
#upstream ps_server {
# server 172.16.1.97:7681;
#}
server {
# new configuration for latest lets-encrypt support
# SSL configuration
#
# listen 443 ssl default_server;
# root /config/www;
# index index.html index.htm index.php;
server_name _;
# http listen
listen 80 default_server;
listen [::]:80 default_server;
# all ssl related config moved to ssl.conf
#include /config/nginx/ssl.conf;
client_max_body_size 0;
# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate /config/keys/letsencrypt/fullchain.pem;
ssl_certificate_key /config/letsencrypt//keys/privkey.pem;
# ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
# ssl_prefer_server_ciphers on;
root /usr/share/nginx/html;
index index.html index.htm;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
proxy_pass http://ws_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 400s;
if ($http_origin) {
set $cors "true";
}
if ($request_method = 'OPTIONS') {
set $cors "${cors}options";
add_header 'Access-Control-Allow-Origin' $http_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'GET') {
set $cors "${cors}get";
add_header 'Access-Control-Allow-Origin' $http_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
}
if ($request_method = 'POST') {
set $cors "${cors}post";
add_header 'Access-Control-Allow-Origin' $http_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
}
if ($cors = "trueget") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
}
if ($cors = "truepost") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
}
if ($cors = "trueoptions") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
add_header 'Content-Length' 0;
add_header 'Content-Type' 'text/plain charset=UTF-8';
return 204;
}
}
# Client
location = /app {
root /usr/share/nginx/html/app;
#return 301 /$scheme://localhost/app/index.html;
}
location /mcweb/ {
alias /opt/mcz/;
}
# SRG
location /srg {
proxy_pass http://ws_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
# mqtt
location /mqtt {
rewrite /mqtt / break;
proxy_pass http://mqtt:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
# UI Server
location ~ ^/control/app/(.*)\.htm$ {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/app/api/async/ {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/app/Profiles {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/app/PushRegistration {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
location ~ ^/control/app/user_images/* {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/ui/ {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://ui_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/publicSafety {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://ps_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# location ~ ^/control/ic-public-safety {
# rewrite ^/control/(.*) /$1 break;
# proxy_pass http://ic_ps_server;
# proxy_set_header Host $host:$server_port;
# proxy_set_header X-Real-IP $remote_addr;
# }
# UI Server
location ~ ^/control/public-safety {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://ps_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Open Trip Planner Server
location ~ ^/client/otp/routers {
rewrite ^/client/(.*) /$1 break;
proxy_pass http://otp_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Kibana Server
location ~ (/app/kibana|^/bundles/|/kibana4|/status|^/plugins|^/elasticsearch|^/api/xpack|^/api/monitoring|^/api/reporting|^/api/security) {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://kibana_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header Authorization "Basic ZWxhc3RpYzpjaGFuZ2VtZQ==";
rewrite /kibana/#/(.*)$ /$1 break;
}
# Kibana Server - cont.
location ~ (^/ui/fonts|^/control/api/timelion|^/control/api/console|^/es_admin) {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://kibana_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header Authorization "Basic ZWxhc3RpYzpjaGFuZ2VtZQ==";
rewrite /kibana/#/(.*)$ /$1 break;
}
# Grafana Server
location /grafana/ {
proxy_pass http://grafana:3000/;
}
# predictions
location /predictions/ {
proxy_pass http://predictions:50065/;
}
# activities
location /activities/ {
proxy_pass http://activities:50070/;
}
# reports
location /reports/ {
add_header "Access-Control-Allow-Origin" "*";
proxy_pass http://reports:50075/;
}
# analytics
location /analytics/ {
add_header "Access-Control-Allow-Origin" "*";
proxy_pass http://analytics:50080/;
}
# alerts
location /alerts/ {
add_header "Access-Control-Allow-Origin" "*";
proxy_pass http://alerts:50090/;
}
# services
location /services/ {
add_header "Access-Control-Allow-Origin" "*";
proxy_pass http://scp:10010/;
}
# heatmap3d
location /map3d/ {
proxy_pass http://172.16.1.72:8080/;
}
# Camera Stream
location ~ /streetCamera {
rewrite ^/(.*) /videostream.cgi?user=admin&pwd=giptmgr break;
proxy_pass http://camera_stream;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Camera API
location ~ ^/api/cam/ {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://camera_api;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Public Safety Camera
location ~ /polCamera {
rewrite ^/(.*) /control/faststream.jpg?stream=full&stream=MxPEG&fps=10 break;
proxy_pass https://public_safety_camera;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
# return 301 http://24.172.188.211:16000/control/faststream.jpg?stream=full&stream=MxPEG&fps=10;
}
# Trafice Lanes
location ~ ^/control/transportation/ {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://transportation_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Parking Spots
location ~ ^/control/parking/ {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://parking_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Web Control Center
location ~ ^/control {
rewrite /control/(.*)$ /$1 break;
proxy_pass http://ui-web-control;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Web Client
location ~ ^/client/transportation/ {
rewrite ^/client/(.*) /$1 break;
proxy_pass http://transportation_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
location ~ ^/client {
rewrite ^/client/(.*)$ /$1 break;
proxy_pass http://ui-web-client;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Web Driver
location ~ ^/driver {
rewrite ^/driver/(.*)$ /$1 break;
proxy_pass http://ui-web-driver;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# New Control-Center
location ~ (^/center|^/static) {
rewrite ^/center/(.*)$ /$1 break;
proxy_pass http://control-center;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI - old images
location ~ ^/ui {
proxy_pass http://ui_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# cms server
location /cms/ {
proxy_pass https://municipalitybank.com:8085/;
}
location /ride-service/ {
proxy_pass http://159.65.83.13:10010/;
}
location /polling/ {
proxy_pass http://159.65.83.13:8085/;
}
}
include /usr/share/nginx/modules/*.conf;
#load_module /etc/nginx/modules/ngx_http_lua_module.so;
upstream ui_server { server ui-api:8080; }
upstream ws_server { server srg:7681; }
upstream ps_server { server public-safety:50005; }
###upstream ic_ps_server { server public-safety-ic:50004; }
upstream otp_server { server ipgallery-mcz.com:8099; }
upstream kibana_server { server kibana:5601; }
upstream camera_stream { server 62.90.201.74:9081; }
upstream camera_api { server 62.90.201.74:9090; }
upstream public_safety_camera { server 24.172.188.211:16000; }
upstream transportation_server { server transportation:50035; }
upstream parking_server { server parking:50055; }
upstream analytics_server { server analytics:50080; }
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# client_max_body_size 0;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# List of application servers
#upstream ui_server {
# server 172.16.1.151:8080;
#}
#upstream ws_server {
# server 172.16.1.97:7681;
#}
#upstream ps_server {
# server 172.16.1.97:7681;
#}
server {
# env PROFILE_FILE_NAME;
set_by_lua $profile_file_name 'return os.getenv("PROFILE_FILE_NAME")';
# new configuration for latest lets-encrypt support
# SSL configuration
#
# listen 443 ssl default_server;
# root /config/www;
# index index.html index.htm index.php;
server_name _;
# http listen
listen 80 default_server;
listen [::]:80 default_server;
# all ssl related config moved to ssl.conf
#include /config/nginx/ssl.conf;
client_max_body_size 0;
# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate /config/keys/letsencrypt/fullchain.pem;
ssl_certificate_key /config/letsencrypt//keys/privkey.pem;
# ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
# ssl_prefer_server_ciphers on;
root /usr/share/nginx/html;
index index.html index.htm;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
proxy_pass http://ws_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 400s;
if ($http_origin) {
set $cors "true";
}
if ($request_method = 'OPTIONS') {
set $cors "${cors}options";
add_header 'Access-Control-Allow-Origin' $http_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'GET') {
set $cors "${cors}get";
add_header 'Access-Control-Allow-Origin' $http_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
}
if ($request_method = 'POST') {
set $cors "${cors}post";
add_header 'Access-Control-Allow-Origin' $http_origin;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
}
if ($cors = "trueget") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
}
if ($cors = "truepost") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
}
if ($cors = "trueoptions") {
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
add_header 'Content-Length' 0;
add_header 'Content-Type' 'text/plain charset=UTF-8';
return 204;
}
}
# Client
location = /app {
root /usr/share/nginx/html/app;
#return 301 /$scheme://localhost/app/index.html;
}
location /mcweb/ {
alias /opt/mcz/;
}
# SRG
location /srg {
proxy_pass http://ws_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
# mqtt
location /mqtt {
rewrite /mqtt / break;
proxy_pass http://mqtt:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
# UI Server
location ~ ^/control/app/(.*)\.htm$ {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/app/api/async/ {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/app/Profiles {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/app/PushRegistration {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
location ~ ^/control/app/user_images/* {
rewrite ^/control/app/(.*) /ui$1 break;
proxy_pass http://ui_server/ui/$1?$args;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/ui/ {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://ui_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI Server
location ~ ^/control/publicSafety {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://ps_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# location ~ ^/control/ic-public-safety {
# rewrite ^/control/(.*) /$1 break;
# proxy_pass http://ic_ps_server;
# proxy_set_header Host $host:$server_port;
# proxy_set_header X-Real-IP $remote_addr;
# }
# UI Server
location ~ ^/control/public-safety {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://ps_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Open Trip Planner Server
location ~ ^/client/otp/routers {
rewrite ^/client/(.*) /$1 break;
proxy_pass http://otp_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Kibana Server
location ~ (/app/kibana|^/bundles/|/kibana4|/status|^/plugins|^/elasticsearch|^/api/xpack|^/api/monitoring|^/api/reporting|^/api/security) {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://kibana_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header Authorization "Basic ZWxhc3RpYzpjaGFuZ2VtZQ==";
rewrite /kibana/#/(.*)$ /$1 break;
}
# Kibana Server - cont.
location ~ (^/ui/fonts|^/control/api/timelion|^/control/api/console|^/es_admin) {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://kibana_server;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header Authorization "Basic ZWxhc3RpYzpjaGFuZ2VtZQ==";
rewrite /kibana/#/(.*)$ /$1 break;
}
# Grafana Server
location /grafana/ {
proxy_pass http://grafana:3000/;
}
# predictions
location /predictions/ {
proxy_pass http://predictions:50065/;
}
# activities
location /activities/ {
proxy_pass http://activities:50070/;
}
# reports
location /reports/ {
add_header "Access-Control-Allow-Origin" "*";
proxy_pass http://reports:50075/;
}
# analytics
location /analytics/ {
add_header "Access-Control-Allow-Origin" "*";
proxy_pass http://analytics:50080/;
}
# alerts
location /alerts/ {
add_header "Access-Control-Allow-Origin" "*";
proxy_pass http://alerts:50090/;
}
# services
location /services/ {
add_header "Access-Control-Allow-Origin" "*";
proxy_pass http://scp:10010/;
}
# heatmap3d
location /map3d/ {
proxy_pass http://172.16.1.72:8080/;
}
# Camera Stream
location ~ /streetCamera {
rewrite ^/(.*) /videostream.cgi?user=admin&pwd=giptmgr break;
proxy_pass http://camera_stream;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Camera API
location ~ ^/api/cam/ {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://camera_api;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Public Safety Camera
location ~ /polCamera {
rewrite ^/(.*) /control/faststream.jpg?stream=full&stream=MxPEG&fps=10 break;
proxy_pass https://public_safety_camera;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
# return 301 http://24.172.188.211:16000/control/faststream.jpg?stream=full&stream=MxPEG&fps=10;
}
# Trafice Lanes
location ~ ^/control/transportation/ {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://transportation_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Parking Spots
location ~ ^/control/parking/ {
rewrite ^/control/(.*) /$1 break;
proxy_pass http://parking_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Web Control Center
location ~ ^/control {
rewrite /control/(.*)$ /$1 break;
proxy_pass http://ui-web-control;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Web Client
location ~ ^/client/transportation/ {
rewrite ^/client/(.*) /$1 break;
proxy_pass http://transportation_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
location ~ ^/client {
rewrite ^/client/(.*)$ /$1 break;
proxy_pass http://ui-web-client;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# Web Driver
location ~ ^/driver {
rewrite ^/driver/(.*)$ /$1 break;
proxy_pass http://ui-web-driver;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# New Control-Center
location ~ (^/center|^/static) {
rewrite ^/center/(.*)$ /$1 break;
proxy_pass http://control-center;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# UI - old images
location ~ ^/ui {
proxy_pass http://ui_server;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
}
# cms server
location /cms/ {
proxy_pass https://municipalitybank.com:8085/;
}
# cms server
location /profiles/profile.json {
# proxy_pass https://municipalitybank.com:8085/s/38DT6ptK3WL0NYi/download;
proxy_pass https://municipalitybank.com:8085/s/$profile_file_name/download;
}
location /ride-service/ {
proxy_pass http://159.65.83.13:10010/;
}
location /polling/ {
proxy_pass http://159.65.83.13:8085/;
}
}
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
env PROFILE_FILE_NAME;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
......@@ -3,8 +3,8 @@ services:
### UI-WEB-CONTROL (NGINX + WEB)
ui-web-control:
environment:
OTP_SERVER: "otp:8081"
KIBANA_SERVER: "elk:5601"
OTP_SERVER: "ipgallery-mcz.com:8099"
KIBANA_SERVER: "kibana:5601"
CAMERA_STREAM: "62.90.201.74:9081"
CAMERA_API: "62.90.201.74:9090"
PUBLIC_SAFETY_CAMERA: "24.172.188.211:16000"
......@@ -14,20 +14,32 @@ services:
UI_SERVER_HOSTPORT: "ui-api:8080"
PUBLIC_SAFETY_IC_PORT_50004_TCP_ADDR: "public-safety-ic"
SRG_SERVER_HOSTPORT: "srg:7681"
image: municipalitybank.com:5050/mcx/ui-web/control-center:15-ac1b3bf
#image: municipalitybank.com:5050/mcx/ui-web:control-center-4-bcf87bc0003a3ed214fabb45e684bb837bb593ef
image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:43-da07258
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:41-485bdaa
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:40-5dfdcda
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:39-ffad3bf
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:38-1048a5b
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:37-a980cf0
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:36-c942063
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:35-43efe5b
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:34-47bf4a9
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:33-9b31cf8
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:32-968ff76
# image: municipalitybank.com:5050/mcx/ui-web/control-center-v2:30-8b4e45a
volumes:
- "/opt/mcx/config/repo/public-safety:/usr/share/nginx/html/repo/public-safety"
networks:
- backend
### UI-WEB-CLIENT (NGINX + WEB)
ui-web-client:
image: municipalitybank.com:5050/mcx/ui-web/client:21-dfcfa2d
image: municipalitybank.com:5050/mcx/ui-web/client:28-6d88ee7
# image: municipalitybank.com:5050/mcx/ui-web/client:27-d55dad3
# image: municipalitybank.com:5050/mcx/ui-web/client:21-dfcfa2d
#image: municipalitybank.com:5050/mcx/ui-web:client-8-dea10d499084c4340ed08dd3bedc54a62e127965
# image: 172.16.1.212:5050/mcx/ui-web:client-25-fc74e8fe1b9cf7fbca90ad3b4da9fc3187bf4d1e
environment:
OTP_SERVER: "otp:8081"
KIBANA_SERVER: "elk:5601"
OTP_SERVER: "ipgallery-mcz.com:8099"
KIBANA_SERVER: "kibana:5601"
CAMERA_STREAM: "62.90.201.74:9081"
CAMERA_API: "62.90.201.74:9090"
PUBLIC_SAFETY_CAMERA: "24.172.188.211:16000"
......@@ -41,11 +53,12 @@ services:
- backend
### UI-WEB-DRIVER (NGINX + WEB)
ui-web-driver:
image: municipalitybank.com:5050/ipgallery.web/driver:2-8af1450
# image: 172.16.1.212:5050/mcx/ui-web:driver-11-0a1f26cdf30b6734909f9c815a0b98c83b1a2c01
image: municipalitybank.com:5050/mcx/ui-web:driver-2-963a1f8b75479192f5de29eb797422e67102fdbb
# image: municipalitybank.com:5050/mcx/ui-web:driver-2-963a1f8b75479192f5de29eb797422e67102fdbb
environment:
OTP_SERVER: "otp:8081"
KIBANA_SERVER: "elk:5601"
OTP_SERVER: "ipgallery-mcz.com:8099"
KIBANA_SERVER: "kibana:5601"
CAMERA_STREAM: "62.90.201.74:9081"
CAMERA_API: "62.90.201.74:9090"
PUBLIC_SAFETY_CAMERA: "24.172.188.211:16000"
......@@ -57,11 +70,36 @@ services:
SRG_SERVER_HOSTPORT: "srg:7681"
networks:
- backend
## CONTROL-CENTER-NEW
control-center:
image: municipalitybank.com:5050/ipgallery.web/control-center:52-3a16cae
# image: municipalitybank.com:5050/ipgallery.web/control-center:51-b52ae5d
# image: municipalitybank.com:5050/ipgallery.web/control-center:50-d2832a9
# image: municipalitybank.com:5050/ipgallery.web/control-center:49-3699a0e
# image: municipalitybank.com:5050/ipgallery.web/control-center:48-2035470
# image: municipalitybank.com:5050/ipgallery.web/control-center:45-dfc8e44
# image: municipalitybank.com:5050/ipgallery.web/control-center:44-cd53f18
# image: municipalitybank.com:5050/ipgallery.web/control-center:44-cd53f18
# image: municipalitybank.com:5050/ipgallery.web/control-center:43-d617167
# image: municipalitybank.com:5050/ipgallery.web/control-center:42-6af9c7a
# image: municipalitybank.com:5050/ipgallery.web/control-center:38-e011a84
# image: municipalitybank.com:5050/ipgallery.web/control-center:36-ccb08f4
# image: municipalitybank.com:5050/ipgallery.web/control-center:34-969ced1
# image: municipalitybank.com:5050/ipgallery.web/control-center:33-6d624c9
# image: municipalitybank.com:5050/ipgallery.web/control-center:32-1182ad7
# image: municipalitybank.com:5050/ipgallery.web/control-center:31-cdab784
# image: municipalitybank.com:5050/ipgallery.web/control-center:30-3f6ec96
# image: municipalitybank.com:5050/ipgallery.web/control-center:25-39b1f5d
networks:
- backend
## FRONT END
front-end:
image: firesh/nginx-lua
# image: nginx
environment:
OTP_SERVER: "otp:8081"
KIBANA_SERVER: "elk:5601"
OTP_SERVER: "ipgallery-mcz.com:8099"
KIBANA_SERVER: "kibana:5601"
CAMERA_STREAM: "62.90.201.74:9081"
CAMERA_API: "62.90.201.74:9090"
PUBLIC_SAFETY_CAMERA: "24.172.188.211:16000"
......@@ -73,21 +111,55 @@ services:
PUBLIC_SAFETY_IC_PORT_50004_TCP_ADDR: "public-safety-ic"
SRG_PORT_7681_TCP_ADDR: "srg"
SRG_PORT_7681_TCP_PORT: "7681"
PGID: "911"
PUID: "911"
ONLY_SUBDOMAINS: "false"
URL: "ipgallery-mcz.com"
TZ: "Israel"
image: municipalitybank.com:5050/mcx/front-end:19-d2f0bbb
# image: municipalitybank.com:5050/mcx/front-end/develop-new-letsencrypt
# image: municipalitybank.com:5050/mcx/front-end:18-c45b301
PROFILE_FILE_NAME: "38DT6ptK3WL0NYi"
ports:
- "80:80"
- "443:443"
volumes:
- "/opt/mcz/config-letsencrypt/:/config:rw"
- "/opt/mcz/config-letsencrypt/tmp:/var/tmp/nginx:rw"
- "/opt/mcz/config-letsencrypt/:/config"
- "/opt/mcx/config/front-end/default:/etc/nginx/conf.d"
- "/opt/mcx/config/front-end/nginx.conf:/etc/nginx/nginx.conf"
- "/tmp/log:/var/log/nginx"
extra_hosts:
- "mqtt:172.16.1.80"
- "grafana:172.16.1.80"
- "kibana:172.16.1.80"
# - "scp:172.16.1.244"
networks:
- backend
## FRONT END
# front-end:
# environment:
# OTP_SERVER: "ipgallery-mcz.com:8099"
# KIBANA_SERVER: "kibana:5601"
# CAMERA_STREAM: "62.90.201.74:9081"
# CAMERA_API: "62.90.201.74:9090"
# PUBLIC_SAFETY_CAMERA: "24.172.188.211:16000"
# TRANSPORTATION_SERVER: "transportation:50035"
# PARKING_SERVER: "parking:50055"
# PUBLIC_SAFETY_PORT_50005_TCP_ADDR: "public-safety"
# PUBLIC_SAFETY_PORT_50005_TCP_PORT: "50005"
# UI_API_PORT_8080_TCP_ADDR: "ui-api"
# PUBLIC_SAFETY_IC_PORT_50004_TCP_ADDR: "public-safety-ic"
# SRG_PORT_7681_TCP_ADDR: "srg"
# SRG_PORT_7681_TCP_PORT: "7681"
# PGID: "911"
# PUID: "911"
# ONLY_SUBDOMAINS: "false"
# URL: "ipgallery-mcz.com"
# TZ: "Israel"
# MAKE_CERT: "false"
# image: municipalitybank.com:5050/mcx/front-end:26-29ece50
## image: municipalitybank.com:5050/mcx/front-end:24-ebb7806
# ports:
# - "443:443"
# volumes:
# - "/opt/mcz/config-letsencrypt/:/config:rw"
# - "/opt/mcz/config-letsencrypt/tmp:/var/tmp/nginx:rw"
## extra_hosts:
## - "grafana:172.16.1.244"
# networks:
# - backend
networks:
backend:
driver: bridge
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment