setup/start/nginx/nginx.conf

user www-data;

worker_processes  1;

pid /run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    # the collectd config depends on this log format
    log_format combined2 '$remote_addr - [$time_local] '
        '"$request" $status $body_bytes_sent $request_time '
        '"$http_referer" "$http_user_agent"';

    # required for long host names
    server_names_hash_bucket_size 128;

    access_log access.log combined2;

    sendfile        on;

    keepalive_timeout  65;

    # HTTP server
    server {
        listen      80;

        # collectd
        location /nginx_status {
            stub_status on;
            access_log off;
            allow 127.0.0.1;
            deny all;
        }

        # acme challenges
        location /.well-known/acme-challenge/ {
            default_type text/plain;
            alias /home/yellowtent/data/acme/;
        }

        location / {
            # redirect everything to HTTPS
            return 301 https://$host$request_uri;
        }
    }

    # We have to enable https for nginx to read in the vhost in http request
    # and send a 404. This is a side-effect of using wildcard DNS
    server {
        listen 443 default_server;
        ssl on;
        ssl_certificate      cert/host.cert;
        ssl_certificate_key  cert/host.key;

        # increase the proxy buffer sizes to not run into buffer issues (http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffers)
        proxy_buffer_size       128k;
        proxy_buffers           4 256k;
        proxy_busy_buffers_size 256k;

        # Disable check to allow unlimited body sizes
        client_max_body_size 0;

        error_page 404 = @fallback;
        location @fallback {
            internal;
            root /home/yellowtent/box/webadmin/dist;
            rewrite ^/$ /nakeddomain.html break;
        }

        location / {
            internal;
            root /home/yellowtent/box/webadmin/dist;
            rewrite ^/$ /nakeddomain.html break;
        }

        location /api/ {
            proxy_pass http://127.0.0.1:3000;
            client_max_body_size 1m;
        }
    }

    include applications/*.conf;
}
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`user www-data;`

			`worker_processes 1;`

			`pid /run/nginx.pid;`

			`events {`
			`worker_connections 1024;`
			`}`

			`http {`
			`include mime.types;`
			`default_type application/octet-stream;`

			`# the collectd config depends on this log format`
			`log_format combined2 '$remote_addr - [$time_local] '`
			`'"$request" $status $body_bytes_sent $request_time '`
			`'"$http_referer" "$http_user_agent"';`

Set server_names_hash_bucket_size e2e tests fail like so when the hostnames are long Thu, 23 Jul 2015 20:40:23 GMT box:apptask test8629 writing config to /home/yellowtent/data/nginx/applications/a3822f18-2f95-4b73-b8e9-2983dfcaae31.conf Thu, 23 Jul 2015 20:40:23 GMT box:shell.js reloadNginx execFile: /usr/bin/sudo -S /home/yellowtent/box/src/scripts/reloadnginx.sh Thu, 23 Jul 2015 20:40:24 GMT box:shell.js reloadNginx (stderr): nginx: [emerg] could not build the server_names_hash, you should increase server_names_hash_bucket_size: 64 Thu, 23 Jul 2015 20:40:24 GMT box:shell.js reloadNginx code: 1, signal: null Thu, 23 Jul 2015 20:40:24 GMT box:apptask test8629 error installing app: Error: Exited with error 1 signal null Thu, 23 Jul 2015 20:40:24 GMT box:apptask test8629 installationState: pending_install progress: 15, Configure nginx ^[[1m^[[31mERROR^[[39m^[[22m Exited with error 1 signal null ^[[1m[ /home/yellowtent/box/src/apptask.js:909:32 ]^[[22m ^[[32mstack: ^[[39m """ Error: Exited with error 1 signal null at ChildProcess.<anonymous> (/home/yellowtent/box/src/shell.js:38:53) at ChildProcess.emit (events.js:110:17) at Process.ChildProcess._handle.onexit (child_process.js:1074:12) """ ^[[32mmessage: ^[[39mExited with error 1 signal null 2015-07-23 13:54:57 -07:00			`# required for long host names`
Fix typo 2015-07-23 14:30:15 -07:00			`server_names_hash_bucket_size 128;`
Set server_names_hash_bucket_size e2e tests fail like so when the hostnames are long Thu, 23 Jul 2015 20:40:23 GMT box:apptask test8629 writing config to /home/yellowtent/data/nginx/applications/a3822f18-2f95-4b73-b8e9-2983dfcaae31.conf Thu, 23 Jul 2015 20:40:23 GMT box:shell.js reloadNginx execFile: /usr/bin/sudo -S /home/yellowtent/box/src/scripts/reloadnginx.sh Thu, 23 Jul 2015 20:40:24 GMT box:shell.js reloadNginx (stderr): nginx: [emerg] could not build the server_names_hash, you should increase server_names_hash_bucket_size: 64 Thu, 23 Jul 2015 20:40:24 GMT box:shell.js reloadNginx code: 1, signal: null Thu, 23 Jul 2015 20:40:24 GMT box:apptask test8629 error installing app: Error: Exited with error 1 signal null Thu, 23 Jul 2015 20:40:24 GMT box:apptask test8629 installationState: pending_install progress: 15, Configure nginx ^[[1m^[[31mERROR^[[39m^[[22m Exited with error 1 signal null ^[[1m[ /home/yellowtent/box/src/apptask.js:909:32 ]^[[22m ^[[32mstack: ^[[39m """ Error: Exited with error 1 signal null at ChildProcess.<anonymous> (/home/yellowtent/box/src/shell.js:38:53) at ChildProcess.emit (events.js:110:17) at Process.ChildProcess._handle.onexit (child_process.js:1074:12) """ ^[[32mmessage: ^[[39mExited with error 1 signal null 2015-07-23 13:54:57 -07:00
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`access_log access.log combined2;`

			`sendfile on;`

			`keepalive_timeout 65;`

			`# HTTP server`
			`server {`
			`listen 80;`

			`# collectd`
			`location /nginx_status {`
			`stub_status on;`
			`access_log off;`
			`allow 127.0.0.1;`
			`deny all;`
			`}`

serve acme directory from nginx 2015-12-08 19:04:48 -08:00			`# acme challenges`
			`location /.well-known/acme-challenge/ {`
set default response type to text/plain 2015-12-09 18:34:13 -08:00			`default_type text/plain;`
serve acme directory from nginx 2015-12-08 19:04:48 -08:00			`alias /home/yellowtent/data/acme/;`
			`}`

app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`location / {`
			`# redirect everything to HTTPS`
			`return 301 https://$host$request_uri;`
			`}`
			`}`

			`# We have to enable https for nginx to read in the vhost in http request`
			`# and send a 404. This is a side-effect of using wildcard DNS`
			`server {`
			`listen 443 default_server;`
			`ssl on;`
			`ssl_certificate cert/host.cert;`
			`ssl_certificate_key cert/host.key;`

Make /api available on just the IP We might want to also show something else than the naked domain placeholder page when just accessing the ip 2016-01-22 19:28:40 +01:00			`# increase the proxy buffer sizes to not run into buffer issues (http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffers)`
			`proxy_buffer_size 128k;`
			`proxy_buffers 4 256k;`
			`proxy_busy_buffers_size 256k;`

			`# Disable check to allow unlimited body sizes`
			`client_max_body_size 0;`

app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`error_page 404 = @fallback;`
			`location @fallback {`
			`internal;`
no need to template main nginx config 2015-12-10 13:54:53 -08:00			`root /home/yellowtent/box/webadmin/dist;`
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`rewrite ^/$ /nakeddomain.html break;`
			`}`

Make /api available on just the IP We might want to also show something else than the naked domain placeholder page when just accessing the ip 2016-01-22 19:28:40 +01:00			`location / {`
			`internal;`
			`root /home/yellowtent/box/webadmin/dist;`
			`rewrite ^/$ /nakeddomain.html break;`
			`}`

			`location /api/ {`
			`proxy_pass http://127.0.0.1:3000;`
			`client_max_body_size 1m;`
			`}`
app.portBindings and newManifest.tcpPorts may be null 2015-07-20 00:09:47 -07:00			`}`

			`include applications/*.conf;`
			`}`