From 93dcd7c32fb48c28d0158a8b15d54cfd20fcf22a Mon Sep 17 00:00:00 2001 From: Patrick Jentsch Date: Tue, 28 Jan 2020 14:38:58 +0100 Subject: [PATCH] Make this ting scaleable --- docker-compose.yml | 6 ++---- nginx-proxy/vhost.d/nopaque.localhost | 18 ++++++++++++++++++ 2 files changed, 20 insertions(+), 4 deletions(-) create mode 100644 nginx-proxy/vhost.d/nopaque.localhost diff --git a/docker-compose.yml b/docker-compose.yml index 3a055d3c..d39bcbc2 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -14,16 +14,14 @@ services: image: jwilder/nginx-proxy:latest volumes: - /var/run/docker.sock:/tmp/docker.sock:ro - - ./my_proxy.conf:/etc/nginx/conf.d/my_proxy.conf:ro + - ./nginx-proxy/vhost.d:/etc/nginx/vhost.d:ro # - ./certs:/etc/nginx/certs web: depends_on: - db - redis deploy: - placement: - constraints: - - node.role == manager + replicas: 25 environment: - VIRTUAL_HOST=nopaque.localhost,129.70.216.233 env_file: nopaque.env diff --git a/nginx-proxy/vhost.d/nopaque.localhost b/nginx-proxy/vhost.d/nopaque.localhost new file mode 100644 index 00000000..4350bfc9 --- /dev/null +++ b/nginx-proxy/vhost.d/nopaque.localhost @@ -0,0 +1,18 @@ +client_max_body_size 1024M; + +location /socket.io { + proxy_http_version 1.1; + proxy_buffering off; + proxy_set_header Host $http_host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $proxy_connection; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto; + proxy_set_header X-Forwarded-Ssl $proxy_x_forwarded_ssl; + proxy_set_header X-Forwarded-Port $proxy_x_forwarded_port; + + # Mitigate httpoxy attack (see README for details) + proxy_set_header Proxy ""; + proxy_pass http://opaque_web_1:5000; +}