-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnginx.conf.example
139 lines (114 loc) · 4.98 KB
/
nginx.conf.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
# Configure global proxy settings
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_address;
# Nakama gRPC API.
server {
listen 7349 ssl;
listen [::]:7349 ssl;
# Domain names this server should respond to.
server_name nakama.example.com;
# SSL certificate configuration.
ssl_certificate /etc/letsencrypt/live/nakama/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/nakama/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/nakama/chain.pem;
ssl_dhparam /etc/letsencrypt/dhparams/dhparam.pem;
location / {
proxy_pass http://nakama:7349;
}
}
# Nakama admin console.
server {
listen 7351 ssl;
listen [::]:7351 ssl;
# Domain names this server should respond to.
server_name nakama.example.com;
# SSL certificate configuration.
ssl_certificate /etc/letsencrypt/live/nakama/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/nakama/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/nakama/chain.pem;
ssl_dhparam /etc/letsencrypt/dhparams/dhparam.pem;
location / {
proxy_pass http://nakama:7351;
}
}
# Nakama HTTP API.
server {
listen 7350 ssl;
listen [::]:7350 ssl;
# Domain names this server should respond to.
server_name nakama.example.com;
# SSL certificate configuration.
ssl_certificate /etc/letsencrypt/live/nakama/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/nakama/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/nakama/chain.pem;
ssl_dhparam /etc/letsencrypt/dhparams/dhparam.pem;
location / {
# Enable CORS from anywhere with support for pre-flight requests.
# See: https://enable-cors.org/server_nginx.html
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization';
# Tell client that this pre-flight info is valid for 20 days
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'POST') {
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
}
if ($request_method = 'GET') {
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
}
proxy_pass http://nakama:7350;
}
location /ws {
# Enable CORS from anywhere with support for pre-flight requests.
# See: https://enable-cors.org/server_nginx.html
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization';
# Tell client that this pre-flight info is valid for 20 days
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'POST') {
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
}
if ($request_method = 'GET') {
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
}
proxy_pass http://nakama:7350/ws;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
# EchoRelay API
server {
listen 6789 ssl;
listen [::]:6789 ssl;
# Domain names this server should respond to.
server_name nakama.example.com;
# SSL certificate configuration.
ssl_certificate /etc/letsencrypt/live/nakama/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/nakama/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/nakama/chain.pem;
ssl_dhparam /etc/letsencrypt/dhparams/dhparam.pem;
location / {
proxy_pass http://nakama:7349;
}
}
# vim: ft=nginx