ci: docker_tag=ext
This commit is contained in:
parent
eac5b7bba8
commit
d9d5bea4b3
@ -1,76 +0,0 @@
|
||||
# Variables d'environnement pour l'application back-end
|
||||
NODE_OPTIONS=--max-old-space-size=2048
|
||||
NODE_ENV=production
|
||||
|
||||
# Configuration IDNOT
|
||||
IDNOT_ANNUARY_BASE_URL=https://qual-api.notaires.fr/annuaire
|
||||
IDNOT_API_KEY='ba557f84-0bf6-4dbf-844f-df2767555e3e'
|
||||
IDNOT_CLIENT_ID=B3CE56353EDB15A9
|
||||
IDNOT_CLIENT_SECRET=3F733549E879878344B6C949B366BB5CDBB2DB5B7F7AB7EBBEBB0F0DD0776D1C
|
||||
# IDNOT_REDIRECT_URI=http://local.4nkweb.com:3004/authorized-client
|
||||
IDNOT_REDIRECT_URI=https://dev4.4nkweb.com/lecoffre/authorized-client
|
||||
IDNOT_TOKEN_URL=https://qual-connexion.idnot.fr/user/IdPOAuth2/token/idnot_idp_v1
|
||||
IDNOT_API_BASE_URL=https://qual-api.notaires.fr/annuaire
|
||||
|
||||
# Configuration OVH
|
||||
OVH_APP_KEY=5ab0709bbb65ef26
|
||||
OVH_APP_SECRET=de1fac1779d707d263a611a557cd5766
|
||||
OVH_CONSUMER_KEY=5fe817829b8a9c780cfa2354f8312ece
|
||||
OVH_SMS_SERVICE_NAME=sms-tt802880-1
|
||||
|
||||
# Configuration SMS Factor
|
||||
SMS_FACTOR_TOKEN=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI4NzgzNiIsImlhdCI6MTcwMTMzOTY1Mi45NDUzOH0.GNoqLb5MDBWuniNlQjbr1PKolwxGqBZe_tf4IMObvHw
|
||||
|
||||
# Configuration Mailchimp
|
||||
MAILCHIMP_API_KEY=md-VVfaml-ApIV4nsGgaJKl0A
|
||||
MAILCHIMP_KEY=3fa54304bc766dfd0b8043a827b28a3a-us17
|
||||
MAILCHIMP_LIST_ID=a48d9ad852
|
||||
|
||||
# Configuration Stripe
|
||||
STRIPE_SECRET_KEY=sk_test_51OwKmMP5xh1u9BqSeFpqw0Yr15hHtFsh0pvRGaE0VERhlYtvw33ND1qiGA6Dy1DPmmV61B6BqIimlhuv7bwElhjF00PLQwD60n
|
||||
STRIPE_WEBHOOK_SECRET=
|
||||
STRIPE_STANDARD_SUBSCRIPTION_PRICE_ID=price_1P66fuP5xh1u9BqSHj0O6Uy3
|
||||
STRIPE_STANDARD_ANNUAL_SUBSCRIPTION_PRICE_ID=price_1P9NsRP5xh1u9BqSFgkUDbQY
|
||||
STRIPE_UNLIMITED_SUBSCRIPTION_PRICE_ID=price_1P66RqP5xh1u9BqSuUzkQNac
|
||||
STRIPE_UNLIMITED_ANNUAL_SUBSCRIPTION_PRICE_ID=price_1P9NpKP5xh1u9BqSApFogvUB
|
||||
|
||||
# Configuration serveur
|
||||
APP_HOST=https://dev4.4nkweb.com/lecoffre
|
||||
# API_BASE_URL=https://demo.4nkweb.com/back
|
||||
API_BASE_URL=https://dev4.4nkweb.com/back
|
||||
# DEFAULT_STORAGE=https://demo.4nkweb.com/storage
|
||||
DEFAULT_STORAGE=https://dev4.4nkweb.com/storage
|
||||
|
||||
# Variables d'environnement pour l'application front-end
|
||||
# NEXT_PUBLIC_4NK_URL=http://demo.4nkweb.com/
|
||||
NEXT_PUBLIC_4NK_URL=https://dev4.4nkweb.com/
|
||||
# NEXT_PUBLIC_FRONT_APP_HOST=https://demo.4nkweb.com
|
||||
NEXT_PUBLIC_FRONT_APP_HOST=https://dev4.4nkweb.com/lecoffre
|
||||
NEXT_PUBLIC_IDNOT_BASE_URL=https://qual-connexion.idnot.fr
|
||||
NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=/IdPOAuth2/authorize/idnot_idp_v1
|
||||
NEXT_PUBLIC_IDNOT_CLIENT_ID=B3CE56353EDB15A9
|
||||
NEXT_PUBLIC_BACK_API_PROTOCOL=https
|
||||
NEXT_PUBLIC_BACK_API_HOST=dev4.4nkweb.com
|
||||
NEXT_PUBLIC_BACK_API_PORT=443
|
||||
NEXT_PUBLIC_BACK_API_ROOT_URL=/back
|
||||
NEXT_PUBLIC_BACK_API_VERSION=/v1
|
||||
# NEXT_PUBLIC_ANK_BASE_REDIRECT_URI='http://local.4nkweb.com:3004/authorized-client'
|
||||
NEXT_PUBLIC_ANK_BASE_REDIRECT_URI='https://dev4.4nkweb.com/lecoffre/authorized-client'
|
||||
NEXT_PUBLIC_TARGET_ORIGIN = https://dev4.4nkweb.com/lecoffre
|
||||
|
||||
NEXT_PUBLIC_DOCAPOSTE_API_URL=
|
||||
NEXT_PUBLIC_API_URL=https://dev4.4nkweb.com/back
|
||||
NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=
|
||||
NEXT_PUBLIC_DEFAULT_STORAGE_URLS=https://dev4.4nkweb.com/storage
|
||||
NEXT_PUBLIC_HOTJAR_SITE_ID=
|
||||
NEXT_PUBLIC_HOTJAR_VERSION=
|
||||
|
||||
# WS
|
||||
# RELAY_URLS=wss://demo.4nkweb.com/ws
|
||||
RELAY_URLS=wss://dev4.4nkweb.com/ws
|
||||
# SIGNER_WS_URL=https://dev4.4nkweb.com/signer/
|
||||
SIGNER_WS_URL=https://dev4.4nkweb.com/signer/
|
||||
|
||||
# IHM URLS
|
||||
# VITE_BOOTSTRAPURL=http://sdk_relay:8090/
|
||||
VITE_BOOTSTRAPURL=https://dev4.4nkweb.com/ws/
|
||||
24
.env.exemple
24
.env.exemple
@ -5,7 +5,7 @@ NODE_ENV=production
|
||||
# Configuration IDNOT
|
||||
IDNOT_ANNUARY_BASE_URL=https://qual-api.notaires.fr/annuaire
|
||||
# IDNOT_REDIRECT_URI=http://local.4nkweb.com:3004/authorized-client
|
||||
IDNOT_REDIRECT_URI=https://dev4.4nkweb.com/lecoffre/authorized-client
|
||||
IDNOT_REDIRECT_URI=http://local.4nkweb.com:3000/authorized-client
|
||||
IDNOT_TOKEN_URL=https://qual-connexion.idnot.fr/user/IdPOAuth2/token/idnot_idp_v1
|
||||
IDNOT_API_BASE_URL=https://qual-api.notaires.fr/annuaire
|
||||
|
||||
@ -24,34 +24,40 @@ NEXT_PUBLIC_FRONT_APP_HOST=https://dev4.4nkweb.com/lecoffre
|
||||
NEXT_PUBLIC_FRONT_APP_PORT=443
|
||||
NEXT_PUBLIC_IDNOT_BASE_URL=https://qual-connexion.idnot.fr
|
||||
NEXT_PUBLIC_IDNOT_AUTHORIZE_ENDPOINT=/IdPOAuth2/authorize/idnot_idp_v1
|
||||
NEXT_PUBLIC_BACK_API_PROTOCOL=https://
|
||||
NEXT_PUBLIC_BACK_API_PROTOCOL=https
|
||||
NEXT_PUBLIC_BACK_API_HOST=dev4.4nkweb.com
|
||||
NEXT_PUBLIC_BACK_API_PORT=443
|
||||
NEXT_PUBLIC_BACK_API_ROOT_URL=/back
|
||||
NEXT_PUBLIC_BACK_API_ROOT_URL=/api
|
||||
NEXT_PUBLIC_BACK_API_VERSION=v1
|
||||
# NEXT_PUBLIC_ANK_BASE_REDIRECT_URI='http://local.4nkweb.com:3004/authorized-client'
|
||||
NEXT_PUBLIC_ANK_BASE_REDIRECT_URI=https://dev4.4nkweb.com/lecoffre/authorized-client
|
||||
NEXT_PUBLIC_TARGET_ORIGIN=https://dev4.4nkweb.com/lecoffre
|
||||
NEXT_PUBLIC_4NK_IFRAME_URL=https://dev4.4nkweb.com
|
||||
NEXT_PUBLIC_IDNOT_REDIRECT_URI=http://local.lecoffreio.4nkweb:3000/authorized-client
|
||||
NEXT_PUBLIC_IDNOT_REDIRECT_URI=http://local.4nkweb.com:3000/authorized-client
|
||||
|
||||
NEXT_PUBLIC_DOCAPOSTE_API_URL=
|
||||
NEXT_PUBLIC_API_URL=https://dev4.4nkweb.com/back
|
||||
NEXT_PUBLIC_API_URL=https://dev4.4nkweb.com/api
|
||||
NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=28c9a3a8151bef545ebf700ca5222c63d0031ad593097e95c1de202464304a99
|
||||
NEXT_PUBLIC_DEFAULT_STORAGE_URLS=https://dev4.4nkweb.com/storage
|
||||
NEXT_PUBLIC_HOTJAR_SITE_ID=0
|
||||
NEXT_PUBLIC_HOTJAR_VERSION=1.0.9
|
||||
NEXT_PUBLIC_HOTJAR_VERSION=
|
||||
SIGNER_BASE_URL=https://dev3.4nkweb.com/signer/
|
||||
|
||||
# WS
|
||||
# RELAY_URLS=wss://demo.4nkweb.com/ws
|
||||
RELAY_URLS=wss://dev4.4nkweb.com/ws
|
||||
# SIGNER_WS_URL=https://dev4.4nkweb.com/signer/
|
||||
SIGNER_WS_URL=https://dev4.4nkweb.com/signer/
|
||||
SIGNER_WS_URL=https://dev3.4nkweb.com/signer/
|
||||
|
||||
|
||||
# IHM URLS
|
||||
# VITE_BOOTSTRAPURL=http://sdk_relay:8090/
|
||||
VITE_BOOTSTRAPURL=https://dev4.4nkweb.com/ws/
|
||||
|
||||
# Cartes de test Stripe
|
||||
SUCCES= 4242 4242 4242 4242 #Paiement réussi
|
||||
DECLINED= 4000 0025 0000 3155 #Paiement refusé
|
||||
|
||||
# ================================= /!\ sensible ========================
|
||||
|
||||
IDNOT_API_KEY=
|
||||
@ -79,4 +85,6 @@ STRIPE_WEBHOOK_SECRET=
|
||||
STRIPE_STANDARD_SUBSCRIPTION_PRICE_ID=
|
||||
STRIPE_STANDARD_ANNUAL_SUBSCRIPTION_PRICE_ID=
|
||||
STRIPE_UNLIMITED_SUBSCRIPTION_PRICE_ID=
|
||||
STRIPE_UNLIMITED_ANNUAL_SUBSCRIPTION_PRICE_ID=
|
||||
STRIPE_UNLIMITED_ANNUAL_SUBSCRIPTION_PRICE_ID=
|
||||
|
||||
SIGNER_API_KEY=your_signer_api_key_here
|
||||
@ -4,21 +4,8 @@ server {
|
||||
ssl_certificate /etc/letsencrypt/live/dev4.4nkweb.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/dev4.4nkweb.com/privkey.pem;
|
||||
include /etc/nginx/proxy_params;
|
||||
location = /lecoffre {
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
}
|
||||
location /lecoffre/ {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
}
|
||||
|
||||
# Root → ihm_client
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:3003;
|
||||
include /etc/nginx/proxy_params;
|
||||
@ -28,12 +15,59 @@ server {
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
location /lecoffre/_next/ {
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/;
|
||||
# lecoffre-front (préserver le préfixe)
|
||||
location = /lecoffre {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
location /lecoffre/ {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# Next.js assets sous basePath
|
||||
location /lecoffre/_next/webpack-hmr {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/webpack-hmr;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
location /lecoffre/_next/ {
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# signer (sdk_signer) avec support WebSocket
|
||||
location /signer/ {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_pass http://127.0.0.1:3001/;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_buffering off;
|
||||
}
|
||||
|
||||
# Next.js assets au root si nécessaire
|
||||
location /_next/ {
|
||||
proxy_pass http://127.0.0.2:3004/_next/;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,156 +1,337 @@
|
||||
# HTTP server for ACME and initial proxying
|
||||
# HTTP server for ACME and initial proxying
|
||||
server {
|
||||
server {
|
||||
listen 80;
|
||||
listen 80;
|
||||
server_name dev4.4nkweb.com;
|
||||
server_name dev4.4nkweb.com;
|
||||
|
||||
|
||||
# ACME HTTP-01 challenges
|
||||
# ACME HTTP-01 challenges
|
||||
location /.well-known/acme-challenge/ {
|
||||
location /.well-known/acme-challenge/ {
|
||||
root /var/www/letsencrypt;
|
||||
root /var/www/letsencrypt;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# ihm_client (root)
|
||||
# ihm_client (root)
|
||||
location / {
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:3003;
|
||||
proxy_pass http://127.0.0.1:3003;
|
||||
include /etc/nginx/proxy_params;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_http_version 1.1;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_read_timeout 300;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# Favicon (global)
|
||||
# Favicon (global)
|
||||
location = /favicon.ico {
|
||||
location = /favicon.ico {
|
||||
root /home/debian/lecoffre_node/conf/nginx/assets;
|
||||
try_files /favicon.ico =404;
|
||||
access_log off;
|
||||
expires 30d;
|
||||
}
|
||||
|
||||
# lecoffre-front
|
||||
location = /lecoffre {
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
location /lecoffre/ {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# Next.js assets and HMR under basePath
|
||||
location /lecoffre/_next/webpack-hmr {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/webpack-hmr;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
|
||||
location /lecoffre/_next/ {
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# Favicon sous /lecoffre
|
||||
location = /lecoffre/favicon.ico {
|
||||
root /home/debian/lecoffre_node/conf/nginx/assets;
|
||||
try_files /favicon.ico =404;
|
||||
try_files /favicon.ico =404;
|
||||
access_log off;
|
||||
access_log off;
|
||||
expires 30d;
|
||||
expires 30d;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# lecoffre-front
|
||||
# lecoffre-front
|
||||
location = /lecoffre {
|
||||
location = /lecoffre {
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre;
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre;
|
||||
include /etc/nginx/proxy_params;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
location /lecoffre/ {
|
||||
location /lecoffre/ {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# Next.js assets and HMR under basePath
|
||||
# Next.js assets and HMR under basePath
|
||||
location /lecoffre/_next/webpack-hmr {
|
||||
location /lecoffre/_next/webpack-hmr {
|
||||
proxy_http_version 1.1;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_buffering off;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/webpack-hmr;
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/webpack-hmr;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
location /lecoffre/_next/ {
|
||||
location /lecoffre/_next/ {
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/;
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/;
|
||||
include /etc/nginx/proxy_params;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# Favicon sous /lecoffre
|
||||
# Favicon sous /lecoffre
|
||||
location = /lecoffre/favicon.ico {
|
||||
location = /lecoffre/favicon.ico {
|
||||
root /home/debian/lecoffre_node/conf/nginx/assets;
|
||||
root /home/debian/lecoffre_node/conf/nginx/assets;
|
||||
try_files /favicon.ico =404;
|
||||
try_files /favicon.ico =404;
|
||||
access_log off;
|
||||
access_log off;
|
||||
expires 30d;
|
||||
expires 30d;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# Next.js assets (served at root by the app)
|
||||
# Next.js assets (served at root by the app)
|
||||
location /_next/ {
|
||||
location /_next/ {
|
||||
proxy_pass http://127.0.0.2:3004/_next/;
|
||||
proxy_pass http://127.0.0.2:3004/_next/;
|
||||
include /etc/nginx/proxy_params;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
|
||||
# lecoffre-back
|
||||
|
||||
# API backend
|
||||
# API backend
|
||||
location /back/ {
|
||||
proxy_pass http://127.0.0.1:8080/;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
rewrite ^\/back\/(.*)$ \/api\/\1 break;
|
||||
proxy_pass http:\/\/127.0.0.1:8080;
|
||||
location /back/ {
|
||||
location /back/ {
|
||||
rewrite ^\/back\/(.*)$ \/api\/\1 break;
|
||||
proxy_pass http:\/\/127.0.0.1:8080;
|
||||
location /back/ {
|
||||
proxy_pass http://127.0.0.1:8080/back/;
|
||||
proxy_http_version 1.1;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header Connection "";
|
||||
proxy_set_header Connection "";
|
||||
proxy_buffering off;
|
||||
proxy_buffering off;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# API alias → même backend que /back
|
||||
# API alias → même backend que /back
|
||||
location /api/ {
|
||||
location /api/ {
|
||||
proxy_pass http://127.0.0.1:8080/;
|
||||
proxy_pass http://127.0.0.1:8080/;
|
||||
include /etc/nginx/proxy_params;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# blindbit
|
||||
# blindbit
|
||||
location /blindbit/ {
|
||||
location /blindbit/ {
|
||||
proxy_pass http://127.0.0.1:8000/;
|
||||
proxy_pass http://127.0.0.1:8000/;
|
||||
include /etc/nginx/proxy_params;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
|
||||
# signer (sdk_signer)
|
||||
|
||||
# signer (sdk_signer) avec support WebSocket
|
||||
# signer (sdk_signer) avec support WebSocket
|
||||
location /signer/ {
|
||||
location /signer/ {
|
||||
proxy_http_version 1.1;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_pass http://127.0.0.1:3001/;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
proxy_pass http://127.0.0.1:3001/;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_buffering off;
|
||||
proxy_buffering off;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# storage (sdk_storage)
|
||||
# storage (sdk_storage)
|
||||
location /storage/ {
|
||||
location /storage/ {
|
||||
proxy_pass http://127.0.0.1:8081/;
|
||||
proxy_pass http://127.0.0.1:8081/;
|
||||
include /etc/nginx/proxy_params;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# WebSocket relay on /ws → 8090
|
||||
location = /ws {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.1:8090/;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
|
||||
location /ws/ {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_buffering off;
|
||||
# Strip /ws prefix when proxying to backend root
|
||||
proxy_pass http://127.0.0.1:8090/;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
|
||||
# Next.js HMR websocket for lecoffre-front
|
||||
location /_next/webpack-hmr {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.2:3004/_next/webpack-hmr;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# WebSocket relay on /ws → 8090
|
||||
# WebSocket relay on /ws → 8090
|
||||
location = /ws {
|
||||
location = /ws {
|
||||
proxy_http_version 1.1;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_buffering off;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.1:8090/;
|
||||
proxy_pass http://127.0.0.1:8090/;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
location /ws/ {
|
||||
location /ws/ {
|
||||
proxy_http_version 1.1;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_buffering off;
|
||||
proxy_buffering off;
|
||||
# Strip /ws prefix when proxying to backend root
|
||||
# Strip /ws prefix when proxying to backend root
|
||||
proxy_pass http://127.0.0.1:8090/;
|
||||
proxy_pass http://127.0.0.1:8090/;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# Next.js HMR websocket for lecoffre-front
|
||||
# Next.js HMR websocket for lecoffre-front
|
||||
location /_next/webpack-hmr {
|
||||
location /_next/webpack-hmr {
|
||||
proxy_http_version 1.1;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_buffering off;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.2:3004/_next/webpack-hmr;
|
||||
proxy_pass http://127.0.0.2:3004/_next/webpack-hmr;
|
||||
proxy_read_timeout 300;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
166
conf/nginx/dev4.4nkweb.com.conf.bak_1758117811
Normal file
166
conf/nginx/dev4.4nkweb.com.conf.bak_1758117811
Normal file
@ -0,0 +1,166 @@
|
||||
# HTTP server for ACME and initial proxying
|
||||
server {
|
||||
listen 80;
|
||||
server_name dev4.4nkweb.com;
|
||||
|
||||
# ACME HTTP-01 challenges
|
||||
location /.well-known/acme-challenge/ {
|
||||
root /var/www/letsencrypt;
|
||||
}
|
||||
|
||||
# ihm_client (root)
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:3003;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# Favicon (global)
|
||||
location = /favicon.ico {
|
||||
root /home/debian/lecoffre_node/conf/nginx/assets;
|
||||
try_files /favicon.ico =404;
|
||||
access_log off;
|
||||
expires 30d;
|
||||
}
|
||||
|
||||
# lecoffre-front
|
||||
location = /lecoffre {
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
location /lecoffre/ {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# Next.js assets and HMR under basePath
|
||||
location /lecoffre/_next/webpack-hmr {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/webpack-hmr;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
|
||||
location /lecoffre/_next/ {
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# Favicon sous /lecoffre
|
||||
location = /lecoffre/favicon.ico {
|
||||
root /home/debian/lecoffre_node/conf/nginx/assets;
|
||||
try_files /favicon.ico =404;
|
||||
access_log off;
|
||||
expires 30d;
|
||||
}
|
||||
|
||||
# Next.js assets (served at root by the app)
|
||||
location /_next/ {
|
||||
proxy_pass http://127.0.0.2:3004/_next/;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# API backend
|
||||
location /back/ {
|
||||
proxy_pass http://127.0.0.1:8080/back/;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header Connection "";
|
||||
proxy_buffering off;
|
||||
}
|
||||
|
||||
# API alias → même backend que /back
|
||||
location /api/ {
|
||||
proxy_pass http://127.0.0.1:8080/;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# blindbit
|
||||
location /blindbit/ {
|
||||
proxy_pass http://127.0.0.1:8000/;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# signer (sdk_signer) avec support WebSocket
|
||||
location /signer/ {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_pass http://127.0.0.1:3001/;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_buffering off;
|
||||
}
|
||||
|
||||
# storage (sdk_storage)
|
||||
location /storage/ {
|
||||
proxy_pass http://127.0.0.1:8081/;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# WebSocket relay on /ws → 8090
|
||||
location = /ws {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.1:8090/;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
|
||||
location /ws/ {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_buffering off;
|
||||
# Strip /ws prefix when proxying to backend root
|
||||
proxy_pass http://127.0.0.1:8090/;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
|
||||
# Next.js HMR websocket for lecoffre-front
|
||||
location /_next/webpack-hmr {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.2:3004/_next/webpack-hmr;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
@ -1,7 +1,64 @@
|
||||
server {
|
||||
listen 0.0.0.0:3000;
|
||||
listen [::]:3000;
|
||||
server_name local.4nkweb.com;
|
||||
|
||||
# Redirection vers HTTPS avec le chemin /lecoffre
|
||||
return 301 https://dev4.4nkweb.com/lecoffre$request_uri;
|
||||
|
||||
# HTTP pur: pas de HTTPS ni HSTS
|
||||
|
||||
# Favicon
|
||||
location = /favicon.ico {
|
||||
root /home/debian/lecoffre_node/conf/nginx/assets;
|
||||
}
|
||||
|
||||
# Compat: callback ID.not sans basePath (toutes variantes et querystring)
|
||||
location /authorized-client {
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/authorized-client;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# Entrée sans slash
|
||||
location = /lecoffre {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# BasePath /lecoffre
|
||||
location /lecoffre/ {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# HMR (si utilisé en local)
|
||||
location /lecoffre/_next/webpack-hmr {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/webpack-hmr;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
|
||||
# Assets Next.js
|
||||
location ~* ^(/_next/static/|/lecoffre/_next/static/|/.+\.(?:css|js|png|jpg|jpeg|gif|svg|ico|webp|woff2?))$ {
|
||||
expires 7d;
|
||||
add_header Cache-Control "public, max-age=604800, immutable" always;
|
||||
proxy_pass http://127.0.0.2:3004$request_uri;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
|
||||
9
conf/nginx/local.4nkweb.com.conf
Normal file
9
conf/nginx/local.4nkweb.com.conf
Normal file
@ -0,0 +1,9 @@
|
||||
server {
|
||||
listen 80;
|
||||
server_name local.4nkweb.com;
|
||||
|
||||
# HTTP only: pas de redirection HTTPS, pas d'HSTS
|
||||
location / {
|
||||
return 302 http://local.4nkweb.com:3000$request_uri;
|
||||
}
|
||||
}
|
||||
55
conf/nginx/local.lecoffreio.4nkweb-3000.conf
Normal file
55
conf/nginx/local.lecoffreio.4nkweb-3000.conf
Normal file
@ -0,0 +1,55 @@
|
||||
server {
|
||||
listen 0.0.0.0:3000;
|
||||
listen [::]:3000;
|
||||
server_name local.lecoffreio.4nkweb;
|
||||
|
||||
# Ne jamais forcer HTTPS ni HSTS sur ce vhost local
|
||||
# Pas de return 301, pas de add_header HSTS
|
||||
|
||||
# Favicon local par défaut
|
||||
location = /favicon.ico {
|
||||
root /home/debian/lecoffre_node/conf/nginx/assets;
|
||||
}
|
||||
|
||||
# Entrée sans slash pour éviter les boucles
|
||||
location = /lecoffre {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# Sous-chemin Next.js (préserve le prefix)
|
||||
location /lecoffre/ {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# HMR en dev (si jamais on l’utilise en local HTTP)
|
||||
location /lecoffre/_next/webpack-hmr {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/webpack-hmr;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
|
||||
# Assets Next.js / cache léger côté proxy
|
||||
location ~* ^(/_next/static/|/lecoffre/_next/static/|/.+\.(?:css|js|png|jpg|jpeg|gif|svg|ico|webp|woff2?))$ {
|
||||
expires 7d;
|
||||
add_header Cache-Control "public, max-age=604800, immutable" always;
|
||||
proxy_pass http://127.0.0.2:3004$request_uri;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
54
conf/nginx/local.lecoffreio.4nkweb-3000.conf.bak
Normal file
54
conf/nginx/local.lecoffreio.4nkweb-3000.conf.bak
Normal file
@ -0,0 +1,54 @@
|
||||
server {
|
||||
listen 127.0.0.1:3000;
|
||||
server_name local.lecoffreio.4nkweb;
|
||||
|
||||
# Ne jamais forcer HTTPS ni HSTS sur ce vhost local
|
||||
# Pas de return 301, pas de add_header HSTS
|
||||
|
||||
# Favicon local par défaut
|
||||
location = /favicon.ico {
|
||||
root /home/debian/lecoffre_node/conf/nginx/assets;
|
||||
}
|
||||
|
||||
# Entrée sans slash pour éviter les boucles
|
||||
location = /lecoffre {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# Sous-chemin Next.js (préserve le prefix)
|
||||
location /lecoffre/ {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
# HMR en dev (si jamais on l’utilise en local HTTP)
|
||||
location /lecoffre/_next/webpack-hmr {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/webpack-hmr;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
|
||||
# Assets Next.js / cache léger côté proxy
|
||||
location ~* ^(/_next/static/|/lecoffre/_next/static/|/.+\.(?:css|js|png|jpg|jpeg|gif|svg|ico|webp|woff2?))$ {
|
||||
expires 7d;
|
||||
add_header Cache-Control "public, max-age=604800, immutable" always;
|
||||
proxy_pass http://127.0.0.2:3004$request_uri;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
48
conf/nginx/local.lecoffreio.4nkweb.conf
Normal file
48
conf/nginx/local.lecoffreio.4nkweb.conf
Normal file
@ -0,0 +1,48 @@
|
||||
server {
|
||||
listen 80;
|
||||
server_name local.lecoffreio.4nkweb;
|
||||
|
||||
# HTTP pur: pas de redirection vers HTTPS, pas d'HSTS
|
||||
|
||||
location = /favicon.ico {
|
||||
root /home/debian/lecoffre_node/conf/nginx/assets;
|
||||
}
|
||||
|
||||
location = /lecoffre {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
location /lecoffre/ {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
location /lecoffre/_next/webpack-hmr {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/webpack-hmr;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
|
||||
location ~* ^(/_next/static/|/lecoffre/_next/static/|/.+\.(?:css|js|png|jpg|jpeg|gif|svg|ico|webp|woff2?))$ {
|
||||
expires 7d;
|
||||
add_header Cache-Control "public, max-age=604800, immutable" always;
|
||||
proxy_pass http://127.0.0.2:3004$request_uri;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
@ -96,7 +96,7 @@ services:
|
||||
restart: unless-stopped
|
||||
|
||||
lecoffre-back:
|
||||
image: git.4nkweb.com/4nk/lecoffre-back-mini:dev
|
||||
image: git.4nkweb.com/4nk/lecoffre-back-mini:ext
|
||||
container_name: lecoffre-back
|
||||
env_file:
|
||||
- .env
|
||||
|
||||
83
docs/local_http_vhost.md
Normal file
83
docs/local_http_vhost.md
Normal file
@ -0,0 +1,83 @@
|
||||
### Vhost local HTTP pour `local.lecoffreio.4nkweb`
|
||||
|
||||
Objectif: servir l’IHM en HTTP pur (sans HTTPS ni HSTS) pour le domaine local `local.lecoffreio.4nkweb` sur le port 3000.
|
||||
|
||||
#### Configuration Nginx
|
||||
|
||||
Fichier: `conf/nginx/local.lecoffreio.4nkweb-3000.conf`
|
||||
|
||||
```nginx
|
||||
server {
|
||||
listen 127.0.0.1:3000;
|
||||
server_name local.lecoffreio.4nkweb;
|
||||
|
||||
# Pas de redirection HTTPS ni HSTS
|
||||
|
||||
location = /favicon.ico {
|
||||
root /home/debian/lecoffre_node/conf/nginx/assets;
|
||||
}
|
||||
|
||||
location = /lecoffre {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
location /lecoffre/ {
|
||||
proxy_pass http://127.0.0.2:3004;
|
||||
include /etc/nginx/proxy_params;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_set_header X-Forwarded-Prefix /lecoffre;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
|
||||
location /lecoffre/_next/webpack-hmr {
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://127.0.0.2:3004/lecoffre/_next/webpack-hmr;
|
||||
proxy_read_timeout 600s;
|
||||
}
|
||||
|
||||
location ~* ^(/_next/static/|/lecoffre/_next/static/|/.+\.(?:css|js|png|jpg|jpeg|gif|svg|ico|webp|woff2?))$ {
|
||||
expires 7d;
|
||||
add_header Cache-Control "public, max-age=604800, immutable" always;
|
||||
proxy_pass http://127.0.0.2:3004$request_uri;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto http;
|
||||
proxy_read_timeout 300;
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
Activation: lien symbolique vers `/etc/nginx/sites-enabled/local.lecoffreio.4nkweb-3000.conf` puis `sudo nginx -t && sudo systemctl reload nginx`.
|
||||
|
||||
#### DNS local
|
||||
|
||||
Ajouter dans `/etc/hosts`:
|
||||
|
||||
```
|
||||
127.0.0.1 local.lecoffreio.4nkweb
|
||||
```
|
||||
|
||||
#### Variables d’environnement recommandées (local HTTP)
|
||||
|
||||
```
|
||||
NEXT_PUBLIC_4NK_URL=http://local.lecoffreio.4nkweb:3000
|
||||
NEXT_PUBLIC_FRONT_APP_HOST=local.lecoffreio.4nkweb
|
||||
NEXT_PUBLIC_FRONT_APP_PORT=3000
|
||||
NEXT_PUBLIC_FRONT_APP_ROOT_URL=/lecoffre
|
||||
NEXT_PUBLIC_ANK_BASE_REDIRECT_URI=http://local.lecoffreio.4nkweb:3000/authorized-client
|
||||
NEXT_PUBLIC_4NK_IFRAME_URL=http://local.lecoffreio.4nkweb:3000/lecoffre
|
||||
```
|
||||
|
||||
Note cookies: en HTTP, les cookies marqués `Secure` ne sont pas envoyés. Adapter la config backend en conséquence pour ce domaine local.
|
||||
|
||||
|
||||
@ -1 +0,0 @@
|
||||
Subproject commit 186f8f10757abd44d3e1883f8d05d7a8ab208009
|
||||
14
tests/smoke_local_http.md
Normal file
14
tests/smoke_local_http.md
Normal file
@ -0,0 +1,14 @@
|
||||
### Smoke tests - local.lecoffreio.4nkweb (HTTP)
|
||||
|
||||
- **/lecoffre/**: doit répondre 200 (pas de redirection HTTPS)
|
||||
- **/_next/** et **/lecoffre/_next/**: assets servis, codes 200/304
|
||||
- **favicon**: `http://local.lecoffreio.4nkweb:3000/favicon.ico` répond 200 si présent
|
||||
|
||||
Commandes de vérification:
|
||||
|
||||
```bash
|
||||
curl -I -H "Host: local.lecoffreio.4nkweb" http://127.0.0.1:3000/lecoffre/
|
||||
curl -I -H "Host: local.lecoffreio.4nkweb" http://127.0.0.1:3000/lecoffre/_next/static/chunks/main.js
|
||||
```
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user