matthias.lotz
71f1a2da82
- Created clean dev nginx.conf based on working prod version - Adapted backend service names (backend-dev) - Replaced static file serving with React Dev Server proxying - Added htpasswd authentication for /moderation routes Testing confirms: ✅ Homepage accessible (200 OK) ✅ Moderation page protected (401 Unauthorized) ✅ Moderation API protected (401 Unauthorized) ✅ Upload functionality working (single + batch)
139 lines
4.9 KiB
Nginx Configuration File
139 lines
4.9 KiB
Nginx Configuration File
server {
|
|
listen 80;
|
|
|
|
# Allow large uploads (50MB)
|
|
client_max_body_size 50M;
|
|
|
|
# API proxy to backend-dev service
|
|
location /upload {
|
|
proxy_pass http://backend-dev:5000;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Allow large uploads for API too
|
|
client_max_body_size 50M;
|
|
}
|
|
|
|
# API routes for new multi-upload features
|
|
location /api/upload {
|
|
proxy_pass http://backend-dev:5000/upload;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Allow large uploads for batch upload
|
|
client_max_body_size 100M;
|
|
}
|
|
|
|
# API - Download original images
|
|
location /api/download {
|
|
proxy_pass http://backend-dev:5000/download;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
|
|
# API - Preview/thumbnail images (optimized for gallery views)
|
|
location /api/previews {
|
|
proxy_pass http://backend-dev:5000/previews;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
|
|
# API - Groups (NO PASSWORD PROTECTION)
|
|
location /api/groups {
|
|
proxy_pass http://backend-dev:5000/groups;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
|
|
# Protected API - Moderation API routes (password protected) - must come before /groups
|
|
location /moderation/groups {
|
|
auth_basic "Restricted Area - Moderation API";
|
|
auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
proxy_pass http://backend-dev:5000/moderation/groups;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
|
|
# API - Groups API routes (NO PASSWORD PROTECTION)
|
|
location ~ ^/groups/[a-zA-Z0-9_-]+(/.*)?$ {
|
|
proxy_pass http://backend-dev:5000;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
|
|
location /download {
|
|
proxy_pass http://backend-dev:5000;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
|
|
# Frontend page - Groups overview (NO PASSWORD PROTECTION) - React Dev Server
|
|
location /groups {
|
|
proxy_pass http://127.0.0.1:3000;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "Upgrade";
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
# Protected routes - Moderation (password protected) - React Dev Server
|
|
location /moderation {
|
|
auth_basic "Restricted Area - Moderation";
|
|
auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
proxy_pass http://127.0.0.1:3000;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "Upgrade";
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
# WebSocket support for hot reloading (React Dev Server)
|
|
location /ws {
|
|
proxy_pass http://127.0.0.1:3000;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "Upgrade";
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
# Frontend files - React Dev Server
|
|
location / {
|
|
proxy_pass http://127.0.0.1:3000;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "Upgrade";
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
error_page 500 502 503 504 /50x.html;
|
|
location = /50x.html {
|
|
root /usr/share/nginx/html;
|
|
}
|
|
}
|