18bb793b2d
* feat: nginx + robots.txt * feat: minimal /health/ endpoint * ci: startupProbe for datatracker pod * ci: probe auth pod; set timeoutSeconds * feat: add CSP and other headers to nginx * fix: typo in nginx.conf * feat: split auth/dt nginx confs * test: test health endpoint * ci: auth service on port 80 We'll remove http-old (8080) in the future. * ci: rename auth container/nginx cfg
24 lines
888 B
Plaintext
24 lines
888 B
Plaintext
server {
|
|
listen 8080 default_server;
|
|
server_name _;
|
|
|
|
location /health/nginx {
|
|
return 200;
|
|
}
|
|
|
|
location /robots.txt {
|
|
add_header Content-Type text/plain;
|
|
return 200 "User-agent: *\nDisallow: /doc/pdf/\n";
|
|
}
|
|
|
|
location / {
|
|
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' data: https://datatracker.ietf.org/ https://www.ietf.org/ http://ietf.org/ https://analytics.ietf.org https://static.ietf.org; frame-ancestors 'self' ietf.org *.ietf.org meetecho.com *.meetecho.com";
|
|
proxy_set_header Host $${keepempty}host;
|
|
proxy_set_header Connection close;
|
|
proxy_set_header X-Request-Start "t=${msec}";
|
|
proxy_set_header X-Forwarded-For $${keepempty}proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Real-IP $${keepempty}remote_addr;
|
|
proxy_pass http://localhost:8000;
|
|
}
|
|
}
|