nginx_chef_api_lb.conf.erb 2.06 KB
Edit Raw Blame History



1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85


server {
  listen <%= @server_port %>;
  server_name <%= @server_name %>;
  access_log /var/log/chef-server/nginx/access.log opscode;

  <% if @server_proto == "https" -%>
  ssl on;
  ssl_certificate <%= @ssl_certificate %>;
  ssl_certificate_key <%= @ssl_certificate_key %>;

  ssl_session_timeout 5m;

  ssl_protocols <%= @ssl_protocols %>;
  ssl_ciphers <%= @ssl_ciphers %>;
  ssl_prefer_server_ciphers on;

  <% end -%>
  root <%= File.join(@dir, "html") %>;

  client_max_body_size <%= @client_max_body_size %>;

  proxy_set_header Host $host:$server_port;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Forwarded-Proto <%= @server_proto %>;
  proxy_pass_request_headers on;
  proxy_connect_timeout   1;
  proxy_send_timeout      300;
  proxy_read_timeout      300;

  error_page 404 =404 /404.html;
  error_page 503 =503 /503.json;

  location /nginx_status {
    stub_status on;
    access_log   off;
    allow 127.0.0.1;
    deny all;
  }

  location /version {
    types { }
    default_type text/plain;
    alias /opt/chef-server/version-manifest.txt;
  }

  location /docs {
    index index.html ;
    alias /opt/chef-server/docs;
  }

  # bookshelf
  location ~ "/<%= node['chef_server']['erchef']['s3_bucket'] %>/{0,1}.*$" {
    proxy_pass http://bookshelf;
  }

  location ~ "^/(?:stylesheets|javascripts|images|facebox|css|favicon|robots|humans)/{0,1}.*$" {
    if ($http_x_chef_version ~* "^(\d+\.\d+?)\..+$") {
      error_page 400 =400 /400-chef_client_manage.json;
      return 400;
    }
    proxy_pass http://chef_server_webui;
    proxy_pass_request_headers off;
    proxy_cache webui-cache;
    proxy_cache_valid 200 302 300m;
    proxy_cache_valid 404 1m;
  }

 location = /_status {
    proxy_pass http://erchef/_status;
  }

 location = /_status/ {
    proxy_pass http://erchef/_status;
  }

  location / {
    set $my_upstream erchef;
    if ($http_x_ops_userid = "") {
      set $my_upstream chef_server_webui;
    }
    proxy_redirect http://$my_upstream /;
    proxy_pass http://$my_upstream;
  }
}