-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Loading status checks…
chore: nginx 수정
1 parent
04699d6
commit 7e31293
Showing
1 changed file
with
36 additions
and
27 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,32 +1,41 @@ | ||
| #nginx.conf | ||
| server { | ||
| listen 443; | ||
| server_name corinee.site; | ||
| worker_processes auto; | ||
|
|
||
| # SSL 인증서 설정 | ||
| ssl_certificate /etc/nginx/ssl/certificate.crt; | ||
| ssl_certificate_key /etc/nginx/ssl/private.key; | ||
| ssl_trusted_certificate /etc/nginx/ssl/ca_bundle.crt; # 인증서 체인 파일 추가 | ||
| ssl_protocols TLSv1.2 TLSv1.3; | ||
| ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384'; | ||
| ssl_prefer_server_ciphers on; | ||
| ssl_session_cache shared:SSL:10m; | ||
| events{ | ||
| worker_connections 1024; | ||
| } | ||
|
|
||
| http{ | ||
| server { | ||
| listen 443 ssl; | ||
| server_name corinee.site; | ||
|
|
||
| # client 서비스로 프록시 (프론트엔드 애플리케이션) | ||
| location / { | ||
| proxy_pass http://client:80; # client 컨테이너의 포트로 프록시 | ||
| proxy_set_header Host $host; | ||
| proxy_set_header X-Real-IP $remote_addr; | ||
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
| proxy_set_header X-Forwarded-Proto $scheme; | ||
| } | ||
|
|
||
| # server 서비스로 프록시 (API 요청을 server로 전달) | ||
| location /api { | ||
| proxy_pass http://server:3000; # server 컨테이너의 포트로 프록시 | ||
| proxy_set_header Host $host; | ||
| proxy_set_header X-Real-IP $remote_addr; | ||
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
| proxy_set_header X-Forwarded-Proto $scheme; | ||
| # SSL 인증서 설정 | ||
| ssl_certificate /etc/nginx/ssl/certificate.crt; | ||
| ssl_certificate_key /etc/nginx/ssl/private.key; | ||
| ssl_trusted_certificate /etc/nginx/ssl/ca_bundle.crt; # 인증서 체인 파일 추가 | ||
| ssl_protocols TLSv1.2 TLSv1.3; | ||
| ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384'; | ||
| ssl_prefer_server_ciphers on; | ||
| ssl_session_cache shared:SSL:10m; | ||
|
|
||
| # client 서비스로 프록시 (프론트엔드 애플리케이션) | ||
| location / { | ||
| proxy_pass http://client:80; # client 컨테이너의 포트로 프록시 | ||
| proxy_set_header Host $host; | ||
| proxy_set_header X-Real-IP $remote_addr; | ||
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
| proxy_set_header X-Forwarded-Proto $scheme; | ||
| } | ||
|
|
||
| # server 서비스로 프록시 (API 요청을 server로 전달) | ||
| location /api { | ||
| proxy_pass http://server:3000; # server 컨테이너의 포트로 프록시 | ||
| proxy_set_header Host $host; | ||
| proxy_set_header X-Real-IP $remote_addr; | ||
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
| proxy_set_header X-Forwarded-Proto $scheme; | ||
| } | ||
| } | ||
| } | ||
| } |