-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #112 from hubmapconsortium/test-release
v2.0.13 release
- Loading branch information
Showing
4 changed files
with
218 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1 @@ | ||
| 2.0.12 | ||
| 2.0.13 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,108 @@ | ||
| # Define the upstream antibody-api-server to be used by other containers on the same docker network | ||
| upstream antibody-api-server { | ||
| server localhost:8888; | ||
| } | ||
|
|
||
| # Port 80 on host maps to 8080 on container | ||
| server { | ||
| # Only root can listen on ports below 1024, we use higher-numbered ports | ||
| # since nginx is running under non-root user hubmap | ||
| listen 8080; | ||
| server_name antibody-api.dev.hubmapconsortium.org; | ||
|
|
||
| location / { | ||
| return 301 https://$host$request_uri; | ||
| } | ||
| } | ||
|
|
||
| # Port 443 on host maps to 4430 on container | ||
| server { | ||
| # Only root can listen on ports below 1024, we use higher-numbered ports | ||
| # since nginx is running under non-root user hubmap | ||
| listen 4430 ssl; # managed by Certbot | ||
| server_name antibody-api.dev.hubmapconsortium.org; | ||
| root /usr/share/nginx/html; | ||
|
|
||
| ssl_certificate /etc/letsencrypt/live/gateway.dev.hubmapconsortium.org/fullchain.pem; # managed by Certbot | ||
| ssl_certificate_key /etc/letsencrypt/live/gateway.dev.hubmapconsortium.org/privkey.pem; # managed by Certbot | ||
| include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | ||
| ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | ||
|
|
||
| # Logging to the mounted volume for outside container access | ||
| access_log /usr/src/app/log/nginx_access_antibody-api.log; | ||
| error_log /usr/src/app/log/nginx_error_antibody-api.log warn; | ||
|
|
||
| # No auth_request for favicon | ||
| location = /favicon.ico { | ||
| alias /usr/share/nginx/html/favicon.ico; | ||
| } | ||
|
|
||
| location / { | ||
| # Always enable CORS | ||
| # Response to preflight requests | ||
| if ($request_method = 'OPTIONS') { | ||
| # The directive `add_header` doesn't work when response status code is 401, 403 or 500 | ||
| # The `always` parameter is specified so the header field will be added regardless of the response code | ||
| add_header 'Access-Control-Allow-Origin' '*' always; | ||
| add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, OPTIONS' always; | ||
|
|
||
| # Custom headers and headers various browsers should be OK with but aren't | ||
| add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,Authorization, MAuthorization,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always; | ||
|
|
||
| # Cache the response to this preflight request in browser for 24 hours (86400 seconds) | ||
| # without sending another preflight request | ||
| add_header 'Access-Control-Max-Age' 86400 always; | ||
|
|
||
| add_header 'Content-Type' 'text/plain; charset=utf-8' always; | ||
| add_header 'Content-Length' 0 always; | ||
| return 204; | ||
| } | ||
|
|
||
| # Response to the original requests (HTTP methods are case-sensitive) with CORS enabled | ||
| if ($request_method ~ (POST|GET|PUT)) { | ||
| add_header 'Access-Control-Allow-Origin' '*' always; | ||
| add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, OPTIONS' always; | ||
| add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,Authorization, MAuthorization,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always; | ||
| add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; | ||
| } | ||
|
|
||
| # Pass reqeusts to the uWSGI server using the "uwsgi" protocol on port 5000 | ||
| include uwsgi_params; | ||
| # Here "antibody-api" is the hostname defined in `docker-compose.yml` | ||
| # We have to use this hostname because the entity API is running on a different container | ||
| uwsgi_pass uwsgi://antibody-api:5000; | ||
| } | ||
|
|
||
| } | ||
|
|
||
|
|
||
|
|
||
| # antibody-api-server | ||
| # `http://hubmap-auth:8888` can be used by gateway | ||
| # to make calls to antibody-api directly bypassing gateway | ||
| server { | ||
| # Only root can listen on ports below 1024, we use higher-numbered ports | ||
| # since nginx is running under non-root user hubmap | ||
| listen 8888; | ||
|
|
||
| server_name localhost; | ||
| root /usr/share/nginx/html; | ||
|
|
||
| # We need this logging for inspecting auth requests from other internal services | ||
| # Logging to the mounted volume for outside container access | ||
| access_log /usr/src/app/log/nginx_access_antibody-api-server.log; | ||
| error_log /usr/src/app/log/nginx_error_antibody-api-server.log warn; | ||
|
|
||
| location = /favicon.ico { | ||
| alias /usr/share/nginx/html/favicon.ico; | ||
| } | ||
|
|
||
| # Pass reqeusts to the uWSGI server using the "uwsgi" protocol on port 5000 | ||
| location / { | ||
| include uwsgi_params; | ||
| # Here "antibody-api" is the hostname defined in `docker-compose.yml` | ||
| # We have to use this hostname because the entity API is running on a different container | ||
| uwsgi_pass uwsgi://antibody-api:5000; | ||
| } | ||
|
|
||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,108 @@ | ||
| # Define the upstream antibody-api-server to be used by other containers on the same docker network | ||
| upstream antibody-api-server { | ||
| server localhost:8888; | ||
| } | ||
|
|
||
| # Port 80 on host maps to 8080 on container | ||
| server { | ||
| # Only root can listen on ports below 1024, we use higher-numbered ports | ||
| # since nginx is running under non-root user hubmap | ||
| listen 8080; | ||
| server_name antibody-api.stage.hubmapconsortium.org; | ||
|
|
||
| location / { | ||
| return 301 https://$host$request_uri; | ||
| } | ||
| } | ||
|
|
||
| # Port 443 on host maps to 4430 on container | ||
| server { | ||
| # Only root can listen on ports below 1024, we use higher-numbered ports | ||
| # since nginx is running under non-root user hubmap | ||
| listen 4430 ssl; # managed by Certbot | ||
| server_name antibody-api.stage.hubmapconsortium.org; | ||
| root /usr/share/nginx/html; | ||
|
|
||
| ssl_certificate /etc/letsencrypt/live/gateway.stage.hubmapconsortium.org/fullchain.pem; # managed by Certbot | ||
| ssl_certificate_key /etc/letsencrypt/live/gateway.stage.hubmapconsortium.org/privkey.pem; # managed by Certbot | ||
| include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | ||
| ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | ||
|
|
||
| # Logging to the mounted volume for outside container access | ||
| access_log /usr/src/app/log/nginx_access_antibody-api.log; | ||
| error_log /usr/src/app/log/nginx_error_antibody-api.log warn; | ||
|
|
||
| # No auth_request for favicon | ||
| location = /favicon.ico { | ||
| alias /usr/share/nginx/html/favicon.ico; | ||
| } | ||
|
|
||
| location / { | ||
| # Always enable CORS | ||
| # Response to preflight requests | ||
| if ($request_method = 'OPTIONS') { | ||
| # The directive `add_header` doesn't work when response status code is 401, 403 or 500 | ||
| # The `always` parameter is specified so the header field will be added regardless of the response code | ||
| add_header 'Access-Control-Allow-Origin' '*' always; | ||
| add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, OPTIONS' always; | ||
|
|
||
| # Custom headers and headers various browsers should be OK with but aren't | ||
| add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,Authorization, MAuthorization,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always; | ||
|
|
||
| # Cache the response to this preflight request in browser for 24 hours (86400 seconds) | ||
| # without sending another preflight request | ||
| add_header 'Access-Control-Max-Age' 86400 always; | ||
|
|
||
| add_header 'Content-Type' 'text/plain; charset=utf-8' always; | ||
| add_header 'Content-Length' 0 always; | ||
| return 204; | ||
| } | ||
|
|
||
| # Response to the original requests (HTTP methods are case-sensitive) with CORS enabled | ||
| if ($request_method ~ (POST|GET|PUT)) { | ||
| add_header 'Access-Control-Allow-Origin' '*' always; | ||
| add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, OPTIONS' always; | ||
| add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,Authorization, MAuthorization,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always; | ||
| add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; | ||
| } | ||
|
|
||
| # Pass reqeusts to the uWSGI server using the "uwsgi" protocol on port 5000 | ||
| include uwsgi_params; | ||
| # Here "antibody-api" is the hostname defined in `docker-compose.yml` | ||
| # We have to use this hostname because the entity API is running on a different container | ||
| uwsgi_pass uwsgi://antibody-api:5000; | ||
| } | ||
|
|
||
| } | ||
|
|
||
|
|
||
|
|
||
| # antibody-api-server | ||
| # `http://hubmap-auth:8888` can be used by gateway | ||
| # to make calls to antibody-api directly bypassing gateway | ||
| server { | ||
| # Only root can listen on ports below 1024, we use higher-numbered ports | ||
| # since nginx is running under non-root user hubmap | ||
| listen 8888; | ||
|
|
||
| server_name localhost; | ||
| root /usr/share/nginx/html; | ||
|
|
||
| # We need this logging for inspecting auth requests from other internal services | ||
| # Logging to the mounted volume for outside container access | ||
| access_log /usr/src/app/log/nginx_access_antibody-api-server.log; | ||
| error_log /usr/src/app/log/nginx_error_antibody-api-server.log warn; | ||
|
|
||
| location = /favicon.ico { | ||
| alias /usr/share/nginx/html/favicon.ico; | ||
| } | ||
|
|
||
| # Pass reqeusts to the uWSGI server using the "uwsgi" protocol on port 5000 | ||
| location / { | ||
| include uwsgi_params; | ||
| # Here "antibody-api" is the hostname defined in `docker-compose.yml` | ||
| # We have to use this hostname because the entity API is running on a different container | ||
| uwsgi_pass uwsgi://antibody-api:5000; | ||
| } | ||
|
|
||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters