hichina2023/nginx.conf

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

   client_max_body_size 50M;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

    server {  
       server_name  hichinatravel.com;  
       rewrite ^(.*) https://www.hichinatravel.com$1 permanent;  
    }
    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  _;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        }

        error_page 404 /404.html;
            location = /40x.html {
        }

        error_page 500 502 503 504 /50x.html;
            location = /50x.html {
        }

        return 301 https://$host$request_uri;
    }
    # server {
    #     listen       443;
    #     server_name  www.hichinatravel.com;

    #     if ($http_host != www.hichinatravel.com) {
    #         rewrite  (.*)  https://www.hichinatravel.com$1 permanent;
    #     }
       
    #     root         /usr/share/nginx/html;

    #     ssl on;
    #     ssl_certificate   /etc/nginx/cert/fullchain.pem;
    #     ssl_certificate_key  /etc/nginx/cert/private.key;
        
    #     ssl_session_timeout 5m;
    #     ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    #     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    #     ssl_prefer_server_ciphers on;

    #     # Load configuration files for the default server block.
    #     include /etc/nginx/default.d/*.conf;
        
    #     location / {
    #               proxy_set_header   X-Real-IP $remote_addr;
    #               proxy_set_header   Host      hichinatravel.com;
    #               proxy_pass         http://127.0.0.1:8765;
    #               #proxy_pass "http://47.100.21.205:9995/";
    #     }
    #     location /staticresource/ {
    #                   rewrite /staticresource(.*) $1 break;
    #                   proxy_pass http://127.0.0.1:8011;
    #                   proxy_redirect     off;
    #                   proxy_set_header   Host             hichinatravel.com;
    #                   proxy_set_header   X-Real-IP        $remote_addr;
    #                   proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    #     }
    #     error_page 404 /404.html;
    #          location = /40x.html {
    #      }
        
    #      error_page 500 502 503 504 /50x.html;
    #         location = /50x.html {
    #      }
    # }
    # server {
    #     listen       80;
    #     server_name  www.hichinatravel.com;
    #     root         /usr/share/nginx/html;

    #     # Load configuration files for the default server block.
    #     include /etc/nginx/default.d/*.conf;
        
    #     location / {
    #               proxy_set_header   X-Real-IP $remote_addr;
    #               proxy_set_header   Host      hichinatravel.com;
    #               proxy_pass         http://127.0.0.1:8765;
    #     }
    #     location /staticresource/ {
    #               rewrite /staticresource(.*) $1 break;
    #               proxy_pass http://127.0.0.1:8011;
    #               proxy_redirect     off;
    #               proxy_set_header   Host             hichinatravel.com;
    #               proxy_set_header   X-Real-IP        $remote_addr;
    #               proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    #     }

    #     error_page 404 /404.html;
    #          location = /40x.html {
    #      }
        
    #      error_page 500 502 503 504 /50x.html;
    #         location = /50x.html {
    #      }
    # }
   server {
        listen       443;
        server_name  owncloud.hichinatravel.com;

        if ($http_host != owncloud.hichinatravel.com) {
            rewrite  (.*)  https://owncloud.hichinatravel.com$1 permanent;
        }
       
        root         /usr/share/nginx/html;

        ssl on;
        ssl_certificate   /etc/nginx/cert/fullchain.pem;
        ssl_certificate_key  /etc/nginx/cert/private.key;
        
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
        
        location / {
                  proxy_set_header   X-Real-IP $remote_addr;
                  proxy_set_header   Host      owncloud.hichinatravel.com;
                  proxy_cookie_domain     owncloud.hichinatravel.com     $host;
                  sub_filter      "owncloud.hichinatravel.com"   $host;
                  proxy_pass         http://127.0.0.1:8085;
        }
        error_page 404 /404.html;
             location = /40x.html {
         }
        
         error_page 500 502 503 504 /50x.html;
            location = /50x.html {
         }
    }
   # server {
   #      listen       80;
   #      server_name  owncloud.hichinatravel.com;
   #      root         /usr/share/nginx/html;

   #      # Load configuration files for the default server block.
   #      include /etc/nginx/default.d/*.conf;
        
   #      location / {
   #            proxy_set_header   X-Real-IP $remote_addr;
   #            proxy_set_header   Host      owncloud.hichinatravel.com;
   #            proxy_cookie_domain     owncloud.hichinatravel.com     $host;
   #            sub_filter      "owncloud.hichinatravel.com"   $host;
   #            proxy_pass         http://127.0.0.1:8085;
   #      }
   #      error_page 404 /404.html;
   #         location = /40x.html {
   #      }
        
   #      error_page 500 502 503 504 /50x.html;
   #         location = /50x.html {
   #      }
   #  }
    server {
        listen       80;
        server_name  elastic.hichinatravel.com;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
        
        location / {
              proxy_set_header   X-Real-IP $remote_addr;
              proxy_set_header   Host      elastic.hichinatravel.com;
              proxy_cookie_domain     elastic.hichinatravel.com     $host;
              sub_filter      "elastic.hichinatravel.com"   $host;
              proxy_pass         http://127.0.0.1:9200;
        }
        error_page 404 /404.html;
           location = /40x.html {
        }
        
        error_page 500 502 503 504 /50x.html;
           location = /50x.html {
        }
    }
    server {
        listen       80;
        server_name  kibana.hichinatravel.com;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
        
        location / {
              proxy_set_header   X-Real-IP $remote_addr;
              proxy_set_header   Host      kibana.hichinatravel.com;
              proxy_cookie_domain     kibana.hichinatravel.com     $host;
              sub_filter      "kibana.hichinatravel.com"   $host;
              proxy_pass         http://127.0.0.1:5601;
        }
        error_page 404 /404.html;
           location = /40x.html {
        }
        
        error_page 500 502 503 504 /50x.html;
           location = /50x.html {
        }
    }
    server {
        listen       443;
        server_name  admin.hichinatravel.com;

        if ($http_host != admin.hichinatravel.com) {
            rewrite  (.*)  https://admin.hichinatravel.com$1 permanent;
        }
       
        root         /usr/share/nginx/html;

        ssl on;
        ssl_certificate   /etc/nginx/cert/fullchain.pem;
        ssl_certificate_key  /etc/nginx/cert/private.key;
        
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
        
        location / {
                  proxy_set_header   X-Real-IP $remote_addr;
                  proxy_set_header   Host      admin.hichinatravel.com;
                  proxy_pass         http://127.0.0.1:9055;
        }
       location /service {
                  rewrite /service(.*) $1 break;
                  proxy_pass http://127.0.0.1:9054;
                  proxy_redirect     off;
                  proxy_set_header   Host             admin.hichinatravel.com;
                  proxy_set_header   X-Real-IP        $remote_addr;
                  proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        }
        error_page 404 /404.html;
             location = /40x.html {
         }
        
         error_page 500 502 503 504 /50x.html;
            location = /50x.html {
         }
   }
   server {
        listen       443;
        server_name  admin-qa.hichinatravel.com;

        if ($http_host != admin-qa.hichinatravel.com) {
            rewrite  (.*)  https://admin-qa.hichinatravel.com$1 permanent;
        }
       
        root         /usr/share/nginx/html;

        ssl on;
        ssl_certificate   /etc/nginx/cert/fullchain.pem;
        ssl_certificate_key  /etc/nginx/cert/private.key;
        
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
        
        location / {
                  proxy_set_header   X-Real-IP $remote_addr;
                  proxy_set_header   Host      admin-qa.hichinatravel.com;
                  proxy_pass         http://127.0.0.1:9051;
        }
       location /service {
                  rewrite /service(.*) $1 break;
                  proxy_pass http://127.0.0.1:9050;
                  proxy_redirect     off;
                  proxy_set_header   Host             admin-qa.hichinatravel.com;
                  proxy_set_header   X-Real-IP        $remote_addr;
                  proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        }
        error_page 404 /404.html;
             location = /40x.html {
         }
        
         error_page 500 502 503 504 /50x.html;
            location = /50x.html {
         }
   }
   server {
    listen       443;
    server_name  jupyter.hichinatravel.com;

    if ($http_host != jupyter.hichinatravel.com) {
        rewrite  (.*)  https://jupyter.hichinatravel.com$1 permanent;
    }
       
    root         /usr/share/nginx/html;

    ssl on;
    ssl_certificate   /etc/nginx/cert/fullchain.pem;
    ssl_certificate_key  /etc/nginx/cert/private.key;
        
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;
        
    location / {
              proxy_set_header   X-Real-IP $remote_addr;
              proxy_set_header   Host      jupyter.hichinatravel.com;
              proxy_pass         http://127.0.0.1:8888;
    }
    location /api/kernels/ {
        proxy_pass            http://127.0.0.1:8888;
        proxy_set_header      Host $host;
        # websocket support
        proxy_http_version    1.1;
        proxy_set_header      Upgrade "websocket";
        proxy_set_header      Connection "Upgrade";
        proxy_read_timeout    86400;
    }
    error_page 404 /404.html;
         location = /40x.html {
     }
        
     error_page 500 502 503 504 /50x.html;
        location = /50x.html {
     }
   }
   server {
    listen       443;
    server_name  www.hichinatravel.com;

    gzip on;
    gzip_min_length 1k;
    gzip_comp_level 9;
    gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
    gzip_vary on;
    gzip_disable "MSIE [1-6]\.";

    if ($http_host != www.hichinatravel.com) {
        rewrite  (.*)  https://www.hichinatravel.com$1 permanent;
    }
       
    root         /usr/share/nginx/html;

    ssl on;
    ssl_certificate   /etc/nginx/cert/fullchain.pem;
    ssl_certificate_key  /etc/nginx/cert/private.key;
        
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;

    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;
        
    location / {
              proxy_set_header   X-Real-IP $remote_addr;
              proxy_set_header   Host      www.hichinatravel.com;
              proxy_pass         http://127.0.0.1:9057;
              #proxy_pass "http://47.100.21.205:9995/";
    }
    location /service {
              rewrite /service(.*) $1 break;
              proxy_pass http://127.0.0.1:9056;
              proxy_redirect     off;
              proxy_set_header   Host             www.hichinatravel.com;
              proxy_set_header   X-Real-IP        $remote_addr;
              proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
    }
    error_page 404 /404.html;
         location = /40x.html {
     }
        
     error_page 500 502 503 504 /50x.html;
        location = /50x.html {
     }
   }
   server {
        listen       443;
        server_name  qa.hichinatravel.com;

        if ($http_host != qa.hichinatravel.com) {
            rewrite  (.*)  https://qa.hichinatravel.com$1 permanent;
        }
       
        root         /usr/share/nginx/html;

        ssl on;
        ssl_certificate   /etc/nginx/cert/fullchain.pem;
        ssl_certificate_key  /etc/nginx/cert/private.key;
        
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
        
        location / {
                  proxy_set_header   X-Real-IP $remote_addr;
                  proxy_set_header   Host      qa.hichinatravel.com;
                  proxy_pass         http://127.0.0.1:9053;
                  #proxy_pass "http://47.100.21.205:9995/";
        }
        location /service {
                  rewrite /service(.*) $1 break;
                  proxy_pass http://127.0.0.1:9052;
                  proxy_redirect     off;
                  proxy_set_header   Host             qa.hichinatravel.com;
                  proxy_set_header   X-Real-IP        $remote_addr;
                  proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        }
        error_page 404 /404.html;
             location = /40x.html {
         }
        
         error_page 500 502 503 504 /50x.html;
            location = /50x.html {
         }
    }
   server {
        listen       443;
        server_name  mayan.hichinatravel.com;

        if ($http_host != mayan.hichinatravel.com) {
            rewrite  (.*)  https://mayan.hichinatravel.com$1 permanent;
        }
       
        root         /usr/share/nginx/html;

        ssl on;
        ssl_certificate   /etc/nginx/cert/fullchain.pem;
        ssl_certificate_key  /etc/nginx/cert/private.key;
        
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
        
        location / {
                  proxy_set_header   X-Real-IP $remote_addr;
                  proxy_set_header   Host      mayan.hichinatravel.com;
                  proxy_pass         http://127.0.0.1:85;
        }
        error_page 404 /404.html;
             location = /40x.html {
         }
        
         error_page 500 502 503 504 /50x.html;
            location = /50x.html {
         }
   }
   server {
        listen       443;
        server_name  photoprism.hichinatravel.com;

        if ($http_host != photoprism.hichinatravel.com) {
            rewrite  (.*)  https://photoprism.hichinatravel.com$1 permanent;
        }
       
        root         /usr/share/nginx/html;

        ssl on;
        ssl_certificate   /etc/nginx/cert/fullchain.pem;
        ssl_certificate_key  /etc/nginx/cert/private.key;
        
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
        
        location / {
                  proxy_set_header   X-Real-IP $remote_addr;
                  proxy_set_header   Host      photoprism.hichinatravel.com;
                  proxy_pass         http://127.0.0.1:2342;
        }
        error_page 404 /404.html;
             location = /40x.html {
         }
        
         error_page 500 502 503 504 /50x.html;
            location = /50x.html {
         }
   }
   server {
        listen       443;
        server_name  git.hichinatravel.com;

        if ($http_host != git.hichinatravel.com) {
            rewrite  (.*)  https://git.hichinatravel.com$1 permanent;
        }
       
        root         /usr/share/nginx/html;

        ssl on;
        ssl_certificate   /etc/nginx/cert/fullchain.pem;
        ssl_certificate_key  /etc/nginx/cert/private.key;
        
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
        
        location / {
                  proxy_set_header   X-Real-IP $remote_addr;
                  proxy_set_header   Host      git.hichinatravel.com;
                  proxy_pass         http://127.0.0.1:3001;
        }
        error_page 404 /404.html;
             location = /40x.html {
         }
        
         error_page 500 502 503 504 /50x.html;
            location = /50x.html {
         }
   }
   server {
        listen       443;
        server_name  wiki.hichinatravel.com;

        if ($http_host != wiki.hichinatravel.com) {
            rewrite  (.*)  https://wiki.hichinatravel.com$1 permanent;
        }
       
        root         /usr/share/nginx/html;

        ssl on;
        ssl_certificate   /etc/nginx/cert/fullchain.pem;
        ssl_certificate_key  /etc/nginx/cert/private.key;
        
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;
        
        location / {
                  proxy_set_header   X-Real-IP $remote_addr;
                  proxy_set_header   Host      wiki.hichinatravel.com;
                  proxy_pass         http://127.0.0.1:3000;
        }
        error_page 404 /404.html;
             location = /40x.html {
         }
        
         error_page 500 502 503 504 /50x.html;
            location = /50x.html {
         }
   }
}