IlyaSobolev/DocSpace-buildtools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feature/ssr confirm (#320)

Browse Source
This commit is contained in:
Alexey Safronov 2024-09-02 12:49:55 +04:00 committed by GitHub
commit 0fe9b339d7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 55 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
config/nginx/onlyoffice.conf
View File

@ -67,19 +67,19 @@ server_names_hash_bucket_size 128;
server {
listen 8092;
add_header Referrer-Policy "same-origin";
add_header X-Content-Type-Options "nosniff";
add_header X-Frame-Options $header_x_frame_options;
add_header Cache-Control $cache_control;
add_header Permissions-Policy "autoplay=(), geolocation=(), camera=(), interest-cohort=()";
root $public_root;
root $public_root;
etag on;
large_client_header_buffers 4 16k;
client_max_body_size 4G;
gzip on;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;
gzip_min_length 1000;
@ -126,7 +126,7 @@ server {
ngx.log(ngx.ERR, "failed to connect to redis: ", err)
return
end
if redis_pass ~= "" then
local res, err = red:auth(redis_pass)
if not res then
@ -134,9 +134,9 @@ server {
return
end
end
local csp, err = red:hget(key, "data")
if csp == ngx.null or not csp then
ngx.log(ngx.INFO, "failed to get redis key: ", err)
else
@ -144,7 +144,7 @@ server {
end
end
';
location ~* ^/ds-vpath/ {
rewrite /ds-vpath/(.*) /$1 break;
@ -163,9 +163,9 @@ server {
proxy_set_header X-Forwarded-Host $proxy_x_forwarded_host/ds-vpath;
proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
add_header Content-Security-Policy $content_security_policy;
}
include /etc/nginx/includes/server-*.conf;
location / {
@ -213,7 +213,7 @@ server {
}
}
location /doceditor {
proxy_pass http://127.0.0.1:5013;
proxy_redirect off;
@ -232,6 +232,28 @@ server {
}
}
location /confirm {
rewrite confirm(?:\.aspx\/?|\/?)(.*) /login/confirm/$1 break;
proxy_pass http://$service_login;
proxy_redirect off;
location ~* /_next/public/images/(.*)$ {
try_files /images/$1 /index.html =404;
}
}
location /wizard {
rewrite wizard /login/wizard break;
proxy_pass http://$service_login;
proxy_redirect off;
location ~* /_next/public/images/(.*)$ {
try_files /images/$1 /index.html =404;
}
}
location /management {
proxy_pass http://127.0.0.1:5015;
proxy_redirect off;
@ -247,7 +269,7 @@ server {
location ~* /static/fonts/(?<content>[^/]+) {
try_files /fonts/$content/$basename /index.html =404;
}
rewrite management/(.*) /$1 break;
}
@ -256,10 +278,10 @@ server {
}
location /sockjs-node {
proxy_pass http://127.0.0.1:5001;
proxy_pass http://127.0.0.1:5001;
proxy_redirect off;
}
location ~* /s/(.*) {
proxy_pass http://127.0.0.1:5000;
}
@ -283,22 +305,22 @@ server {
proxy_pass http://127.0.0.1:5012;
}
}
location /api/2.0 {
add_header Trailer Server-Timing;
add_header Server-Timing "proxy-request-time;dur=${request_time_ms}";
location ~* /(files|privacyroom) {
proxy_pass http://127.0.0.1:5007;
}
location ~* /(people|group|accounts) {
proxy_pass http://127.0.0.1:5004;
}
location ~* /(authentication|modules|portal|security|settings|smtpsettings|capabilities|thirdparty|encryption|feed|migration) {
proxy_pass http://127.0.0.1:5000;
location ~* portal/(.*)(backup|restore)(.*) {
rewrite (.*)/portal/(.*) $1/backup/$2 break;
proxy_redirect off;
@ -334,7 +356,7 @@ server {
proxy_pass http://127.0.0.1:8080;
}
}
location /oauth2/.well-known/openid-configuration {
rewrite oauth2/(.*) /$1 break;
proxy_pass http://127.0.0.1:8080;
@ -348,15 +370,15 @@ server {
rewrite sso/(.*) /$1 break;
proxy_pass http://127.0.0.1:9834;
}
location ~* /storage/files_template/ {
proxy_pass http://127.0.0.1:5007;
}
location ~* /(ssologin.ashx|login.ashx|storage) {
proxy_pass http://127.0.0.1:5003;
}
location /socket.io/ {
proxy_pass http://127.0.0.1:9899;
proxy_redirect off;
@ -364,28 +386,28 @@ server {
location /backupFileUpload.ashx {
proxy_pass http://127.0.0.1:5012;
}
}
location /migrationFileUpload.ashx {
proxy_pass http://127.0.0.1:5000;
}
}
location /logoUploader.ashx {
proxy_pass http://127.0.0.1:5000;
}
}
location /logo.ashx {
proxy_pass http://127.0.0.1:5000;
}
location /payment.ashx {
proxy_pass http://127.0.0.1:5000;
}
}
location /ThirdPartyApp {
proxy_pass http://127.0.0.1:5007;
}
location ~* /filehandler.ashx {
proxy_pass http://127.0.0.1:5007;
}
@ -393,12 +415,12 @@ server {
location /ChunkedUploader.ashx {
proxy_pass http://127.0.0.1:5007;
}
location /apisystem {
rewrite apisystem/(.*) /$1 break;
proxy_pass http://127.0.0.1:5010;
}
location /apicache {
rewrite apicache/(.*) /$1 break;
proxy_pass http://127.0.0.1:5100;