Nginx: change rules for redirect from confirm pages to login service
This commit is contained in:
parent
821a9f7db4
commit
b23d513627
@ -60,19 +60,19 @@ server_names_hash_bucket_size 128;
|
||||
|
||||
server {
|
||||
listen 8092;
|
||||
|
||||
|
||||
add_header Referrer-Policy "same-origin";
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
add_header X-Frame-Options $header_x_frame_options;
|
||||
add_header Cache-Control $cache_control;
|
||||
add_header Permissions-Policy "autoplay=(), geolocation=(), camera=(), microphone=(), interest-cohort=()";
|
||||
|
||||
root $public_root;
|
||||
root $public_root;
|
||||
etag on;
|
||||
|
||||
large_client_header_buffers 4 16k;
|
||||
client_max_body_size 4G;
|
||||
|
||||
|
||||
gzip on;
|
||||
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;
|
||||
gzip_min_length 1000;
|
||||
@ -98,7 +98,7 @@ server {
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $proxy_connection;
|
||||
proxy_set_header Proxy "";
|
||||
|
||||
|
||||
set $csp "";
|
||||
access_by_lua '
|
||||
local accept_header = ngx.req.get_headers()["Accept"]
|
||||
@ -128,7 +128,7 @@ server {
|
||||
ngx.log(ngx.ERR, "failed to connect to redis: ", err)
|
||||
return
|
||||
end
|
||||
|
||||
|
||||
if redis_pass ~= "" then
|
||||
local res, err = red:auth(redis_pass)
|
||||
if not res then
|
||||
@ -136,9 +136,9 @@ server {
|
||||
return
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
local csp, err = red:hget(key, "data")
|
||||
|
||||
|
||||
if csp == ngx.null or not csp then
|
||||
ngx.log(ngx.INFO, "failed to get redis key: ", err)
|
||||
else
|
||||
@ -146,7 +146,7 @@ server {
|
||||
end
|
||||
end
|
||||
';
|
||||
|
||||
|
||||
location ~* ^/ds-vpath/ {
|
||||
rewrite /ds-vpath/(.*) /$1 break;
|
||||
|
||||
@ -165,13 +165,13 @@ server {
|
||||
proxy_set_header X-Forwarded-Host $proxy_x_forwarded_host/ds-vpath;
|
||||
proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
|
||||
add_header Content-Security-Policy $content_security_policy;
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
location ^~ /dashboards/ {
|
||||
auth_basic "Restricted Access";
|
||||
auth_basic_user_file /etc/nginx/.htpasswd_dashboards;
|
||||
|
||||
|
||||
rewrite ^/dashboards(/.*)$ $1 break;
|
||||
proxy_pass http://127.0.0.1:5601;
|
||||
proxy_redirect off;
|
||||
@ -226,7 +226,7 @@ server {
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
location /doceditor {
|
||||
proxy_pass http://127.0.0.1:5013;
|
||||
proxy_redirect off;
|
||||
@ -246,7 +246,8 @@ server {
|
||||
}
|
||||
|
||||
location /confirm {
|
||||
rewrite confirm/(.*) /login/confirm/$1 break;
|
||||
|
||||
rewrite confirm(?:\.aspx\/?|\/?)(.*) /login/confirm/$1 break;
|
||||
proxy_pass http://$service_login;
|
||||
proxy_redirect off;
|
||||
|
||||
@ -270,7 +271,7 @@ server {
|
||||
location ~* /static/fonts/(?<content>[^/]+) {
|
||||
try_files /fonts/$content/$basename /index.html =404;
|
||||
}
|
||||
|
||||
|
||||
rewrite management/(.*) /$1 break;
|
||||
}
|
||||
|
||||
@ -279,10 +280,10 @@ server {
|
||||
}
|
||||
|
||||
location /sockjs-node {
|
||||
proxy_pass http://127.0.0.1:5001;
|
||||
proxy_pass http://127.0.0.1:5001;
|
||||
proxy_redirect off;
|
||||
}
|
||||
|
||||
|
||||
location ~* /s/(.*) {
|
||||
proxy_pass http://127.0.0.1:5000;
|
||||
}
|
||||
@ -306,19 +307,19 @@ server {
|
||||
proxy_pass http://127.0.0.1:5012;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
location /api/2.0 {
|
||||
location ~* /(files|privacyroom) {
|
||||
proxy_pass http://127.0.0.1:5007;
|
||||
}
|
||||
|
||||
|
||||
location ~* /(people|group|accounts) {
|
||||
proxy_pass http://127.0.0.1:5004;
|
||||
}
|
||||
|
||||
location ~* /(authentication|modules|portal|security|settings|smtpsettings|capabilities|thirdparty|encryption|feed|migration) {
|
||||
proxy_pass http://127.0.0.1:5000;
|
||||
|
||||
|
||||
location ~* portal/(.*)(backup|restore)(.*) {
|
||||
rewrite (.*)/portal/(.*) $1/backup/$2 break;
|
||||
proxy_redirect off;
|
||||
@ -349,15 +350,15 @@ server {
|
||||
rewrite sso/(.*) /$1 break;
|
||||
proxy_pass http://127.0.0.1:9834;
|
||||
}
|
||||
|
||||
|
||||
location ~* /storage/files_template/ {
|
||||
proxy_pass http://127.0.0.1:5007;
|
||||
}
|
||||
|
||||
|
||||
location ~* /(ssologin.ashx|login.ashx|storage) {
|
||||
proxy_pass http://127.0.0.1:5003;
|
||||
}
|
||||
|
||||
|
||||
location /socket.io/ {
|
||||
proxy_pass http://127.0.0.1:9899;
|
||||
proxy_redirect off;
|
||||
@ -365,28 +366,28 @@ server {
|
||||
|
||||
location /backupFileUpload.ashx {
|
||||
proxy_pass http://127.0.0.1:5012;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
location /migrationFileUpload.ashx {
|
||||
proxy_pass http://127.0.0.1:5000;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
location /logoUploader.ashx {
|
||||
proxy_pass http://127.0.0.1:5000;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
location /logo.ashx {
|
||||
proxy_pass http://127.0.0.1:5000;
|
||||
}
|
||||
|
||||
|
||||
location /payment.ashx {
|
||||
proxy_pass http://127.0.0.1:5000;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
location /ThirdPartyApp {
|
||||
proxy_pass http://127.0.0.1:5007;
|
||||
}
|
||||
|
||||
|
||||
location ~* /filehandler.ashx {
|
||||
proxy_pass http://127.0.0.1:5007;
|
||||
}
|
||||
@ -394,12 +395,12 @@ server {
|
||||
location /ChunkedUploader.ashx {
|
||||
proxy_pass http://127.0.0.1:5007;
|
||||
}
|
||||
|
||||
|
||||
location /apisystem {
|
||||
rewrite apisystem/(.*) /$1 break;
|
||||
proxy_pass http://127.0.0.1:5010;
|
||||
}
|
||||
|
||||
|
||||
location /apicache {
|
||||
rewrite apicache/(.*) /$1 break;
|
||||
proxy_pass http://127.0.0.1:5100;
|
||||
|
Loading…
Reference in New Issue
Block a user