111 lines
3.3 KiB
Nginx Configuration File
111 lines
3.3 KiB
Nginx Configuration File
#user nobody;
|
|
worker_processes 1;
|
|
#error_log logs/error.log;
|
|
#error_log logs/error.log notice;
|
|
#error_log logs/error.log info;
|
|
#pid logs/nginx.pid;
|
|
|
|
events {
|
|
worker_connections 1024;
|
|
}
|
|
|
|
http {
|
|
# Include MIME types
|
|
include /etc/nginx/mime.types;
|
|
default_type application/octet-stream;
|
|
|
|
# Rate limiting with connection limits for noVNC
|
|
limit_req_zone $binary_remote_addr zone=one:10m rate=30r/m;
|
|
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
|
|
|
|
# Upstream for miniRT with connection limiting
|
|
upstream minirt_backend {
|
|
server minirt:6080 max_conns=2; # Limit to 2 concurrent connections
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
listen [::]:80;
|
|
|
|
charset utf-8;
|
|
server_name victorvobis.org www.victorvobis.org;
|
|
root /var/www/html;
|
|
|
|
limit_conn conn_limit_per_ip 2;
|
|
|
|
location / {
|
|
index index.html index.htm;
|
|
}
|
|
|
|
location /minishell/vnc {
|
|
proxy_pass http://minishell:8006/;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
location /minirt/password {
|
|
add_header Content-Type application/json;
|
|
try_files /json/password.json =404;
|
|
}
|
|
|
|
location /minirt/vnc {
|
|
index vnc.html;
|
|
try_files $uri $uri/ /vnc.html;
|
|
|
|
# Ensure proper MIME types for JavaScript modules
|
|
location ~* \.js$ {
|
|
add_header Content-Type "application/javascript" always;
|
|
expires 1h;
|
|
}
|
|
location ~* \.css$ {
|
|
add_header Content-Type "text/css" always;
|
|
expires 1h;
|
|
}
|
|
location ~* \.(png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
|
|
expires 1d;
|
|
add_header Cache-Control "public, immutable";
|
|
}
|
|
}
|
|
|
|
location /vnc {
|
|
alias /opt/noVNC/;
|
|
index vnc.html;
|
|
try_files $uri $uri/ /vnc.html;
|
|
|
|
# Ensure proper MIME types for JavaScript modules
|
|
location ~* \.js$ {
|
|
add_header Content-Type "application/javascript" always;
|
|
expires 1h;
|
|
}
|
|
location ~* \.css$ {
|
|
add_header Content-Type "text/css" always;
|
|
expires 1h;
|
|
}
|
|
location ~* \.(png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
|
|
expires 1d;
|
|
add_header Cache-Control "public, immutable";
|
|
}
|
|
}
|
|
|
|
# Proxy ONLY WebSocket connections to the minirt container
|
|
location /websockify {
|
|
proxy_pass http://minirt_backend;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_read_timeout 3600s;
|
|
proxy_send_timeout 3600s;
|
|
proxy_connect_timeout 60s;
|
|
proxy_buffering off;
|
|
}
|
|
|
|
}
|
|
}
|