-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
91 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,91 @@ | ||
| events { } | ||
|
|
||
| http { | ||
| root /usr/share/nginx/html/frontend/dist; | ||
| include /etc/nginx/mime.types; | ||
|
|
||
| # HTTP 요청을 HTTPS로 리디렉션 | ||
| server { | ||
| listen 80; | ||
| server_name api.dailyroad.site dailyroad.site; | ||
|
|
||
| location / { | ||
| return 301 https://$host$request_uri; | ||
| } | ||
| } | ||
|
|
||
| server { | ||
| listen 443 ssl; | ||
| server_name dailyroad.site www.dailyroad.site; | ||
|
|
||
| ssl_certificate /etc/letsencrypt/live/dailyroad.site/fullchain.pem; | ||
| ssl_certificate_key /etc/letsencrypt/live/dailyroad.site/privkey.pem; | ||
|
|
||
| ssl_protocols TLSv1.2 TLSv1.3; | ||
| ssl_ciphers HIGH:!aNULL:!MD5; | ||
|
|
||
| location / { | ||
| try_files $uri $uri/ /index.html =404; | ||
| } | ||
|
|
||
| # NestJS API 요청 처리 (추후논의) | ||
| location /api/ { | ||
| rewrite ^/api/(.*) /$1 break; | ||
| proxy_pass http://localhost:8080; | ||
|
|
||
| proxy_set_header Host $host; | ||
| proxy_set_header X-Real-IP $remote_addr; | ||
| proxy_set_header X-Forwarded-Prefix /api; | ||
| proxy_set_header X-Forwarded-Host $http_x_forwarded_host; | ||
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
| proxy_set_header X-NginX-Proxy true; | ||
| proxy_set_header X-Forwarded-Proto $scheme; | ||
|
|
||
| proxy_pass_request_body on; | ||
| proxy_method $request_method; | ||
| } | ||
| } | ||
|
|
||
| # API 서브도메인 | ||
| server { | ||
| listen 443 ssl; | ||
| server_name api.dailyroad.site; | ||
|
|
||
| ssl_certificate /etc/letsencrypt/live/dailyroad.site/fullchain.pem; | ||
| ssl_certificate_key /etc/letsencrypt/live/dailyroad.site/privkey.pem; | ||
|
|
||
| ssl_protocols TLSv1.2 TLSv1.3; | ||
| ssl_ciphers HIGH:!aNULL:!MD5; | ||
|
|
||
| # CORS | ||
| location / { | ||
| set $cors_origin ""; | ||
| if ($http_origin ~* "^https?://(localhost:5173|dailyroad\.site|api\.dailyroad\.site)$") { | ||
| set $cors_origin $http_origin; | ||
| } | ||
|
|
||
| add_header 'Access-Control-Allow-Origin' $cors_origin always; | ||
| add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always; | ||
| add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization' always; | ||
| add_header 'Access-Control-Allow-Credentials' 'true' always; | ||
|
|
||
|
|
||
| if ($request_method = 'OPTIONS') { | ||
| add_header 'Access-Control-Allow-Origin' $cors_origin always; | ||
| add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always; | ||
| add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization' always; | ||
| add_header 'Access-Control-Allow-Credentials' 'true' always; | ||
| add_header 'Content-Length' 0 always; | ||
| return 204; | ||
| } | ||
|
|
||
| # NestJS 프록시 | ||
| proxy_pass http://localhost:8080; | ||
|
|
||
| proxy_set_header Host $host; | ||
| proxy_set_header X-Real-IP $remote_addr; | ||
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
| proxy_set_header X-Forwarded-Proto $scheme; | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters