mirror of
https://github.com/YunoHost-Apps/duniter_ynh.git
synced 2024-09-03 18:26:35 +02:00
e862b9e7ed
\# Protect webadmin Modify 'main' permission group to protect the webadmin to the admin Create 'apis' permission publicly accessible to make BMA and WS2P APIs accessible to whole Internet and set --auth_header=false \# Nginx misconfiguration BMA is exposed on port 10901 The webadmin on port 9220 this explains why BMA was not accessible because it was redirected to the webadmin Was probably done to solve following problem with the CI \# Move BMA to /bma and webadmin to root path '/' Move the WebAdmin from '/webadmin' to '/' root path Move BMA from '/' to '/bma/' path In order to have passing access test on the root path with the CI BMA returns a 502 HTTP error since no synchronization have been performed therefore there is nothing to be displayed Cesium and Silkaj support connection to BMA endpoint with a path in \## TODOs in Duniter v1 There is no synchronization possible to duniter_ynh BMA api, since Duniter doesn’t support specifying a path to 'sync' command Can’t define a custom BMAS endpoint with /bma path in The endpoint doesn’t stay, it seems its overwritten by the fact that when specifying port 443, BMAS endpoint get created and overwrites this one ynh_exec_as duniter duniter config --addep "BMAS $domain 443 /bma" This is not as important as having a correct WS2P endpoint defined for inter-node connection Nice to have for BMA endpoint discovery \# Clean Nginx config Define once by moving WS, and SSOwat panel support to the common part Remove /modules path, not really used anymore Replace 127.0.0.1 by localhost
35 lines
904 B
Nginx Configuration File
35 lines
904 B
Nginx Configuration File
location / {
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-NginX-Proxy true;
|
|
|
|
proxy_pass http://localhost:9220;
|
|
proxy_redirect off;
|
|
|
|
# Socket.io support
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
proxy_read_timeout 86400s;
|
|
proxy_send_timeout 86400s;
|
|
|
|
# Include SSOWAT user panel
|
|
access_by_lua_file /usr/share/ssowat/access.lua;
|
|
|
|
location ~ \.(js|css|woff|woff2|ttf|png) {
|
|
proxy_pass http://localhost:9220;
|
|
}
|
|
|
|
location ~ /webmin {
|
|
proxy_pass http://localhost:9220$uri;
|
|
}
|
|
|
|
location ~ ^/bma(.*)$ {
|
|
proxy_pass http://localhost:__PORT__$1$is_args$args;
|
|
}
|
|
|
|
location /ws2p {
|
|
proxy_pass http://localhost:20901;
|
|
}
|
|
}
|