From a29f2289790062a685f2f35dfbaf2d564d64304d Mon Sep 17 00:00:00 2001 From: Emerson Rocha Luiz Date: Sat, 1 Jun 2019 00:58:27 -0300 Subject: [PATCH] =?UTF-8?q?aguia-pescadora-alpha=20(#17),=20aguia-pescador?= =?UTF-8?q?a-bravo=20(#16),=20https-para-portas-localhost=20(#57):=20imple?= =?UTF-8?q?mentado=20http(s)=20para=20porta=20em=20AP=20Alpha;=20mensagem?= =?UTF-8?q?=20de=20502=20Bad=20Gateway=20substitu=C3=ADda=20por=20501=20No?= =?UTF-8?q?t=20Implemented?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- logbook/aguia-pescadora-alpha.sh | 22 ++ .../PORTAS-INTERNAS.apa.etica.ai.conf | 201 ++++++++++++++++++ .../snippets/PORTAS-INTERNAS-location.conf | 5 + .../snippets/PORTAS-INTERNAS-server.conf | 24 +++ .../PORTAS-INTERNAS.apb.etica.ai.conf | 50 ++++- .../snippets/PORTAS-INTERNAS-location.conf | 5 + .../snippets/PORTAS-INTERNAS-server.conf | 24 +++ 7 files changed, 321 insertions(+), 10 deletions(-) create mode 100644 logbook/aguia-pescadora-alpha/etc/nginx/sites-available/PORTAS-INTERNAS.apa.etica.ai.conf create mode 100644 logbook/aguia-pescadora-alpha/etc/nginx/snippets/PORTAS-INTERNAS-location.conf create mode 100644 logbook/aguia-pescadora-alpha/etc/nginx/snippets/PORTAS-INTERNAS-server.conf create mode 100644 logbook/aguia-pescadora-bravo/etc/nginx/snippets/PORTAS-INTERNAS-location.conf create mode 100644 logbook/aguia-pescadora-bravo/etc/nginx/snippets/PORTAS-INTERNAS-server.conf diff --git a/logbook/aguia-pescadora-alpha.sh b/logbook/aguia-pescadora-alpha.sh index 9595623..f21e6a1 100644 --- a/logbook/aguia-pescadora-alpha.sh +++ b/logbook/aguia-pescadora-alpha.sh @@ -454,6 +454,28 @@ sudo certbot --nginx -d aguia-pescadora-alpha.etica.ai -d apa.etica.ai ### Userdir # Userdir não implementado em Alpha +### Portas internas ____________________________________________________________ +# Subdomínios padronizados com HTTP/HTTPS para portas comuns +# ISSUE: https://github.com/fititnt/cplp-aiops/issues/57 + +vim /etc/nginx/sites-available/PORTAS-INTERNAS.apa.etica.ai.conf +# Adicione as configurações desejadas neste servidor no arquivo acima... +sudo ln -s /etc/nginx/sites-available/PORTAS-INTERNAS.apa.etica.ai.conf /etc/nginx/sites-enabled/ +sudo nginx -t +sudo systemctl reload nginx + +sudo certbot --nginx \ + -d 2000.apa.etica.ai \ + -d 3000.apa.etica.ai \ + -d 4000.apa.etica.ai \ + -d 5000.apa.etica.ai \ + -d 6000.apa.etica.ai \ + -d 7000.apa.etica.ai \ + -d 8000.apa.etica.ai \ + -d 8080.apa.etica.ai \ + -d 8888.apa.etica.ai \ + -d 9000.apa.etica.ai + # PROTIP: acompanhe os arquivos a seguir para debugar # tail -f /var/log/nginx/access.log diff --git a/logbook/aguia-pescadora-alpha/etc/nginx/sites-available/PORTAS-INTERNAS.apa.etica.ai.conf b/logbook/aguia-pescadora-alpha/etc/nginx/sites-available/PORTAS-INTERNAS.apa.etica.ai.conf new file mode 100644 index 0000000..1e2c2be --- /dev/null +++ b/logbook/aguia-pescadora-alpha/etc/nginx/sites-available/PORTAS-INTERNAS.apa.etica.ai.conf @@ -0,0 +1,201 @@ +server { + listen 80; + listen [::]:80; + server_name 2000.apa.etica.ai 2000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + + location / { + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; + proxy_pass http://127.0.0.1:2000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 3000.apa.etica.ai 3000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + + location / { + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; + proxy_pass http://127.0.0.1:3000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 4000.apa.etica.ai 4000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + + location / { + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; + proxy_pass http://127.0.0.1:4000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 5000.apa.etica.ai 5000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + + location / { + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; + proxy_pass http://127.0.0.1:5000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 6000.apa.etica.ai 6000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + + location / { + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; + proxy_pass http://127.0.0.1:6000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 7000.apa.etica.ai 7000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + + location / { + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; + proxy_pass http://127.0.0.1:7000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 8000.apa.etica.ai 8000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + + location / { + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; + proxy_pass http://127.0.0.1:8000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 8080.apa.etica.ai 8080.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + + location / { + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; + proxy_pass http://127.0.0.1:8080; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 8888.apa.etica.ai 8888.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + + location / { + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; + proxy_pass http://127.0.0.1:8888; + } + + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} +server { + listen 80; + listen [::]:80; + server_name 9000.apa.etica.ai 9000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + + location / { + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; + proxy_pass http://127.0.0.1:9000; + } + + listen [::]:443 ssl; # managed by Certbot + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/2000.apa.etica.ai/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/2000.apa.etica.ai/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} \ No newline at end of file diff --git a/logbook/aguia-pescadora-alpha/etc/nginx/snippets/PORTAS-INTERNAS-location.conf b/logbook/aguia-pescadora-alpha/etc/nginx/snippets/PORTAS-INTERNAS-location.conf new file mode 100644 index 0000000..1f76b78 --- /dev/null +++ b/logbook/aguia-pescadora-alpha/etc/nginx/snippets/PORTAS-INTERNAS-location.conf @@ -0,0 +1,5 @@ +# FILE: /etc/nginx/snippets/PORTAS-INTERNAS-server.conf +# DESCRIPTION: Arquivo importado no escopo de location / de +# /etc/nginx/sites-available/PORTAS-INTERNAS.apa.etica.ai.conf + +proxy_ignore_client_abort on; \ No newline at end of file diff --git a/logbook/aguia-pescadora-alpha/etc/nginx/snippets/PORTAS-INTERNAS-server.conf b/logbook/aguia-pescadora-alpha/etc/nginx/snippets/PORTAS-INTERNAS-server.conf new file mode 100644 index 0000000..830537a --- /dev/null +++ b/logbook/aguia-pescadora-alpha/etc/nginx/snippets/PORTAS-INTERNAS-server.conf @@ -0,0 +1,24 @@ +# FILE: /etc/nginx/snippets/PORTAS-INTERNAS-server.conf +# DESCRIPTION: Arquivo importado no escopo de server de +# /etc/nginx/sites-available/PORTAS-INTERNAS.apa.etica.ai.conf + +location = /favicon.ico { + access_log off; + log_not_found off; + return 204; + #try_files $uri = 204; +} + +location = /robots.txt { + access_log off; + log_not_found off; + #add_header Content-Type 'text/plain charset=UTF-8' always; + return 200 "#robots.txt padrao (sobrescreve a aplicacao)\nUser-agent: *\nDisallow: /\n"; +} + +error_page 502 =501 /502.html; +location /502.html { + #more_set_headers 'Content-Type: application/json charset=UTF-8'; + add_header 'Content-Type' 'application/json charset=UTF-8' always; + return 501 '{"error": {"status_code": 501,"status": "Não Implementado"}, "Server": "aguia-pescadora-alpha.etica.ai"}'; +} \ No newline at end of file diff --git a/logbook/aguia-pescadora-bravo/etc/nginx/sites-available/PORTAS-INTERNAS.apb.etica.ai.conf b/logbook/aguia-pescadora-bravo/etc/nginx/sites-available/PORTAS-INTERNAS.apb.etica.ai.conf index 052a41d..aed0279 100644 --- a/logbook/aguia-pescadora-bravo/etc/nginx/sites-available/PORTAS-INTERNAS.apb.etica.ai.conf +++ b/logbook/aguia-pescadora-bravo/etc/nginx/sites-available/PORTAS-INTERNAS.apb.etica.ai.conf @@ -2,8 +2,11 @@ server { listen 80; listen [::]:80; server_name 2000.apb.etica.ai 2000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + location / { - proxy_ignore_client_abort on; + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; proxy_pass http://127.0.0.1:2000; } @@ -19,8 +22,11 @@ server { listen 80; listen [::]:80; server_name 3000.apb.etica.ai 3000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + location / { - proxy_ignore_client_abort on; + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; proxy_pass http://127.0.0.1:3000; } @@ -36,8 +42,11 @@ server { listen 80; listen [::]:80; server_name 4000.apb.etica.ai 4000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + location / { - proxy_ignore_client_abort on; + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; proxy_pass http://127.0.0.1:4000; } @@ -53,8 +62,11 @@ server { listen 80; listen [::]:80; server_name 5000.apb.etica.ai 5000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + location / { - proxy_ignore_client_abort on; + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; proxy_pass http://127.0.0.1:5000; } @@ -70,8 +82,11 @@ server { listen 80; listen [::]:80; server_name 6000.apb.etica.ai 6000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + location / { - proxy_ignore_client_abort on; + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; proxy_pass http://127.0.0.1:6000; } @@ -87,8 +102,11 @@ server { listen 80; listen [::]:80; server_name 7000.apb.etica.ai 7000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + location / { - proxy_ignore_client_abort on; + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; proxy_pass http://127.0.0.1:7000; } @@ -104,8 +122,11 @@ server { listen 80; listen [::]:80; server_name 8000.apb.etica.ai 8000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + location / { - proxy_ignore_client_abort on; + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; proxy_pass http://127.0.0.1:8000; } @@ -121,8 +142,11 @@ server { listen 80; listen [::]:80; server_name 8080.apb.etica.ai 8080.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + location / { - proxy_ignore_client_abort on; + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; proxy_pass http://127.0.0.1:8080; } @@ -138,8 +162,11 @@ server { listen 80; listen [::]:80; server_name 8888.apb.etica.ai 8888.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + location / { - proxy_ignore_client_abort on; + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; proxy_pass http://127.0.0.1:8888; } @@ -155,8 +182,11 @@ server { listen 80; listen [::]:80; server_name 9000.apb.etica.ai 9000.lb-ap.etica.ai; + + include /etc/nginx/snippets/PORTAS-INTERNAS-server.conf; + location / { - proxy_ignore_client_abort on; + include /etc/nginx/snippets/PORTAS-INTERNAS-location.conf; proxy_pass http://127.0.0.1:9000; } diff --git a/logbook/aguia-pescadora-bravo/etc/nginx/snippets/PORTAS-INTERNAS-location.conf b/logbook/aguia-pescadora-bravo/etc/nginx/snippets/PORTAS-INTERNAS-location.conf new file mode 100644 index 0000000..811d6e8 --- /dev/null +++ b/logbook/aguia-pescadora-bravo/etc/nginx/snippets/PORTAS-INTERNAS-location.conf @@ -0,0 +1,5 @@ +# FILE: /etc/nginx/snippets/PORTAS-INTERNAS-server.conf +# DESCRIPTION: Arquivo importado no escopo de location / de +# /etc/nginx/sites-available/PORTAS-INTERNAS.apb.etica.ai.conf + +proxy_ignore_client_abort on; \ No newline at end of file diff --git a/logbook/aguia-pescadora-bravo/etc/nginx/snippets/PORTAS-INTERNAS-server.conf b/logbook/aguia-pescadora-bravo/etc/nginx/snippets/PORTAS-INTERNAS-server.conf new file mode 100644 index 0000000..b67dfa8 --- /dev/null +++ b/logbook/aguia-pescadora-bravo/etc/nginx/snippets/PORTAS-INTERNAS-server.conf @@ -0,0 +1,24 @@ +# FILE: /etc/nginx/snippets/PORTAS-INTERNAS-server.conf +# DESCRIPTION: Arquivo importado no escopo de server de +# /etc/nginx/sites-available/PORTAS-INTERNAS.apb.etica.ai.conf + +location = /favicon.ico { + access_log off; + log_not_found off; + return 204; + #try_files $uri = 204; +} + +location = /robots.txt { + access_log off; + log_not_found off; + #add_header Content-Type 'text/plain charset=UTF-8' always; + return 200 "#robots.txt padrao (sobrescreve a aplicacao)\nUser-agent: *\nDisallow: /\n"; +} + +error_page 502 =501 /502.html; +location /502.html { + #more_set_headers 'Content-Type: application/json charset=UTF-8'; + add_header 'Content-Type' 'application/json charset=UTF-8' always; + return 501 '{"error": {"status_code": 501,"status": "Não Implementado"}, "Server": "aguia-pescadora-bravo.etica.ai"}'; +} \ No newline at end of file