server { resolver 10.89.1.1 valid=10s; root /usr/share/nginx/html; access_log syslog:server=10.8.0.7:514,tag=nginx_access main; index index.html index.htm index.nginx-debian.html; server_name _; client_max_body_size 100M; add_header Last-Modified $date_gmt; add_header Cache-Control 'private no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; if_modified_since off; expires off; etag off; location /admin-auth-service/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } if ($args != "") { return 404; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.4:59301/; } location /auth { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } if ($args != "") { return 404; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.6:59300; } location /user { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } if ($args != "") { return 404; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.6:59300; } location /heruvym/v1.0.0/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_set_header Connection ''; proxy_http_version 1.1; chunked_transfer_encoding off; proxy_buffering off; proxy_cache off; proxy_pass http://10.7.0.6:1487/; } location /strator/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.6:59303/; } location /customer/v1.0.1/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.6:8067/; } location /customer/v1.0.0/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.6:8067/; } location /codeword/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.6:19100/; } location /codeword/v1.0.0/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.6:19100/; } location /treasurer/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.6:8085/; } location /price/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.6:8001/; } location /feedback/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.6:8006/; } location /requestquiz/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.6:8007/; } location /verification/v1.0.0/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_set_header Connection ''; proxy_http_version 1.1; chunked_transfer_encoding off; proxy_buffering off; proxy_cache off; proxy_pass http://10.7.0.6:7036/; } location /pena-social-auth-service/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.4:59344/; } location /cbrfworker-service-staging/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.6:3131/; } location /squiz-amocrm/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.5:1492/; } location /squiz/amocrm/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.10:1492/amocrm/; } location /squiz/amocrm/oauth/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.10:1492/webhook/create/; } location /squiz/bitrix/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.8.0.18:1492/bitrix/; } location /squiz/bitrix/oauth/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.8.0.18:1492/webhook/create/; } location /answer/v1.0.0/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,x-sessionkey,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,x-sessionkey,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_set_header Connection ''; proxy_http_version 1.1; chunked_transfer_encoding off; proxy_buffering off; proxy_cache off; proxy_pass http://10.7.0.10:1491/; } location /squiz/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_pass http://10.7.0.10:1488/; } location /squizstorer/v1.0.0/ { if ($request_method = OPTIONS) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; return 200; } add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization,response-type always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_set_header Referer $host; proxy_set_header Origin $http_origin; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Client-Port $remote_port; proxy_set_header Origin $host; proxy_set_header Connection ''; proxy_http_version 1.1; chunked_transfer_encoding off; proxy_buffering off; proxy_cache off; proxy_pass http://10.7.0.10:1589/; } location / { add_header Access-Control-Allow-Origin $http_origin always; if ($host = squiz.pena.digital) { set $backend "squiz"; proxy_pass http://$backend; } if ($host = s.hbpn.link) { set $backend "respondent"; proxy_pass http://$backend; } if ($host = sdocs.pena.digital) { set $backend "docs"; proxy_pass http://$backend; } if ($host = slinks.pena.digital) { set $backend "dwarfener"; proxy_pass http://$backend; } if ($host = newerait.pena.digital) { set $backend "squizlanding"; proxy_pass http://$backend; } if ($host = smetrica.pena.digital) { set $backend "metrica"; proxy_pass http://$backend; } if ($host = services.pena.digital) { set $backend "services"; proxy_pass http://$backend; } if ($host = shub.pena.digital) { set $backend "hub"; proxy_pass http://$backend; } if ($host = nastya.pena) { proxy_pass http://10.7.0.8:3000; } if ($host = soauth.pena.digital) { add_header Access-Control-Allow-Origin $http_origin always; add_header Access-Control-Allow-Credentials true always; add_header Access-Control-Allow-Headers content-type,authorization always; add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE; proxy_pass http://10.7.0.6:59344; } } location /404 { try_files $uri $uri/ /index.html; } location /robots.txt { if ($host = services.pena.digital) { return 301 https://pena.digital/robots.txt; } try_files $uri $uri/ /index.html; } listen [::]:443 ssl ipv6only=on; listen 443 ssl; # managed by Certbot ssl_certificate /etc/nginx/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/nginx/privkey.pem; # managed by Certbot } server { listen 80; listen [::]:80; server_name _; location /robots.txt { return 301 https://pena.digital/robots.txt; } return 301 https://$host$request_uri; } server { listen 9123; server_name stub; location /status { stub_status; } }