server {
root /usr/share/nginx/html;
index index.html index.htm index.nginx-debian.html;
server_name _; # managed by Certbot
client_max_body_size 100M;# kill cache
add_header Last-Modified $date_gmt;
add_header Cache-Control 'private no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
if_modified_since off;
expires off;
etag off;
location /404 {
try_files $uri $uri/ /index.html;
}
location /squiz/amocrm {
proxy_set_header Referer $host;
proxy_set_header Origin $http_origin;
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
proxy_pass http://10.8.0.18:8001/;
}
location /auth {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
return 200;
}
if ($host = sadmin.pena) {
proxy_pass http://10.8.0.6:59301;
}
if ($host != sadmin.pena) {
proxy_pass http://10.8.0.6:59300;
}
proxy_hide_header Access-Control-Allow-Origin;
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
}
location /user/ {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
proxy_pass http://10.8.0.6:59300;
}
location /swagger/ {
proxy_pass http://10.8.0.6:59300/;
}
location /heruvym/ {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,sess,response-type always;
add_header Referrer-Policy unsafe-url always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
proxy_set_header Referer $host;
proxy_set_header Origin $http_referer;
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
proxy_pass https://10.8.0.6:1488/;
}
location /strator/ {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
proxy_pass http://10.8.0.6:59303/;
}
location /customer/ {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
proxy_pass http://10.8.0.6:8065/;
}
location /codeword/ {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
proxy_pass http://10.8.0.6:59664/;
}
location /treasurer/ {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
proxy_pass http://10.8.0.6:8085/;
}
location /answer/ {
proxy_set_header Referer $host;
proxy_set_header Origin $http_origin;
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,x-sessionkey,device,browser,os,devicetype,response-type always;
add_header Access-Control-Expose-Headers x-sessionkey,devicetype always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,x-sessionkey,device,browser,os,devicetype,response-type always;
add_header Access-Control-Expose-Headers x-sessionkey,devicetype always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
proxy_pass http://10.6.0.23:1490/;
}
location /squiz/ {
proxy_set_header Referer $host;
proxy_set_header Origin $http_origin;
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,device,browser,os,devicetype,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
proxy_pass http://10.6.0.23:1488/;
}
location /squizstorer/ {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
proxy_set_header Referer $host;
proxy_set_header Origin $http_origin;
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
proxy_pass http://10.6.0.23:1489/;
}
location /price/ {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
proxy_pass http://10.8.0.6:8001/;
}
location /feedback/ {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,response-type always;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,response-type always;
proxy_set_header Host $host;
proxy_pass http://10.8.0.6:8006/;
}
location /verification1 {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,response-type always;
add_header Access-Control-Allow-Methods GET;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,response-type always;
add_header Access-Control-Allow-Methods GET;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
proxy_pass https://storage.yandexcloud.net;
}
location /squizimages {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,response-type always;
add_header Access-Control-Allow-Methods GET;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,response-type always;
add_header Access-Control-Allow-Methods GET;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
proxy_pass https://storage.yandexcloud.net;
}
location /verification/ {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
return 200;
}
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization,response-type always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
proxy_set_header Referer $host;
proxy_set_header Origin $http_origin;
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
proxy_pass http://10.8.0.6:7035/;
}
location / {
if ($host = shub.pena.digital) {
proxy_pass http://hub;
}
if ($host = sdocs.pena.digital) {
proxy_pass http://docs;
}
if ($host = services.pena.digital) {
proxy_pass http://services;
}
if ($host = slinks.pena.digital) {
proxy_pass http://dwarfener;
}
if ($host = smetrica.pena.digital) {
proxy_pass http://metrica;
}
if ($host = s.hbpn.link) {
add_header Access-Control-Allow-Origin $http_origin always;
proxy_pass http://respondent;
}
if ($host = soauth.pena.digital) {
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Credentials true always;
add_header Access-Control-Allow-Headers content-type,authorization always;
add_header Access-Control-Allow-Methods OPTIONS,GET,POST,PATCH,PUT,DELETE;
proxy_pass http://10.8.0.6:59344;
}
if ($host = newerait.pena.digital) {
proxy_pass http://squizlanding;
}
if ($host = squiz.pena.digital) {
proxy_pass http://squiz;
}
}
location /robots.txt {
if ($host = services,pena.digital) {
return 301 https://pena.digital/robots.txt;
}
try_files $uri $uri/ /index.html;
}
listen [::]:443 ssl ipv6only=on;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/nginx/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/nginx/privkey.pem; # managed by Certbot
}
server {
listen 80 ;
listen [::]:80 ;
server_name _;
client_max_body_size 100M;
location /robots.txt {
if ($host = services,pena.digital) {
return 301 https://pena.digital/robots.txt;
}
try_files $uri $uri/ /index.html;
}
return 301 https://$host$request_uri;
}