From 47fb14fa71a376262e78915d9b64e37e4653038c Mon Sep 17 00:00:00 2001 From: "Theunis J. Botha" Date: Tue, 8 Nov 2016 12:34:17 +0100 Subject: [PATCH] server configuration updated --- 3d-editor.conf | 31 ++++++----------- 3d-racing.conf | 26 ++------------ README.md | 24 +++++++++++++ api-runtime.conf | 69 +++++++++++++++++++++++++++++++++++++ api.conf | 48 ++++++++++---------------- api16.conf | 26 ++++++++++++++ app.conf | 20 +++++++++++ config.js | 86 ++++++++++++++++----------------------------- gate.conf | 25 ++++++++++++++ package.json | 12 +++++++ port.conf | 25 ++++++++++++++ secure.js | 90 ++++++++++++++++++++++++++++++++++++++++++++++-- tools.conf | 32 ++++++----------- 13 files changed, 358 insertions(+), 156 deletions(-) create mode 100644 README.md create mode 100644 api-runtime.conf create mode 100644 api16.conf create mode 100644 app.conf create mode 100644 gate.conf create mode 100644 package.json create mode 100644 port.conf diff --git a/3d-editor.conf b/3d-editor.conf index dd15c76..a566053 100644 --- a/3d-editor.conf +++ b/3d-editor.conf @@ -1,30 +1,19 @@ +#origin git@github.com:ToywheelDev/3d_editor.git server { listen 80; - listen 443 ssl; - + server_name 3d-editor.gamewheel.local 3d-editor-debug.gamewheel.local; root /srv/gamewheel.local/3d-editor; - index index.html; - access_log /var/log/nginx/3d-editor.gamewheel.local.access.log; - error_log /var/log/nginx/3d-editor.gamewheel.local.error.log; - - ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; - ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; - ssl_session_timeout 5m; - ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; - ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES"; - ssl_prefer_server_ciphers on; - -# location ~ \.php$ { -# fastcgi_pass 127.0.0.1:9001; -# fastcgi_index index.php; -# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; -# fastcgi_param SCRIPT_URL $request_uri; -# fastcgi_param SERVER_NAME $http_host; -# include fastcgi_params; -# } + location ~ \.php$ { + fastcgi_pass 127.0.0.1:9001; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param SCRIPT_URL $request_uri; + fastcgi_param SERVER_NAME $http_host; + include fastcgi_params; + } location / { add_header Access-Control-Allow-Origin $http_origin; diff --git a/3d-racing.conf b/3d-racing.conf index ec5b7c3..4c6887c 100644 --- a/3d-racing.conf +++ b/3d-racing.conf @@ -1,33 +1,13 @@ +#origin https://github.com/ToywheelDev/3d-racing.git server { listen 80; - listen 443 ssl; - + server_name 3d-racing.gamewheel.local 3d-racing-debug.gamewheel.local; root /srv/gamewheel.local/3d-racing; - index index.html; - - access_log /var/log/nginx/3d-racing.gamewheel.local.access.log; - error_log /var/log/nginx/3d-racing.gamewheel.local.error.log; - - ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; - ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; - ssl_session_timeout 5m; - ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; - ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES"; - ssl_prefer_server_ciphers on; - -# location ~ \.php$ { -# fastcgi_pass 127.0.0.1:9001; -# fastcgi_index index.php; -# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; -# fastcgi_param SCRIPT_URL $request_uri; -# fastcgi_param SERVER_NAME $http_host; -# include fastcgi_params; -# } location / { - add_header Access-Control-Allow-Origin $http_origin; + add_header Access-Control-Allow-Origin $http_origin; autoindex on; try_files $uri $uri/ @node; } diff --git a/README.md b/README.md new file mode 100644 index 0000000..20303fc --- /dev/null +++ b/README.md @@ -0,0 +1,24 @@ +#Configuration Package for Gamewheel +This is a central repository which aims to be a replacement +for all configuration packages. + +Every configuration lies in a different branch. + +Each branch corresponds to a server configuration, ex. tj-dev is for +TJ's dev machine. + +gw-3d should be deployed on the gw-3d server + +if we have a gw-3d-beta server, this branch would be called gw-3d-beta + +and so on. + +Secure (Sensitive configuration options) go into secure.js. + +public configuration options go into config.js. + +config.js is linked to from every other package via symbolic link. + +When config.js is required server side, it is automatically merged +with secure.js in order to produce a global server side configuration, +whilst only exposing config.js public to client side. \ No newline at end of file diff --git a/api-runtime.conf b/api-runtime.conf new file mode 100644 index 0000000..ced8b3d --- /dev/null +++ b/api-runtime.conf @@ -0,0 +1,69 @@ +#origin git@github.com:ToywheelDev/GW_Runtime.git +#origin git@github.com:ToywheelDev/gw-statistic.git +server { + listen 80; + + server_name api-runtime.gamewheel.local; + + #root /usr/share/gamewheel/GW_Runtime - port 3108 (old api runtime) + #root /usr/share/gamewheel/gw-statistic - port 3109 (new api runtime) + + location /lead/trigger/ { + auth_basic "Restricted"; #For Basic Auth + auth_basic_user_file /etc/nginx/.htpasswd; #For Basic Auth + proxy_pass_request_headers on; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-NginX-Proxy true; + proxy_pass http://127.0.0.1:3109; + proxy_ssl_session_reuse off; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_read_timeout 99999s; + proxy_connect_timeout 99999s; + proxy_send_timeout 99999s; + } + + location /form { + proxy_pass_request_headers on; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-NginX-Proxy true; + proxy_pass http://127.0.0.1:3108; + proxy_ssl_session_reuse off; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_read_timeout 99999s; + proxy_connect_timeout 99999s; + proxy_send_timeout 99999s; + } + + location /lead { + proxy_pass_request_headers on; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-NginX-Proxy true; + proxy_pass http://127.0.0.1:3108; + proxy_ssl_session_reuse off; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_read_timeout 99999s; + proxy_connect_timeout 99999s; + proxy_send_timeout 99999s; + } + + location / { + proxy_pass_request_headers on; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-NginX-Proxy true; + proxy_pass http://127.0.0.1:3109; + proxy_ssl_session_reuse off; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_read_timeout 99999s; + proxy_connect_timeout 99999s; + proxy_send_timeout 99999s; + } +} + diff --git a/api.conf b/api.conf index 039c488..e83e15a 100644 --- a/api.conf +++ b/api.conf @@ -1,37 +1,25 @@ +#origin git@github.com:ToywheelDev/gamewheel-api.git server { listen 80; - listen 443 ssl; - # Replace here with proper server FQDN + server_name api.gamewheel.local; - # Replace here with proper logs paths - access_log /var/log/nginx/api.gamewheel.local.access.log; - error_log /var/log/nginx/api.gamewheel.local.error.log; + root /usr/share/gamewheel/api; - # Replace here with proper certificates paths - ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; - ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; + location / { + add_header Access-Control-Allow-Origin $http_origin; + autoindex on; + try_files $uri $uri/ @node; + } - ssl_session_timeout 5m; - ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; - ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES"; - ssl_prefer_server_ciphers on; - - # Replace here with proper allowed origins - # add_header Access-Control-Allow-Origin "http://app.gamewheel.local"; - # add_header Access-Control-Allow-Credentials true; - add_header Access-Control-Allow-Methods 'HEAD, GET, POST, PUT, DELETE, OPTIONS'; - add_header Access-Control-Allow-Headers 'origin, x-requested-with, content-type, accept, authorization, Access-Control-Request-Headers, Access-Control-Request-Method, x-gw-api-rt-key, x-gw-api-rt-token'; - - location / { - proxy_pass_request_headers on; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-NginX-Proxy true; - # Replace here with proper host/port - proxy_pass http://127.0.0.1:3104; - proxy_ssl_session_reuse off; - proxy_set_header Host $http_host; - proxy_redirect off; - } + location @node { + proxy_pass_request_headers on; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-NginX-Proxy true; + proxy_pass http://127.0.0.1:3107; + proxy_ssl_session_reuse off; + proxy_set_header Host $http_host; + proxy_redirect off; + } } diff --git a/api16.conf b/api16.conf new file mode 100644 index 0000000..99cec80 --- /dev/null +++ b/api16.conf @@ -0,0 +1,26 @@ +#origin git@github.com:ToywheelDev/GW_Config.git +server { + listen 80; + + server_name api16.gamewheel.local; + + root /usr/share/gamewheel/GW_Config; + + location / { + add_header Access-Control-Allow-Origin $http_origin; + autoindex on; + try_files $uri $uri/ @node; + } + + location @node { + proxy_pass_request_headers on; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-NginX-Proxy true; + # Replace here with proper host/port + proxy_pass http://127.0.0.1:3104; + proxy_ssl_session_reuse off; + proxy_set_header Host $http_host; + proxy_redirect off; + } +} diff --git a/app.conf b/app.conf new file mode 100644 index 0000000..4b225ee --- /dev/null +++ b/app.conf @@ -0,0 +1,20 @@ +#origin git@github.com:ToywheelDev/gw-app.git +server { + listen 80; + + server_name app.gamewheel.local; + + root /usr/share/gamewheel/gw-app; + + location / { + proxy_pass_request_headers on; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-NginX-Proxy true; + # Replace here with proper host/port + proxy_pass http://127.0.0.1:3104; + proxy_ssl_session_reuse off; + proxy_set_header Host $http_host; + proxy_redirect off; + } +} diff --git a/config.js b/config.js index 28992f2..a14cdf2 100644 --- a/config.js +++ b/config.js @@ -1,19 +1,12 @@ var config = { vr_pong: { - url: "http://pong.gamewheel.local", - port: 3101, - debugPort: 3201 + url: "http://pong.gamewheel.local" }, vr_racer: { - url: "http://racer.gamewheel.local", - port: 3102, - debugPort: 3202 + url: "http://racer.gamewheel.local" }, editor: { url: "http://3d-editor.gamewheel.local", - port: 3103, - debugPort: 3203, - cluster: false, default: { platform: 'gamewheel', account: 'root', @@ -22,69 +15,48 @@ var config = { uploadPath: '/uploads' }, api16: { - url: "http://api.gamewheel.local", - port: 3104, - debugPort: 3204, - cluster: false, - cors: false, - mailer: { - host: 'localhost', - port: 9025, - secure: false, - debug: true, - ignoreTLS: true - }, - mongodb: { - host: 'mongodb://127.0.0.1', - db: 'gamewheel', - port: 27017, - shardPort: 27018, - options: { - db: { - native_parser: true - }, - server: { - poolSize: 5, - keepAlive: 120 - }, - user: '', - pass: '', - autoIndex: false - } - }, - sessionKey: 'iJswK29klj20Jos02mJK8ud9239j23' + url: "http://api16.gamewheel.local" }, tools: { url: "http://tools.gamewheel.local", - port: 3105, - debugPort: 3205, default: { platform: 'gamewheel', account: 'root', subAccount: 'root' - }, - mysqlUserExport: { - host: "gwdb.cpuanrat3vd1.eu-central-1.rds.amazonaws.com", - port: 3306, - user: "root", - password: "5t0bURlq", - database: "gw_core" - }, - mongoUserImport: { - host: "127.0.0.1", - port: 27017, - options: { - user: '', - pass: '' - } } }, + app : { + url: 'http://app.gamewheel.local' + }, + api : { + url : 'http://api.gamewheel.local' + }, + old_api_runtime : { + url : 'http://api-runtime.gamewheel.local' + }, + statistics : { + url : 'http://api-runtime.gamewheel.local' + }, + port : { + url: 'http://port.gamewheel.local' + }, + gate : { + url: 'http://gate.gamewheel.local' + }, environment: { mode: 'development' } }; if (typeof module !== 'undefined') { + + if (typeof require !== 'undefined') { + var secure = require('./secure'); + var _ = require('lodash'); + + _.merge(config, secure); + } + module.exports = config; } diff --git a/gate.conf b/gate.conf new file mode 100644 index 0000000..d04cd5b --- /dev/null +++ b/gate.conf @@ -0,0 +1,25 @@ +#origin git@github.com:ToywheelDev/gamewheel-gate.git +server { + listen 80; + + server_name gate.gamewheel.local; + + root /usr/share/gamewheel/gate; + + location / { + add_header Access-Control-Allow-Origin $http_origin; + autoindex on; + try_files $uri $uri/ @node; + } + + location @node { + proxy_pass_request_headers on; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-NginX-Proxy true; + proxy_pass http://127.0.0.1:3111; + proxy_ssl_session_reuse off; + proxy_set_header Host $http_host; + proxy_redirect off; + } +} diff --git a/package.json b/package.json new file mode 100644 index 0000000..3b7fb62 --- /dev/null +++ b/package.json @@ -0,0 +1,12 @@ +{ + "name": "gamewheel-config", + "version": "0.0.1", + "author": "Theunis J. Botha", + "description": "Tools for Gamewheel", + "repository": "https://github.com/ToywheelDev/config.git", + "license": "UNLICENSED", + "readme": "README.md", + "dependencies": { + "lodash": "^4.16.6" + } +} diff --git a/port.conf b/port.conf new file mode 100644 index 0000000..8c1cf76 --- /dev/null +++ b/port.conf @@ -0,0 +1,25 @@ +#origin git@github.com:ToywheelDev/gamewheel-port.git +server { + listen 80; + + server_name port.gamewheel.local; + + root /usr/share/gamewheel/port; + + location / { + add_header Access-Control-Allow-Origin $http_origin; + autoindex on; + try_files $uri $uri/ @node; + } + + location @node { + proxy_pass_request_headers on; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-NginX-Proxy true; + proxy_pass http://127.0.0.1:3110; + proxy_ssl_session_reuse off; + proxy_set_header Host $http_host; + proxy_redirect off; + } +} diff --git a/secure.js b/secure.js index 2d707ed..90a873a 100644 --- a/secure.js +++ b/secure.js @@ -1,9 +1,93 @@ var secure = { - vr_pong : { + vr_pong: { + url: "http://pong.gamewheel.local", + port: 3101, + debugPort: 3201 }, - vr_racer : { + vr_racer: { + url: "http://racer.gamewheel.local", + port: 3102, + debugPort: 3202 }, - editor : { + editor: { + port: 3103, + debugPort: 3203, + cluster: false + }, + api16: { + port: 3104, + debugPort: 3204, + cluster: false, + cors: false, + mailer: { + host: 'localhost', + port: 9025, + secure: false, + debug: true, + ignoreTLS: true + }, + mongodb: { + host: 'mongodb://127.0.0.1', + db: 'gamewheel', + port: 27017, + shardPort: 27018, + options: { + db: { + native_parser: true + }, + server: { + poolSize: 5, + keepAlive: 120 + }, + user: '', + pass: '', + autoIndex: false + } + }, + sessionKey: 'iJswK29klj20Jos02mJK8ud9239j23' + }, + tools: { + port: 3105, + debugPort: 3205, + mysqlUserExport: { + host: "gwdb.cpuanrat3vd1.eu-central-1.rds.amazonaws.com", + port: 3306, + user: "root", + password: "5t0bURlq", + database: "gw_core" + }, + mongoUserImport: { + host: "127.0.0.1", + port: 27017, + options: { + user: '', + pass: '' + } + } + }, + app: { + port: 3106, + debugPort: 3206 + }, + api: { + port: 3107, + debugPort: 3207 + }, + old_api_runtime: { + port: 3108, + debugPort: 3208 + }, + statistics: { + port: 3109, + debugPort: 3209 + }, + port: { + port: 3110, + debugPort: 3210 + }, + gate: { + port: 3111, + debugPort: 3211 } }; diff --git a/tools.conf b/tools.conf index e237f11..5cb6979 100644 --- a/tools.conf +++ b/tools.conf @@ -1,30 +1,19 @@ +#origin git@github.com:ToywheelDev/tools.git server { listen 80; - listen 443 ssl; - + server_name tools.gamewheel.local tools-debug.gamewheel.local; root /srv/gamewheel.local/tools; - index index.html; - access_log /var/log/nginx/tools.gamewheel.local.access.log; - error_log /var/log/nginx/tools.gamewheel.local.error.log; - - ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; - ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; - ssl_session_timeout 5m; - ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; - ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES"; - ssl_prefer_server_ciphers on; - -# location ~ \.php$ { -# fastcgi_pass 127.0.0.1:9001; -# fastcgi_index index.php; -# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; -# fastcgi_param SCRIPT_URL $request_uri; -# fastcgi_param SERVER_NAME $http_host; -# include fastcgi_params; -# } + location ~ \.php$ { + fastcgi_pass 127.0.0.1:9001; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param SCRIPT_URL $request_uri; + fastcgi_param SERVER_NAME $http_host; + include fastcgi_params; + } location / { add_header Access-Control-Allow-Origin $http_origin; @@ -37,7 +26,6 @@ server { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-NginX-Proxy true; - # Replace here with proper host/port proxy_pass http://127.0.0.1:3105; proxy_ssl_session_reuse off; proxy_set_header Host $http_host;