hyungi/tk-factory-services
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
de6d918d42db53a91930ef4da7b15bc2690efe7b
tk-factory-services/system1-factory/web/nginx.conf
Hyungi Ahn de6d918d42 fix: nginx 레거시 리다이렉트 tkds→tkfb 수정 
/login, /dashboard 경로가 여전히 tkds.technicalkorea.net으로
302/301 리다이렉트하고 있었음. 이게 진짜 원인.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-01 15:41:18 +09:00

129 lines
4.1 KiB
Nginx Configuration File
Raw Blame History

server {
listen 80;
server_name _;
resolver 127.0.0.11 valid=10s ipv6=off;
client_max_body_size 50M;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
root /usr/share/nginx/html;
index index.html;
# HTML 캐시 비활성화
location ~* \.html$ {
expires -1;
add_header Cache-Control "no-store, no-cache, must-revalidate";
}
# SW, manifest 캐시 비활성화 (PWA 업데이트 즉시 반영)
location = /sw.js {
add_header Cache-Control "no-cache, no-store, must-revalidate";
}
location = /manifest.json {
add_header Cache-Control "no-cache, no-store, must-revalidate";
}
# 정적 파일 캐시 (JS, CSS, 이미지 등)
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf)$ {
expires 1h;
add_header Cache-Control "public, no-transform";
}
# SSO Auth API 프록시 (/api/auth/* → sso-auth)
location /api/auth/ {
set $upstream http://sso-auth:3000;
proxy_pass $upstream$request_uri;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# API 프록시 (System 1 API)
location /api/ {
set $upstream http://system1-api:3005;
proxy_pass $upstream$request_uri;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# 업로드 파일 프록시 (^~ 로 regex location보다 우선 매칭)
location ^~ /uploads/ {
set $upstream http://system1-api:3005;
proxy_pass $upstream$request_uri;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
# FastAPI Bridge 프록시
location /fastapi/ {
set $upstream http://system1-fastapi:8000;
rewrite ^/fastapi/(.*)$ /$1 break;
proxy_pass $upstream;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# SSO Auth 프록시 (gateway에서 이관)
location /auth/ {
set $upstream http://sso-auth:3000;
rewrite ^/auth/(.*)$ /api/auth/$1 break;
proxy_pass $upstream;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# AI Service 프록시 (gateway에서 이관)
location /ai-api/ {
set $ai_upstream https://ai.hyungi.net;
rewrite ^/ai-api/(.*) /api/ai/$1 break;
proxy_pass $ai_upstream;
proxy_http_version 1.1;
proxy_set_header Host ai.hyungi.net;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_ssl_server_name on;
proxy_read_timeout 180s;
proxy_send_timeout 180s;
}
# 레거시 /login, /dashboard → gateway 리다이렉트
location = /login {
return 302 $scheme://tkfb.technicalkorea.net/dashboard$is_args$args;
}
location = /dashboard {
return 301 $scheme://tkfb.technicalkorea.net/dashboard;
}
# Health check
location /health {
access_log off;
return 200 '{"status":"ok","service":"system1-web"}';
add_header Content-Type application/json;
}
# Static files (new Tailwind UI)
location /static/ {
expires 1h;
add_header Cache-Control "public, no-transform";
}
# SPA fallback
location / {
try_files $uri $uri/ /index.html;
}
}
Reference in New Issue View Git Blame Copy Permalink