[OOF] Use certInitializer for OOF pods
[oom.git] / kubernetes / oof / components / oof-has / resources / config / nginx.conf
diff --git a/kubernetes/oof/components/oof-has/resources/config/nginx.conf b/kubernetes/oof/components/oof-has/resources/config/nginx.conf
new file mode 100644 (file)
index 0000000..a679016
--- /dev/null
@@ -0,0 +1,31 @@
+events {
+        worker_connections 768;
+        # multi_accept on;
+}
+
+http {
+    # ...
+    upstream conductor_uwsgi {
+       server 127.0.0.1:8080;
+    }
+
+    server {
+
+        listen              8091 ssl;
+        server_name         oof;
+        ssl_certificate     /opt/bitnami/nginx/ssl/local/org.onap.oof.crt;
+        ssl_certificate_key /opt/bitnami/nginx/ssl/local/org.onap.oof.key;
+        ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+        ssl_ciphers         HIGH:!aNULL:!MD5;
+
+        location / {
+            include /opt/bitnami/nginx/conf/uwsgi_params;
+            uwsgi_pass conductor_uwsgi;
+
+            uwsgi_param Host $host;
+            uwsgi_param X-Real-IP $remote_addr;
+            uwsgi_param X-Forwarded-For $proxy_add_x_forwarded_for;
+            uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto;
+        }
+    }
+}