X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fvnfsdk%2Fresources%2Fnginx%2Fnginx.conf;fp=kubernetes%2Fvnfsdk%2Fresources%2Fnginx%2Fnginx.conf;h=d26cc5d813266f3bf28b83bd9f97b93b91534dbf;hb=554bc6b6d540810be1fd2c4fa1117719c21527de;hp=0000000000000000000000000000000000000000;hpb=fde94076e689727e8a2c3c5147ce1242dc225f87;p=oom.git

diff --git a/kubernetes/vnfsdk/resources/nginx/nginx.conf b/kubernetes/vnfsdk/resources/nginx/nginx.conf
new file mode 100644
index 0000000000..d26cc5d813
--- /dev/null
+++ b/kubernetes/vnfsdk/resources/nginx/nginx.conf
@@ -0,0 +1,63 @@
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+daemon off;
+
+#pid /run/nginx.pid;
+
+events {
+    worker_connections 500;
+    # multi_accept on;
+}
+http {
+
+    ##
+    # Basic Settings
+    ##
+
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    types_hash_max_size 2048;
+
+        #Comment or disable the access_log once tested to avoid runtime logs
+#        access_log            /var/log/nginx/access.log format gzip;
+        access_log            off;
+        error_log            /var/log/nginx/error.log;
+
+    server {
+         listen *:8703 ssl;
+        server_name
+        ssl on;
+        ssl_certificate           {{ .Values.certInitializer.credsPath }}/certs/cert.pem;
+        ssl_certificate_key       {{ .Values.certInitializer.credsPath }}/certs/cert.key;
+        ssl_session_cache  builtin:1000  shared:SSL:80m;
+        ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
+        ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
+        ssl_prefer_server_ciphers on;
+        ssl_session_timeout 10m;
+        keepalive_timeout   70;
+
+        location / {
+            proxy_set_header        Host $host;
+            proxy_set_header        X-Real-IP $remote_addr;
+            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header        X-Forwarded-Proto $scheme;
+            proxy_pass          http://localhost:8702;
+            proxy_read_timeout  90;
+            proxy_redirect      off;
+        }
+    }
+}
\ No newline at end of file