--- /dev/null
+# Copyright 2020 Huawei Technologies Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+daemon off;
+
+#pid /run/nginx.pid;
+
+events {
+ worker_connections 500;
+ # multi_accept on;
+}
+http {
+
+ ##
+ # Basic Settings
+ ##
+
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ keepalive_timeout 65;
+ types_hash_max_size 2048;
+
+ #Comment or disable the access_log once tested to avoid runtime logs
+# access_log /var/log/nginx/access.log format gzip;
+ access_log off;
+ error_log /var/log/nginx/error.log;
+
+ server {
+ listen *:8703 ssl;
+ server_name
+ ssl on;
+ ssl_certificate {{ .Values.certInitializer.credsPath }}/certs/cert.pem;
+ ssl_certificate_key {{ .Values.certInitializer.credsPath }}/certs/cert.key;
+ ssl_session_cache builtin:1000 shared:SSL:80m;
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
+ ssl_prefer_server_ciphers on;
+ ssl_session_timeout 10m;
+ keepalive_timeout 70;
+
+ location / {
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_pass http://localhost:8702;
+ proxy_read_timeout 90;
+ proxy_redirect off;
+ }
+ }
+}
\ No newline at end of file
Code Review / oom.git / blobdiff