Cradicle Explorer
ai-agents-automation_budibase
/ hosting / nginx.dev.conf
nginx.dev.conf
  1  user                    nginx;
  2  error_log               /var/log/nginx/error.log debug;
  3  pid                     /var/run/nginx.pid;
  4  worker_processes        auto;
  5  worker_rlimit_nofile    33282;
  6  
  7  events {
  8    worker_connections  1024;
  9  }
 10  
 11  http {
 12    include       /etc/nginx/mime.types;
 13    default_type  application/octet-stream;
 14    proxy_set_header Host $host;
 15  
 16    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
 17                      '$status $body_bytes_sent "$http_referer" '
 18                      '"$http_user_agent" "$http_x_forwarded_for" '
 19                      'response_time=$upstream_response_time proxy_host=$proxy_host upstream_addr=$upstream_addr';
 20  
 21    access_log /var/log/nginx/access.log main;
 22    
 23    map $http_upgrade $connection_upgrade {
 24      default     "upgrade";
 25    }
 26  
 27    upstream app-service {
 28      server ${PROXY_ADDRESS}:4001;
 29      keepalive 32;
 30    }
 31  
 32    upstream worker-service {
 33      server ${PROXY_ADDRESS}:4002;
 34      keepalive 32;
 35    }
 36  
 37    upstream builder {
 38      server ${PROXY_ADDRESS}:3000;
 39      keepalive 32;
 40    }
 41  
 42    server { 
 43      listen       10000 default_server;
 44      server_name  _;
 45      client_max_body_size 50000m;
 46      ignore_invalid_headers off;
 47      proxy_buffering off;
 48  
 49      error_page 502 503 504 /error.html;
 50      location = /error.html {
 51        root /usr/share/nginx/html; 
 52        internal;
 53      }
 54  
 55      location /db/ {
 56        proxy_pass      http://couchdb-service:5984;
 57        rewrite ^/db/(.*)$ /$1 break;
 58      }
 59  
 60      location = /health {
 61        proxy_read_timeout 120s;
 62        proxy_connect_timeout 120s;
 63        proxy_send_timeout 120s;
 64        proxy_http_version 1.1;
 65  
 66        proxy_set_header Host $host;
 67        proxy_set_header Connection "";
 68  
 69        proxy_pass      http://app-service/health;
 70      }
 71  
 72      location ~ ^/api/(system|admin|global)/ {
 73        proxy_read_timeout 120s;
 74        proxy_connect_timeout 120s;
 75        proxy_send_timeout 120s;
 76        proxy_http_version 1.1;
 77  
 78        # Enable buffering for potentially large OIDC configs
 79        proxy_buffering on;
 80        proxy_buffer_size 16k;
 81        proxy_buffers 4 32k;
 82  
 83        proxy_set_header Host $host;
 84        proxy_set_header Connection "";
 85  
 86        proxy_pass      http://worker-service;
 87      }
 88  
 89      location /api/backups/ {
 90        proxy_read_timeout 1800s;
 91        proxy_connect_timeout 1800s;
 92        proxy_send_timeout 1800s;
 93        proxy_pass      http://app-service;
 94        proxy_http_version 1.1;
 95        proxy_set_header Connection "";
 96      }
 97  
 98      location /api/ {
 99        proxy_read_timeout 120s;
100        proxy_connect_timeout 120s;
101        proxy_send_timeout 120s;
102        proxy_http_version 1.1;
103  
104        proxy_set_header Host $host;
105        proxy_set_header Connection "";
106  
107        proxy_pass      http://app-service;
108      }
109  
110      location = / {
111        proxy_read_timeout 120s;
112        proxy_connect_timeout 120s;
113        proxy_send_timeout 120s;
114        proxy_http_version 1.1;
115  
116        proxy_set_header Host $host;
117        proxy_set_header Connection "";
118  
119        proxy_pass      http://app-service;
120      }
121  
122      location /app_ {
123        proxy_read_timeout 120s;
124        proxy_connect_timeout 120s;
125        proxy_send_timeout 120s;
126        proxy_http_version 1.1;
127  
128        proxy_set_header Host $host;
129        proxy_set_header Connection "";
130  
131        proxy_pass      http://app-service;
132      }
133  
134      location /app {
135        proxy_read_timeout 120s;
136        proxy_connect_timeout 120s;
137        proxy_send_timeout 120s;
138        proxy_http_version 1.1;
139  
140        proxy_set_header Host $host;
141        proxy_set_header Connection "";
142  
143        proxy_pass      http://app-service;
144      }
145  
146      location /embed {
147        rewrite /embed/(.*) /app/$1  break;
148        proxy_pass         http://app-service;
149        proxy_redirect     off;
150        proxy_set_header   Host $host;
151        proxy_set_header   x-budibase-embed "true";
152        add_header x-budibase-embed "true";
153        add_header Content-Security-Policy "frame-ancestors *";
154      }
155  
156      # Redirects for renamed routes
157      location ~ ^/builder/portal/apps(/.*)?$ {
158        return 301 /builder/portal/workspaces$1;
159      }
160  
161      location ~ ^/builder/app(/.*)?$ {
162        return 301 /builder/workspace$1;
163      }
164  
165      location /builder {
166        proxy_read_timeout 120s;
167        proxy_connect_timeout 120s;
168        proxy_send_timeout 120s;
169        proxy_http_version 1.1;
170  
171        proxy_set_header Host $host;
172        proxy_set_header Connection "";
173  
174        proxy_pass      http://builder;
175        rewrite ^/builder(.*)$ /builder/$1 break;
176      }
177  
178      location /builder/ {
179        proxy_http_version  1.1;
180  
181        proxy_set_header    Host                $host;
182        proxy_set_header    Connection          $connection_upgrade;
183        proxy_set_header    Upgrade             $http_upgrade;
184        proxy_set_header    X-Real-IP           $remote_addr;
185        proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
186  
187        proxy_read_timeout 120s;
188        proxy_connect_timeout 120s;
189        proxy_send_timeout 120s;
190  
191        proxy_pass      http://builder;
192      }
193  
194      location /vite/ {
195        proxy_pass  http://builder;
196        proxy_read_timeout 120s;
197        proxy_connect_timeout 120s;
198        proxy_send_timeout 120s;
199        rewrite     ^/vite(.*)$ /$1 break;
200      }
201  
202      location /socket/ {
203        proxy_http_version  1.1;
204        proxy_set_header    Upgrade     $http_upgrade;
205        proxy_set_header    Connection  'upgrade';
206        proxy_set_header    Host        $host;
207        proxy_cache_bypass  $http_upgrade;
208        proxy_pass          http://app-service;
209      }
210  
211      location / {
212        proxy_set_header X-Real-IP $remote_addr;
213        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
214        proxy_set_header X-Forwarded-Proto $scheme;
215        proxy_set_header Host $http_host;
216  
217        proxy_connect_timeout 300;
218        proxy_http_version 1.1;
219        proxy_set_header Connection "";
220        chunked_transfer_encoding off;
221  
222        proxy_pass      http://minio-service:9000;
223      }
224  
225      location /files/signed/ {
226        proxy_set_header X-Real-IP $remote_addr;
227        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
228        proxy_set_header X-Forwarded-Proto $scheme;
229  
230        # IMPORTANT: Signed urls will inspect the host header of the request.
231        # Normally a signed url will need to be generated with a specified client host in mind.
232        # To support dynamic hosts, e.g. some unknown self-hosted installation url,
233        # use a predefined host header. The host 'minio-service' is also used at the time of url signing.
234        proxy_set_header Host minio-service;
235  
236        proxy_connect_timeout 300;
237        proxy_http_version 1.1;
238        proxy_set_header Connection "";
239        chunked_transfer_encoding off;
240  
241        proxy_pass      http://minio-service:9000;
242        rewrite ^/files/signed/(.*)$ /$1 break;
243      }
244  
245      client_header_timeout 60;
246      client_body_timeout   60;
247      keepalive_timeout     60;
248      gzip                  off;
249      gzip_comp_level       4;
250    }
251  }