diff --git a/deploy/nginx-taxbaik-domains.conf b/deploy/nginx-taxbaik-domains.conf new file mode 100644 index 0000000..65124b0 --- /dev/null +++ b/deploy/nginx-taxbaik-domains.conf @@ -0,0 +1,132 @@ +# 1. TaxBaik 홈페이지 (taxbaik.com, www.taxbaik.com) +server { + server_name taxbaik.com www.taxbaik.com; + client_max_body_size 512M; + + # 루트 경로 요청을 /taxbaik 으로 프록싱하여 base href /taxbaik/ 에 대응 + location / { + proxy_pass http://127.0.0.1:5001/taxbaik/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + + # /taxbaik/ 하위로 들어오는 리소스 및 페이지 요청 처리 + location /taxbaik { + proxy_pass http://127.0.0.1:5001; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_read_timeout 120s; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/taxbaik.com/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/taxbaik.com/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + + +} + +# 2. Gitea (gitea.taxbaik.com) +server { + server_name gitea.taxbaik.com; + client_max_body_size 512M; + + location / { + proxy_pass http://127.0.0.1:3000; + proxy_http_version 1.1; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_read_timeout 300; + proxy_connect_timeout 300; + proxy_send_timeout 300; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/taxbaik.com/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/taxbaik.com/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +# 3. QuantEngine (quant.taxbaik.com) +server { + server_name quant.taxbaik.com; + + location / { + proxy_pass http://127.0.0.1:5000/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/taxbaik.com/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/taxbaik.com/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + +} + +server { + if ($host = www.taxbaik.com) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + if ($host = taxbaik.com) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name taxbaik.com www.taxbaik.com; + return 404; # managed by Certbot + + + + +} +server { + if ($host = gitea.taxbaik.com) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name gitea.taxbaik.com; + return 404; # managed by Certbot + + +} +server { + if ($host = quant.taxbaik.com) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + listen 80; + server_name quant.taxbaik.com; + return 404; # managed by Certbot + + +}