mirror of
http://172.20.10.11:3000/gitadmin/INSIGHT-MVP.git
synced 2026-06-25 00:16:41 +02:00
36196457ea
- Alle Ansible-Rollen erstellt: common, disk_setup, docker, postgresql, pgbouncer, redis, nginx, zabbix_agent - ansible.cfg mit Pipeline-Optimierung - hosts.yml mit echten IPs (DBS01=.20, APS01=.21, WEB01=.22) - group_vars für alle Server (dbs, aps, web) - Zabbix-Server auf sentinel.xinion.de gesetzt - vault.yml.example als Vorlage für Secrets - site.yml nutzt import_playbook (DBS01→APS01→WEB01) - BRIEFING.md für alle 4 Repos angelegt (Platform, Apps, Infra, Shared) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
62 lines
1.7 KiB
Django/Jinja
62 lines
1.7 KiB
Django/Jinja
# insight.conf — Managed by Ansible (INSIGHT-Infra)
|
|
# Reverse Proxy: WEB01 → APS01
|
|
|
|
upstream insight_api {
|
|
server {{ aps01_ip | default('172.20.10.21') }}:3000;
|
|
keepalive 32;
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name {{ nginx_server_name | default('_') }};
|
|
|
|
# React SPA (Static Files)
|
|
root {{ nginx_webroot | default('/var/www/insight') }};
|
|
index index.html;
|
|
|
|
# API Proxy → APS01
|
|
location /api/ {
|
|
proxy_pass http://insight_api;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Connection "";
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_connect_timeout 30s;
|
|
proxy_send_timeout 60s;
|
|
proxy_read_timeout 60s;
|
|
|
|
proxy_buffer_size 4k;
|
|
proxy_buffers 8 4k;
|
|
}
|
|
|
|
# WebSocket (für NestJS Events / Pub-Sub)
|
|
location /socket.io/ {
|
|
proxy_pass http://insight_api;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
|
|
# React SPA Fallback (client-side routing)
|
|
location / {
|
|
try_files $uri $uri/ /index.html;
|
|
|
|
# Cache Static Assets
|
|
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
|
|
expires 1y;
|
|
add_header Cache-Control "public, immutable";
|
|
}
|
|
}
|
|
|
|
# Health Check
|
|
location /health {
|
|
access_log off;
|
|
return 200 "OK\n";
|
|
add_header Content-Type text/plain;
|
|
}
|
|
}
|