From 1c2bdbf31047b7ed43a1ef9120cab8e7e5e48684 Mon Sep 17 00:00:00 2001 From: Ami Date: Tue, 21 Apr 2026 11:36:01 +0700 Subject: [PATCH] fix(nginx): strip /api prefix in proxy_pass (api_prefix is /api/v1) --- apps/admin-ui/nginx.conf | 109 +++++++++++++++++++++------------------ 1 file changed, 60 insertions(+), 49 deletions(-) diff --git a/apps/admin-ui/nginx.conf b/apps/admin-ui/nginx.conf index 094db1d..fc51cb2 100644 --- a/apps/admin-ui/nginx.conf +++ b/apps/admin-ui/nginx.conf @@ -1,59 +1,70 @@ -server { - listen 80; - root /var/www/html; - index index.html; +worker_processes auto; +pid /run/nginx.pid; +error_log /var/log/nginx/error.log warn; - # Health check endpoint for nginx itself - location = /health { - access_log off; - return 200 "nginx ok\n"; - add_header Content-Type text/plain; - } +events { + worker_connections 1024; +} - # Banner entry points — cross-origin script loads from customer - # sites, so they need permissive CORS. - location = /consent-loader.js { - add_header Access-Control-Allow-Origin "*" always; - add_header Access-Control-Allow-Methods "GET, OPTIONS" always; - add_header Cache-Control "public, max-age=3600" always; - try_files $uri =404; - } +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + access_log /var/log/nginx/access.log; - location = /consent-bundle.js { - add_header Access-Control-Allow-Origin "*" always; - add_header Access-Control-Allow-Methods "GET, OPTIONS" always; - add_header Cache-Control "public, max-age=3600" always; - try_files $uri =404; - } + server { + listen 80; + root /var/www/html; + index index.html; - # Proxy API requests to FastAPI backend - location /api/ { - proxy_pass http://127.0.0.1:8000; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } + # Health check endpoint + location = /health { + access_log off; + return 200 "nginx ok\n"; + add_header Content-Type text/plain; + } - # Proxy /docs, /openapi.json to FastAPI (Swagger UI) - location /docs { - proxy_pass http://127.0.0.1:8000; - proxy_set_header Host $host; - } + # Banner entry points + location = /consent-loader.js { + add_header Access-Control-Allow-Origin "*" always; + add_header Access-Control-Allow-Methods "GET, OPTIONS" always; + add_header Cache-Control "public, max-age=3600" always; + try_files $uri =404; + } - location /openapi.json { - proxy_pass http://127.0.0.1:8000; - proxy_set_header Host $host; - } + location = /consent-bundle.js { + add_header Access-Control-Allow-Origin "*" always; + add_header Access-Control-Allow-Methods "GET, OPTIONS" always; + add_header Cache-Control "public, max-age=3600" always; + try_files $uri =404; + } - # SPA fallback — serve index.html for all other routes - location / { - try_files $uri $uri/ /index.html; - } + # Proxy API requests to FastAPI backend — strip /api prefix + location /api/ { + proxy_pass http://127.0.0.1:8000/; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } - # Cache static assets - location /assets/ { - expires 1y; - add_header Cache-Control "public, immutable"; + location /docs { + proxy_pass http://127.0.0.1:8000; + proxy_set_header Host $host; + } + + location /openapi.json { + proxy_pass http://127.0.0.1:8000; + proxy_set_header Host $host; + } + + # SPA fallback + location / { + try_files $uri $uri/ /index.html; + } + + location /assets/ { + expires 1y; + add_header Cache-Control "public, immutable"; + } } }