kunthawat/consentos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

fix(nginx): strip /api prefix in proxy_pass (api_prefix is /api/v1)
Some checks failed
CI / Detect changes (push) Has been cancelled
Details
CI / API Lint (push) Has been cancelled
Details
CI / API Tests (push) Has been cancelled
Details
CI / Scanner Lint (push) Has been cancelled
Details
CI / Scanner Tests (push) Has been cancelled
Details
CI / Banner Lint & Typecheck (push) Has been cancelled
Details
CI / Banner Tests (push) Has been cancelled
Details
CI / Banner Build (push) Has been cancelled
Details
CI / Admin UI Typecheck (push) Has been cancelled
Details
CI / Admin UI Tests (push) Has been cancelled
Details
CI / Admin UI Build (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Ami
2026-04-21 11:36:01 +07:00
parent f8cdbf8d74
commit 1c2bdbf310
1 changed files with 60 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
apps/admin-ui/nginx.conf
View File

@@ -1,17 +1,29 @@
server { worker_processes auto;
pid /run/nginx.pid;
error_log /var/log/nginx/error.log warn;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
server {
listen 80; listen 80;
root /var/www/html; root /var/www/html;
index index.html; index index.html;
# Health check endpoint for nginx itself # Health check endpoint
location = /health { location = /health {
access_log off; access_log off;
return 200 "nginx ok\n"; return 200 "nginx ok\n";
add_header Content-Type text/plain; add_header Content-Type text/plain;
} }
# Banner entry points — cross-origin script loads from customer # Banner entry points
# sites, so they need permissive CORS.
location = /consent-loader.js { location = /consent-loader.js {
add_header Access-Control-Allow-Origin "*" always; add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Methods "GET, OPTIONS" always; add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
@@ -26,16 +38,15 @@ server {
try_files $uri =404; try_files $uri =404;
} }
# Proxy API requests to FastAPI backend # Proxy API requests to FastAPI backend — strip /api prefix
location /api/ { location /api/ {
proxy_pass http://127.0.0.1:8000; proxy_pass http://127.0.0.1:8000/;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
} }
# Proxy /docs, /openapi.json to FastAPI (Swagger UI)
location /docs { location /docs {
proxy_pass http://127.0.0.1:8000; proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host; proxy_set_header Host $host;
@@ -46,14 +57,14 @@ server {
proxy_set_header Host $host; proxy_set_header Host $host;
} }
# SPA fallback — serve index.html for all other routes # SPA fallback
location / { location / {
try_files $uri $uri/ /index.html; try_files $uri $uri/ /index.html;
} }
# Cache static assets
location /assets/ { location /assets/ {
expires 1y; expires 1y;
add_header Cache-Control "public, immutable"; add_header Cache-Control "public, immutable";
} }
}
} }