kunthawat/consentos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

fix(nginx): strip /api prefix in proxy_pass (api_prefix is /api/v1)
Some checks failed
CI / Detect changes (push) Has been cancelled
Details
CI / API Lint (push) Has been cancelled
Details
CI / API Tests (push) Has been cancelled
Details
CI / Scanner Lint (push) Has been cancelled
Details
CI / Scanner Tests (push) Has been cancelled
Details
CI / Banner Lint & Typecheck (push) Has been cancelled
Details
CI / Banner Tests (push) Has been cancelled
Details
CI / Banner Build (push) Has been cancelled
Details
CI / Admin UI Typecheck (push) Has been cancelled
Details
CI / Admin UI Tests (push) Has been cancelled
Details
CI / Admin UI Build (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Ami
2026-04-21 11:36:01 +07:00
parent f8cdbf8d74
commit 1c2bdbf310
1 changed files with 60 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
apps/admin-ui/nginx.conf
View File

@@ -1,59 +1,70 @@
server { worker_processes auto;
listen 80; pid /run/nginx.pid;
root /var/www/html; error_log /var/log/nginx/error.log warn;
index index.html;
# Health check endpoint for nginx itself events {
location = /health { worker_connections 1024;
access_log off; }
return 200 "nginx ok\n";
add_header Content-Type text/plain;
}
# Banner entry points — cross-origin script loads from customer http {
# sites, so they need permissive CORS. include /etc/nginx/mime.types;
location = /consent-loader.js { default_type application/octet-stream;
add_header Access-Control-Allow-Origin "*" always; access_log /var/log/nginx/access.log;
add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
add_header Cache-Control "public, max-age=3600" always;
try_files $uri =404;
}
location = /consent-bundle.js { server {
add_header Access-Control-Allow-Origin "*" always; listen 80;
add_header Access-Control-Allow-Methods "GET, OPTIONS" always; root /var/www/html;
add_header Cache-Control "public, max-age=3600" always; index index.html;
try_files $uri =404;
}
# Proxy API requests to FastAPI backend # Health check endpoint
location /api/ { location = /health {
proxy_pass http://127.0.0.1:8000; access_log off;
proxy_set_header Host $host; return 200 "nginx ok\n";
proxy_set_header X-Real-IP $remote_addr; add_header Content-Type text/plain;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; }
proxy_set_header X-Forwarded-Proto $scheme;
}
# Proxy /docs, /openapi.json to FastAPI (Swagger UI) # Banner entry points
location /docs { location = /consent-loader.js {
proxy_pass http://127.0.0.1:8000; add_header Access-Control-Allow-Origin "*" always;
proxy_set_header Host $host; add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
} add_header Cache-Control "public, max-age=3600" always;
try_files $uri =404;
}
location /openapi.json { location = /consent-bundle.js {
proxy_pass http://127.0.0.1:8000; add_header Access-Control-Allow-Origin "*" always;
proxy_set_header Host $host; add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
} add_header Cache-Control "public, max-age=3600" always;
try_files $uri =404;
}
# SPA fallback — serve index.html for all other routes # Proxy API requests to FastAPI backend — strip /api prefix
location / { location /api/ {
try_files $uri $uri/ /index.html; proxy_pass http://127.0.0.1:8000/;
} proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Cache static assets location /docs {
location /assets/ { proxy_pass http://127.0.0.1:8000;
expires 1y; proxy_set_header Host $host;
add_header Cache-Control "public, immutable"; }
location /openapi.json {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
}
# SPA fallback
location / {
try_files $uri $uri/ /index.html;
}
location /assets/ {
expires 1y;
add_header Cache-Control "public, immutable";
}
} }
} }