diff --git a/srv/conf/conf.d/portal.conf b/srv/conf/conf.d/portal.conf index 94ab125..40aef49 100755 --- a/srv/conf/conf.d/portal.conf +++ b/srv/conf/conf.d/portal.conf @@ -1,22 +1,26 @@ server { server_name captive.eca.aero *.apple.com - *.google.com - *.gstatic.com; + *.gstatic.com + *.firefox.com + *.ubuntu.com + *.google.com + *.android.com + *.gnome.org; location / { proxy_pass http://pxportal_service:8889/; proxy_set_header Host $host; - proxy_set_header X-Real-Ip $remote_addr; + proxy_set_header X-Real-Ip $remote_addr; proxy_buffering off; } } -server { - listen 80 default_server; - server_name _ eca.aero; - root /data/webapp/default; -} +#server { +# listen 80 default_server; +# server_name _ eca.aero; +# root /data/webapp/default; +#} server { server_name portal.eca.aero; diff --git a/srv/conf/dnsmasq.conf b/srv/conf/dnsmasq.conf index 4e768c6..3343f83 100644 --- a/srv/conf/dnsmasq.conf +++ b/srv/conf/dnsmasq.conf @@ -43,22 +43,34 @@ server=8.8.4.4 # increase dns cache form 512 to 4096 cache-size=4096 # Add domains which you want to force to an IP address here. -address=/eca.aero/192.168.0.2 -address=/.eca.aero/192.168.0.2 +address=/eca.aero/10.0.0.254 +address=/.eca.aero/10.0.0.254 -address=/ife.aero/192.168.0.2 -address=/.ife.aero/192.168.0.2 -address=/pxcom.aero/192.168.0.2 -address=/.pxcom.aero/192.168.0.2 +address=/ife.aero/10.0.0.254 +address=/.ife.aero/10.0.0.254 +address=/pxcom.aero/10.0.0.254 +address=/.pxcom.aero/10.0.0.254 -address=/google.com/192.168.0.2 -address=/.google.com/192.168.0.2 -address=/gstatic.com/192.168.0.2 -address=/.gstatic.com/192.168.0.2 -address=/apple.com/192.168.0.2 -address=/.apple.com/192.168.0.2 +address=/google.com/10.0.0.254 +address=/.google.com/10.0.0.254 +address=/gstatic.com/10.0.0.254 +address=/.gstatic.com/10.0.0.254 +address=/android.com/10.0.0.254 +address=/.android.com/10.0.0.254 -# address=/#/192.168.0.2 +address=/apple.com/10.0.0.254 +address=/.apple.com/10.0.0.254 + +address=/firefox.com/10.0.0.254 +address=/.firefox.com/10.0.0.254 +address=/ubuntu.com/10.0.0.254 +address=/.ubuntu.com/10.0.0.254 +address=/gnome.org/10.0.0.254 +address=/.gnome.org/10.0.0.254 + + + +address=/#/10.0.0.254 ######### dhcp ########## # Add local-only domains here, queries in these domains are answered @@ -70,7 +82,7 @@ expand-hosts # adds my localdomain to each dhcp host domain=eca.aero # my private dhcp range + subnetmask + 14d lease time -dhcp-range=192.168.0.10,192.168.0.200,255.255.255.0,14d +dhcp-range=10.0.0.20,10.0.0.220,255.255.255.0,14d dhcp-option-force=160,"http://portal.eca.aero" # set route to my local network router #dhcp-option=option:router,192.168.178.1 diff --git a/srv/docker-compose.yml b/srv/docker-compose.yml index 9029022..8cc6338 100644 --- a/srv/docker-compose.yml +++ b/srv/docker-compose.yml @@ -1,4 +1,4 @@ -version: '3' +version: '2' services: nginx: @@ -7,12 +7,12 @@ services: networks: - pxportal ports: - - "80:80" + - "8031:80" volumes: - ./webapp:/data/webapp - ./conf/nginx.conf:/etc/nginx/nginx.conf - ./conf/conf.d:/etc/nginx/conf.d/ - command: ['nginx-debug', '-g', 'daemon off;'] +# command: ['nginx-debug', '-g', 'daemon off;'] dnsmasq: image: andyshinn/dnsmasq @@ -31,15 +31,15 @@ services: container_name: pxportal_service image: registry.preprod.pxcom.aero/pxcom-servers/pxportal-srv:latest volumes: + - ./webapp:/usr/app/webapp - ssh:/root/.ssh networks: - pxportal environment: - REDIRECT_TO=http://portal.eca.aero/index.html - - ARP_CMD=ssh barry@172.27.0.1 arp -n + - ARP_CMD=ssh elta@172.21.0.1 arp -n ports: - "8889:8889" - - "9000:9000" volumes: ssh: diff --git a/srv/nginx.airsas.conf b/srv/nginx.airsas.conf new file mode 100644 index 0000000..3a2c627 --- /dev/null +++ b/srv/nginx.airsas.conf @@ -0,0 +1,195 @@ +daemon off; + +worker_processes 1; +#Referes to single threaded process. Generally set to be equal to the number of CPUs or cores. + +#error_log logs/error.log; #error_log logs/error.log notice; +#Specifies the file where server logs. + +events { + worker_connections 1024; + # worker_processes and worker_connections allows you to calculate maxclients value: + # max_clients = worker_processes * worker_connections +} + + +http { + include mime.types; + # anything written in /opt/nginx/conf/mime.types is interpreted as if written inside the http { } block + + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + # If serving locally stored static files, sendfile is essential to speed up the server, + # But if using as reverse proxy one can deactivate it + + #tcp_nopush on; + # works opposite to tcp_nodelay. Instead of optimizing delays, it optimizes the amount of data sent at once. + + #keepalive_timeout 0; + keepalive_timeout 65; + # timeout during which a keep-alive client connection will stay open. + + gzip on; + # tells the server to use on-the-fly gzip compression. + + server { + # You would want to make a separate file with its own server block for each virtual domain + # on your server and then include them. + listen 80; + #tells Nginx the hostname and the TCP port where it should listen for HTTP connections. + + server_name localhost eca.aero ife.aero gom.aero; + # lets you doname-based virtual hosting + + #access_log logs/host.access.log; + + location /hotspot-detect.html { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $remote_addr; + proxy_pass http://localhost:8889; + } + + # Link to pxeasy + location /pxeasy/ { + proxy_pass http://localhost:23457; + } + + location /logging/ { + proxy_pass http://localhost:23457; + } + + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $remote_addr; + if ($http_user_agent ~ "^CaptiveNetworkSupport(.*)$") { + proxy_pass http://172.19.0.1:8031; + } + + #The location setting lets you configure how nginx responds to requests for resources within the server. + root /var/www/html; + index index.html; + } + # Link to pxeasy +# location /pxeasy/ { +# proxy_pass http://localhost:23457; +# } +# location /logging/ { +# proxy_pass http://localhost:23457; +# } + + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + #error_page 500 502 503 504 /50x.html; + #location = /50x.html { + # root html; + #} + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + } + # Default https + server { + listen 443; + ssl on; + ssl_certificate /etc/nginx/IFE_Cer.pem; + ssl_certificate_key /etc/nginx/IFE_Cer_key.pem; + location / { + root /var/www/html; + index index.html; + } + # PATCH waiting for certificate on pxeasy.ife.aero + location /pxeasy/ { + proxy_pass http://localhost:23457; + } + location /logging/ { + proxy_pass http://localhost:23457; + } + } + # PXEasy https + server { + listen 443; + server_name pxeasy.ife.aero; + ssl on; + ssl_certificate /etc/nginx/IFE_Cer.pem; + ssl_certificate_key /etc/nginx/IFE_Cer_key.pem; + location / { + proxy_pass http://localhost:23457; + } + } + # API to cabin crew server + server { + listen 443; + server_name api.ife.aero; + access_log api-https.access.log; + ssl on; + ssl_certificate /etc/nginx/IFE_Cer.pem; + ssl_certificate_key /etc/nginx/IFE_Cer_key.pem; + location /cabincrew/passengersannouncements/subscribe { + proxy_pass http://cabincrew-api:9001/cabincrew/passengersannouncements/subscribe; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + } + } + + server { + listen 80 default_server; + server_name _; + + location / { + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $remote_addr; + proxy_pass http://172.19.0.1:8031; + } + + access_log captive-pxportal-access.log; + error_log captive-pxportal-error.log; + } + + + + # CAPTIVE PORTAL +# server { +# listen 80; +# server_name +# *.firefox.com +# *.ubuntu.com +# *.google.com +# *.android.com +# *.gstatic.com +# *.apple.com +# *.gnome.org +# captive.eca.aero; + +# location / { +# proxy_set_header Host $host; +# proxy_set_header X-Real-IP $remote_addr; +# proxy_set_header X-Forwarded-For $remote_addr; +# proxy_set_header X-Forwarded-Host $remote_addr; +# proxy_pass http://localhost:8889; +# } + +# access_log captive-portal-access.log; +# error_log captive-portal-error.log; +# } + +} diff --git a/srv/webapp/portal/index.html b/srv/webapp/portal/index.html index 69d0bba..8edbfb6 100644 --- a/srv/webapp/portal/index.html +++ b/srv/webapp/portal/index.html @@ -121,7 +121,7 @@