http only

.gitignore

@@ -0,0 +1 @@
+nginx-1.20.1

.vscode/settings.json

@@ -6,5 +6,6 @@
     "files.exclude": {
         "**/.git": false
     },
-    "coverage-gutters.coverageBaseDir": "./.vscode/ReportGenerator/Cobertura/*"
+    "coverage-gutters.coverageBaseDir": "./.vscode/ReportGenerator/Cobertura/*",
+    "thunder-client.saveToWorkspace": false
 }

conf/includes/BaGet.conf

@@ -1,11 +1,11 @@
-location /
-{
-    proxy_pass         http://localhost:5555;
+location / {
     proxy_http_version 1.1;
-    proxy_set_header   Upgrade $http_upgrade;
-    proxy_set_header   Connection keep-alive;
-    proxy_set_header   Host $http_host;
     proxy_cache_bypass $http_upgrade;
+    proxy_pass http://localhost:5555;
+    proxy_set_header Host $http_host;
+    proxy_set_header Connection keep-alive;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header X-Forwarded-Proto https;
 }
 
 # sc create "Baget-5555" start= delayed-auto DisplayName="Baget-5555" binPath= "C:\Users\phares\AppData\Local\IFXApps\BaGet\src\BaGet\bin\Release\net6.0\win-x64\publish\BaGet.exe" obj= "infineon\phares" password= ""

conf/includes/biorad4.conf

@@ -1,6 +1,6 @@
 [req]
 default_bits       = 2048
-default_keyfile    = desktop-h6jg91b.key
+default_keyfile    = localhost.key
 distinguished_name = req_distinguished_name
 req_extensions     = req_ext
 x509_extensions    = v3_ca
@@ -11,13 +11,13 @@ countryName_default         = US
 stateOrProvinceName         = State or Province Name (full name)
 stateOrProvinceName_default = Arizona
 localityName                = Locality Name (eg, city)
-localityName_default        = Anthem
+localityName_default        = Mesa
 organizationName            = Organization Name (eg, company)
-organizationName_default    = Phares
+organizationName_default    = Infineon Technologies Americas Corp.
 organizationalUnitName      = organizationalunit
 organizationalUnitName_default = Development
 commonName                  = Common Name (e.g. server FQDN or YOUR name)
-commonName_default          = desktop-h6jg91b
+commonName_default          = biorad4
 commonName_max              = 64
 
 [req_ext]
@@ -27,10 +27,6 @@ subjectAltName = @alt_names
 subjectAltName = @alt_names
 
 [alt_names]
-DNS.1   = desktop-h6jg91b
+DNS.1   = biorad4
 DNS.2   = localhost
 DNS.3   = 127.0.0.1
-
-# https://webscoot.io/blog/create-self-signed-certificate-ubuntu-windows-nginx/
-# cd "C:\Program Files\Git\usr\bin"
-# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout L:\Git\NGINX-Conf\conf\includes\desktop-h6jg91b.key -out L:\Git\NGINX-Conf\conf\includes\desktop-h6jg91b.crt -config L:\Git\NGINX-Conf\conf\includes\desktop-h6jg91b.conf

conf/includes/biorad4.pass

@@ -0,0 +1 @@
+https://intranet.infineon.com/

conf/includes/cdn.conf

@@ -0,0 +1,31 @@
+location /cdn/ {
+    root "D://web-sites//cdn";
+    autoindex on;
+    if ($request_method = 'OPTIONS') {
+        add_header 'Access-Control-Allow-Origin' '*';
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+        #
+        # Custom headers and headers various browsers *should* be OK with but aren't
+        #
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
+        #
+        # Tell client that this pre-flight info is valid for 20 days
+        #
+        add_header 'Access-Control-Max-Age' 1728000;
+        add_header 'Content-Type' 'text/plain; charset=utf-8';
+        add_header 'Content-Length' 0;
+        return 204;
+    }
+    if ($request_method = 'POST') {
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
+        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
+    }
+    if ($request_method = 'GET') {
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
+        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
+    }
+}

conf/includes/code-marketplace.conf

@@ -0,0 +1,9 @@
+location / {
+    proxy_pass http://localhost:3001/;
+    proxy_set_header Host $host;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection upgrade;
+    proxy_set_header Accept-Encoding gzip;
+    proxy_set_header X-Forwarded-Host $http_host;
+    proxy_set_header X-Forwarded-Proto $scheme;
+}

conf/includes/code-server.conf

@@ -0,0 +1,25 @@
+server {
+    server_name phares3757.ddns.net;
+    location / {
+        proxy_pass http://localhost:8007/;
+        proxy_set_header Host $host;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection upgrade;
+        proxy_set_header Accept-Encoding gzip;
+    }
+    listen [::]:443 ssl ipv6only=on; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/phares3757.ddns.net/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/phares3757.ddns.net/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+}
+server {
+    if ($host = phares3757.ddns.net) {
+        return 301 https://$host$request_uri;
+        } # managed by Certbot
+    listen 80;
+    listen [::]:80;
+    server_name phares3757.ddns.net;
+    return 404; # managed by Certbot
+}

conf/includes/default.conf

@@ -0,0 +1,8 @@
+server {
+    listen 8008 default_server;
+    listen [::]:8008 default_server;
+    ## Trun on /cgi-bin/ support to run CGI apps ##
+    include /etc/nginx/fcgiwrap.conf;
+    root /var/www/html;
+    server_name _;
+}

conf/includes/desktop-h6jg91b.crt

@@ -1,23 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDwzCCAqugAwIBAgIUHNUT7UMv/DhFqIN2tHs1atq8/ywwDQYJKoZIhvcNAQEL
-BQAwcTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0FyaXpvbmExDzANBgNVBAcMBkFu
-dGhlbTEPMA0GA1UECgwGUGhhcmVzMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEYMBYG
-A1UEAwwPZGVza3RvcC1oNmpnOTFiMB4XDTIzMTIyMzIwNTQ0MFoXDTI0MTIyMjIw
-NTQ0MFowcTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0FyaXpvbmExDzANBgNVBAcM
-BkFudGhlbTEPMA0GA1UECgwGUGhhcmVzMRQwEgYDVQQLDAtEZXZlbG9wbWVudDEY
-MBYGA1UEAwwPZGVza3RvcC1oNmpnOTFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA1gLqYJPuJFbjuoEVqW7fCyZTFIJika/OeOXYbVTakN9xfm+EmLEW
-RXx8zCNENAsdUIgxdfUVk1RxK513oYrQCpADEWHGvRyLCran7IM/udBacIl6CuFK
-tuPd+FQoRZ/77Z71FQU/30xoYfRFk5V3SghBblCa5zzZO87EFwk6v4BWXwPjSfnU
-sQLclaivmtYS65Pbcq2YrGG9326AieT5lZb6DqQKBLhHdNzvlFYbapvMNUXSwCuB
-QkwV7Yx6fM0P8JGrJ+DJwPBInYDodri0OQUTolMMmWyBekbZPzJBKp7MJkHqj6d4
-KeRC16g6bHhH74TGBzTYb53PvvdYcn6NAwIDAQABo1MwUTAwBgNVHREEKTAngg9k
-ZXNrdG9wLWg2amc5MWKCCWxvY2FsaG9zdIIJMTI3LjAuMC4xMB0GA1UdDgQWBBTP
-f3CbPpa4/kT5sLe2OICnMC4upzANBgkqhkiG9w0BAQsFAAOCAQEAYNxDqeId7D6i
-7Aypgegap99XsWDbSHIiqbZM7dkO00kSWq9MUcq2YlZL837uZX/INEPjxnh2iib0
-tMANt+HpOjWoSd0eUZMWTqIuui6xUrsVsbWiLPR7iDLw9jjYHmQXOt4Wh3AepjBA
-FOJC+J8sGP5Zt+UikC3smi/hQGaJraA/BBX7h498a7GgF2Wyk1wMl/rmP9PdWV2T
-fCCVkG9Te+jEudESqU8LBtn6L8BCt2fsxBlcX4iLpUyXaWDccgjKjydvLu7nn5Uf
-/Fp/U0br5I+VR7NCHcWNDGKc3mxQyw63HTDALg3Vi7pG1JK6/wYdZzdt4EGJF4F+
-cFH7RXkHwg==
------END CERTIFICATE-----

conf/includes/desktop-h6jg91b.key

@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDWAupgk+4kVuO6
-gRWpbt8LJlMUgmKRr8545dhtVNqQ33F+b4SYsRZFfHzMI0Q0Cx1QiDF19RWTVHEr
-nXehitAKkAMRYca9HIsKtqfsgz+50FpwiXoK4Uq24934VChFn/vtnvUVBT/fTGhh
-9EWTlXdKCEFuUJrnPNk7zsQXCTq/gFZfA+NJ+dSxAtyVqK+a1hLrk9tyrZisYb3f
-boCJ5PmVlvoOpAoEuEd03O+UVhtqm8w1RdLAK4FCTBXtjHp8zQ/wkasn4MnA8Eid
-gOh2uLQ5BROiUwyZbIF6Rtk/MkEqnswmQeqPp3gp5ELXqDpseEfvhMYHNNhvnc++
-91hyfo0DAgMBAAECggEAKGkehqQISLZbhAER7Q9xcHKJJ4tDP4056JxGFMb8CnUW
-wjAekpKFyRMroYRbQZSDsYw2ArcHnu1H/VtblpZWmFf/LE4RL+5u1tQMu11BMD4G
-hc9/ywQljolShaymehcug/0K/DAkkm6kGzL73FVR1Bng+QqhZV6ZCnENl+f3PueN
-XHY8CqoMpU9ZtzzxOSwbNowVqSTQmIcrbU7tWhd4dGjByAOvj8VBWfouDnA1CxzJ
-ns3JJwHrW9xreijKr+am8JvjWEMyJOXD8I9v5TaICm8pnTQHuf3xZ5+bMJfmA8HT
-9sGHWK5Cq2p42isimdZoW9g+q1zJiOcm9FhQbInj+QKBgQD3+gho0diIIrHg4Rzx
-nliB1JoF4pugwZqDhFSySyVMc2jTfs34i4AQY5cwhuRvi75DAh5kSnsrv8z4enpA
-bNvNqVKkQihRKXf3Dyjc94jRNtzodjNYpKRIpn4/0kW4vX0cKyMnb4nWs58e7Q+D
-pnKqwIiGmounvfy7rVMj74/dXwKBgQDc740lGL20v40ZRnploVunK3hu/hgDrktw
-TB2+QPdFdBNA9oluo0JUFhooivIgedBCr84AyD+lI1duPYx3/AOR8CMppe6JwoVv
-+swhVCZIZT4oZItWk0AYHBAzT5vcu38oDl6UPqMTD27HBOPKl5RpUPto3k4bqWb+
-HB/FxxbO3QKBgQDnjh3+Kz2j2an6UJsjb/Y7vdfZeQJT+ZUcDBy+pHb+zaHsJDOX
-TERYiXarhLqZAoe2sKrKgdZEQwTWXh/8OuqBQASAh5p4N13jYM+Kjsa+fhmIJJ/L
-vWn+wSGQ3PvoB2FlRU69S2UODIqgaUMcbvgSRFj4QCX6i+kNI0tIejH/xwKBgHls
-JlRG/qvBwpgrhcUpIygC2hOWDjinp8o16vrO1ZcULii71dg6XY+8/e9ePaffire7
-yyne5Cur+rcZmIOwu32PTqPrD+giQhfC7EE88DVFfx3P9ExGbSlS8wxgKjbrzPyE
-uTIcIp+tEaLLay3ClMw0t5dw5diKB5KMfmHCAyT5AoGBANfahu1+7Gux2d7LiWZx
-E9JE8ObR7vXWtV19DAAFAlrhAed3X366+hSzH4TnvsMhSn/r0XeiYjEVgWwsVDju
-/pLgSy9f6LFLyiLUuxHUikK05Br+vKSW22o55xP3w8YXi5m1d7UlZRvFsjKYw+A/
-kxgA8Bt0zAWAMiEc2s2N9Xbv
------END PRIVATE KEY-----

conf/includes/dex.conf

@@ -0,0 +1,21 @@
+location ~* .(3gp|apng|avi|avif|bmp|css|cur|flv|gif|htm|html|ico|jfif|jpeg|jpg|js|mid|mov|mp3|mp4|mpeg|mpg|ogg|pdf|php|pjp|pjpeg|png|svg|tif|tiff|txt|wav|webp|wmf|wml|wmv|xml|xml)$ {
+    expires 1d;
+    index index.html index.htm;
+    # root /var/www/html/637998119172547651;
+    root "D://Tmp//phares//www";
+}
+location / {
+    index index.html index.htm;
+    # root /var/www/html/637998119172547651;
+    root "D://Tmp//phares//www";
+    # First attempt to serve request as file, then
+    autoindex on;
+    # Send the data in JSON
+    autoindex_format json;
+    addition_types application/json;
+    # Calling from SERVERNAME/autoindex/*
+    add_before_body /NGINdeX.io/header.html;
+    add_after_body /NGINdeX.io/footer.html;
+    # Need to tell that we are sending HTML
+    add_header Content-Type text/html;
+}

conf/includes/github.conf

@@ -0,0 +1,16 @@
+
+    server {
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+        server_name github;
+        # https://github
+        ssl_certificate "includes/localhost.crt";
+        ssl_certificate_key "includes/localhost.key";
+        ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
+        location / {
+            root "D://Tmp//phares//www";
+            autoindex on;
+        }
+        error_page 500 502 503 504 /50x.html;
+        include "includes/html-error.conf";
+    }

conf/includes/json.conf

@@ -1,24 +1,47 @@
-# location ~ /admin(.*)/$ {
 location ~* .(3gp|apng|avi|avif|bmp|css|cur|flv|gif|htm|html|ico|jfif|jpeg|jpg|js|mid|mov|mp3|mp4|mpeg|mpg|ogg|pdf|php|pjp|pjpeg|png|svg|tif|tiff|txt|wav|webp|wmf|wml|wmv|xml|xml)$ {
     expires 1d;
     index index.html index.htm;
-    # mklink /J "D:\Tmp\Phares\www\pictures" "D:\Documents\Pictures"
-    # mklink /J "D:\Tmp\Phares\www\NGINdeX.io" "L:\GitHub\NGINdeX.io"
     root "D://Tmp//phares//www";
 }
 location / {
     index index.html index.htm;
-    # mklink /J "D:\Tmp\Phares\www\pictures" "D:\Documents\Pictures"
-    # mklink /J "D:\Tmp\Phares\www\NGINdeX.io" "L:\GitHub\NGINdeX.io"
+    # root /var/www/html/637998119172547651;
     root "D://Tmp//phares//www";
     # First attempt to serve request as file, then
     autoindex on;
     # Send the data in JSON
     autoindex_format json;
-    addition_types application/json;
+    # addition_types application/json;
     # Calling from SERVERNAME/autoindex/*
-    add_before_body /NGINdeX.io/header.html;
-    add_after_body /NGINdeX.io/footer.html;
+    # add_before_body /NGINdeX.io/header.html;
+    # add_after_body /NGINdeX.io/footer.html;
     # Need to tell that we are sending HTML
-    add_header Content-Type text/html;
+    # add_header Content-Type text/html;
+    if ($request_method = 'OPTIONS') {
+        add_header 'Access-Control-Allow-Origin' '*';
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+        #
+        # Custom headers and headers various browsers *should* be OK with but aren't
+        #
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
+        #
+        # Tell client that this pre-flight info is valid for 20 days
+        #
+        add_header 'Access-Control-Max-Age' 1728000;
+        add_header 'Content-Type' 'text/plain; charset=utf-8';
+        add_header 'Content-Length' 0;
+        return 204;
+    }
+    if ($request_method = 'POST') {
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
+        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
+    }
+    if ($request_method = 'GET') {
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
+        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
+    }
 }

conf/includes/metrology.conf

@@ -0,0 +1,28 @@
+server {
+    listen 4439 ssl http2;
+    listen [::]:4439 ssl http2;
+    # https://oi-metrology-viewer-prod
+    server_name oi-metrology-viewer-prod;
+    # http://oi-metrology-viewer-prod:8080
+    ssl_certificate "includes/oi-metrology-viewer-prod.cer";
+    ssl_certificate_key "includes/oi-metrology-viewer-prod.key";
+    ssl_password_file "includes/oi-metrology-viewer-prod.pass";
+    ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
+    location / {
+        autoindex on;
+        root "D://Tmp//phares//wwwroot";
+    } 
+    location /api/ {
+        proxy_http_version 1.1;
+        proxy_cache_bypass $http_upgrade;
+        proxy_pass http://localhost:5002;
+        proxy_set_header Host $http_host;
+        proxy_set_header Connection keep-alive;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header X-Forwarded-Proto https;
+    }
+    error_page 500 502 503 504 /50x.html;
+    include "includes/html-error.conf";
+}
+
+# see pipeline yml

conf/includes/stratus.conf

@@ -0,0 +1,31 @@
+server {
+    listen 5050;
+    server_name localhost;
+    include "includes/html.conf";
+    error_page 500 502 503 504 /50x.html;
+    include "includes/html-error.conf";
+}    
+server {
+    listen 8081;
+    server_name localhost;
+    location / {
+        index index.html index.htm;
+        root "D://IFXApps//Logs";
+        # First attempt to serve request as file, then
+        autoindex on;
+        # Send the data in JSON
+        autoindex_format json;
+    }
+}  
+server {
+    listen 8082;
+    server_name localhost;
+    location / {
+        index index.html index.htm;
+        root "C://Program Files//Accent";
+        # First attempt to serve request as file, then
+        autoindex on;
+        # Send the data in JSON
+        autoindex_format json;
+    }
+}

conf/includes/wwwroot.conf

@@ -0,0 +1,4 @@
+location / {
+    root "D://wwwroot";
+    try_files $uri $uri/ /index.html =404;
+}

conf/nginx.conf

@@ -4,35 +4,8 @@ events {
 }
 http {
     include "includes/mime.types";
+    include "includes/stratus.conf";
     default_type application/octet-stream;
     sendfile on;
     keepalive_timeout 65;
-  server {
-      listen 443 ssl http2;
-      listen [::]:443 ssl http2;
-      server_name localhost;
-      ssl_certificate "includes/desktop-h6jg91b.crt";
-      ssl_certificate_key "includes/desktop-h6jg91b.key";
-      ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
-      # include "includes/html.conf";
-      include "includes/BaGet.conf";
-      error_page 500 502 503 504 /50x.html;
-      include "includes/html-error.conf";
-  }
-  server {
-    listen 80;
-    listen [::]:80;
-    server_name localhost;
-    location / {
-      proxy_pass http://localhost:8080/;
-      proxy_set_header Host $host;
-      proxy_set_header Upgrade $http_upgrade;
-      proxy_set_header Connection upgrade;
-      proxy_set_header Accept-Encoding gzip;
-    }
-  }
 }
-# mklink /J "C:\Users\mikep\AppData\Local\PharesApps\nginx-1.20.1\conf" "L:\Git\NGINX-Conf\conf"
-# cd "C:\Users\ECMESEAF\AppData\Local\IFXApps\nginx-1.20.1"
-# .\nginx -t
-# .\nginx -s reload