ISCN5CG1325C0X

conf/includes/BaGet.conf

@@ -1,11 +1,11 @@
-location /
+location / {
-{
-    proxy_pass         http://localhost:5555;
     proxy_http_version 1.1;
-    proxy_set_header   Upgrade $http_upgrade;
-    proxy_set_header   Connection keep-alive;
-    proxy_set_header   Host $http_host;
     proxy_cache_bypass $http_upgrade;
+    proxy_pass http://localhost:5555;
+    proxy_set_header Host $http_host;
+    proxy_set_header Connection keep-alive;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header X-Forwarded-Proto https;
 }
 
 # sc create "Baget-5555" start= delayed-auto DisplayName="Baget-5555" binPath= "C:\Users\phares\AppData\Local\IFXApps\BaGet\src\BaGet\bin\Release\net6.0\win-x64\publish\BaGet.exe" obj= "infineon\phares" password= ""

conf/includes/Gogs.conf

@@ -0,0 +1,8 @@
+location / {
+    proxy_hide_header Authorization;
+    if ($http_Authorization != "Basic asdf") {
+        return 401;
+    }
+    proxy_set_header Authorization "Basic asdf";
+    proxy_pass http://localhost:3000;
+}

conf/includes/code-server.conf

@@ -0,0 +1,25 @@
+server {
+    server_name phares3757.ddns.net;
+    location / {
+        proxy_pass http://localhost:8007/;
+        proxy_set_header Host $host;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection upgrade;
+        proxy_set_header Accept-Encoding gzip;
+    }
+    listen [::]:443 ssl ipv6only=on; # managed by Certbot
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/phares3757.ddns.net/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/phares3757.ddns.net/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+}
+server {
+    if ($host = phares3757.ddns.net) {
+        return 301 https://$host$request_uri;
+        } # managed by Certbot
+    listen 80;
+    listen [::]:80;
+    server_name phares3757.ddns.net;
+    return 404; # managed by Certbot
+}

conf/includes/default.conf

@@ -0,0 +1,8 @@
+server {
+    listen 8008 default_server;
+    listen [::]:8008 default_server;
+    ## Trun on /cgi-bin/ support to run CGI apps ##
+    include /etc/nginx/fcgiwrap.conf;
+    root /var/www/html;
+    server_name _;
+}

conf/includes/dex.conf

@@ -0,0 +1,21 @@
+location ~* .(3gp|apng|avi|avif|bmp|css|cur|flv|gif|htm|html|ico|jfif|jpeg|jpg|js|mid|mov|mp3|mp4|mpeg|mpg|ogg|pdf|php|pjp|pjpeg|png|svg|tif|tiff|txt|wav|webp|wmf|wml|wmv|xml|xml)$ {
+    expires 1d;
+    index index.html index.htm;
+    # root /var/www/html/637998119172547651;
+    root "D://Tmp//phares//www";
+}
+location / {
+    index index.html index.htm;
+    # root /var/www/html/637998119172547651;
+    root "D://Tmp//phares//www";
+    # First attempt to serve request as file, then
+    autoindex on;
+    # Send the data in JSON
+    autoindex_format json;
+    addition_types application/json;
+    # Calling from SERVERNAME/autoindex/*
+    add_before_body /NGINdeX.io/header.html;
+    add_after_body /NGINdeX.io/footer.html;
+    # Need to tell that we are sending HTML
+    add_header Content-Type text/html;
+}

conf/includes/ec-server.pass

@@ -0,0 +1 @@
+nocert

conf/includes/github.conf

@@ -0,0 +1,4 @@
+location / {
+    root "D://www//github";
+    index index.html index.htm;
+}

conf/includes/json.conf

@@ -1,24 +1,47 @@
-# location ~ /admin(.*)/$ {
 location ~* .(3gp|apng|avi|avif|bmp|css|cur|flv|gif|htm|html|ico|jfif|jpeg|jpg|js|mid|mov|mp3|mp4|mpeg|mpg|ogg|pdf|php|pjp|pjpeg|png|svg|tif|tiff|txt|wav|webp|wmf|wml|wmv|xml|xml)$ {
     expires 1d;
     index index.html index.htm;
-    # mklink /J "D:\Tmp\Phares\www\pictures" "D:\Documents\Pictures"
-    # mklink /J "D:\Tmp\Phares\www\NGINdeX.io" "L:\GitHub\NGINdeX.io"
     root "D://Tmp//phares//www";
 }
 location / {
     index index.html index.htm;
-    # mklink /J "D:\Tmp\Phares\www\pictures" "D:\Documents\Pictures"
+    # root /var/www/html/637998119172547651;
-    # mklink /J "D:\Tmp\Phares\www\NGINdeX.io" "L:\GitHub\NGINdeX.io"
     root "D://Tmp//phares//www";
     # First attempt to serve request as file, then
     autoindex on;
     # Send the data in JSON
     autoindex_format json;
-    addition_types application/json;
+    # addition_types application/json;
     # Calling from SERVERNAME/autoindex/*
-    add_before_body /NGINdeX.io/header.html;
+    # add_before_body /NGINdeX.io/header.html;
-    add_after_body /NGINdeX.io/footer.html;
+    # add_after_body /NGINdeX.io/footer.html;
     # Need to tell that we are sending HTML
-    add_header Content-Type text/html;
+    # add_header Content-Type text/html;
+    if ($request_method = 'OPTIONS') {
+        add_header 'Access-Control-Allow-Origin' '*';
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+        #
+        # Custom headers and headers various browsers *should* be OK with but aren't
+        #
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
+        #
+        # Tell client that this pre-flight info is valid for 20 days
+        #
+        add_header 'Access-Control-Max-Age' 1728000;
+        add_header 'Content-Type' 'text/plain; charset=utf-8';
+        add_header 'Content-Length' 0;
+        return 204;
+    }
+    if ($request_method = 'POST') {
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
+        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
+    }
+    if ($request_method = 'GET') {
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
+        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
+    }
 }

conf/includes/localhost.conf

@@ -0,0 +1,45 @@
+[req]
+default_bits       = 2048
+default_keyfile    = localhost.key
+distinguished_name = req_distinguished_name
+req_extensions     = req_ext
+x509_extensions    = v3_ca
+
+[req_distinguished_name]
+countryName                 = Country Name (2 letter code)
+countryName_default         = US
+stateOrProvinceName         = State or Province Name (full name)
+stateOrProvinceName_default = Arizona
+localityName                = Locality Name (eg, city)
+localityName_default        = Mesa
+organizationName            = Organization Name (eg, company)
+organizationName_default    = Infineon Technologies Americas Corp.
+organizationalUnitName      = organizationalunit
+organizationalUnitName_default = Development
+commonName                  = Common Name (e.g. server FQDN or YOUR name)
+commonName_default          = ISCN5CG1325C0X.infineon.com
+commonName_max              = 64
+
+[req_ext]
+subjectAltName = @alt_names
+
+[v3_ca]
+subjectAltName = @alt_names
+
+[alt_names]
+DNS.1   = ISCN5CG1325C0X.infineon.com
+DNS.2   = ISCN5CG1325C0X
+DNS.3   = localhost
+DNS.4   = 127.0.0.1
+
+# https://webscoot.io/blog/create-self-signed-certificate-ubuntu-windows-nginx/
+# cd "C:\Program Files\DevOps\Mesa_FI\usr\bin"
+# openssl
+# req -x509 -nodes -days 365 -newkey rsa:2048 -keyout L:\DevOps\Mesa_FI\NGINX-Conf\conf\includes\localhost.key -out L:\DevOps\Mesa_FI\NGINX-Conf\conf\includes\localhost.crt -config L:\DevOps\Mesa_FI\NGINX-Conf\conf\includes\localhost.conf
+# openssl
+# req -newkey rsa:2048 -keyout L:\DevOps\Mesa_FI\NGINX-Conf\conf\includes\localhost.key -out L:\DevOps\Mesa_FI\NGINX-Conf\conf\includes\certificate-signing-request.csr -config L:\DevOps\Mesa_FI\NGINX-Conf\conf\includes\localhost.conf
+# https://intranet.infineon.com/
+# openssl
+# pkcs12 -in L:\DevOps\Mesa_FI\NGINX-Conf\conf\includes\ec-server.pfx -nocerts -out L:\DevOps\Mesa_FI\NGINX-Conf\conf\includes\ec-server.key
+# openssl
+# pkcs12 -in L:\DevOps\Mesa_FI\NGINX-Conf\conf\includes\ec-server.pfx -clcerts -nokeys -out L:\DevOps\Mesa_FI\NGINX-Conf\conf\includes\ec-server.crt

conf/includes/localhost.crt

@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEEjCCAvqgAwIBAgIUJrbp6n/LNC7f7S4AsbzDP9T+MVkwDQYJKoZIhvcNAQEL
+BQAwgZkxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdBcml6b25hMQ0wCwYDVQQHDARN
+ZXNhMS0wKwYDVQQKDCRJbmZpbmVvbiBUZWNobm9sb2dpZXMgQW1lcmljYXMgQ29y
+cC4xFDASBgNVBAsMC0RldmVsb3BtZW50MSQwIgYDVQQDDBtJU0NONUNHMTMyNUMw
+WC5pbmZpbmVvbi5jb20wHhcNMjMwNTEyMTUyNjUzWhcNMjQwNTExMTUyNjUzWjCB
+mTELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0FyaXpvbmExDTALBgNVBAcMBE1lc2Ex
+LTArBgNVBAoMJEluZmluZW9uIFRlY2hub2xvZ2llcyBBbWVyaWNhcyBDb3JwLjEU
+MBIGA1UECwwLRGV2ZWxvcG1lbnQxJDAiBgNVBAMMG0lTQ041Q0cxMzI1QzBYLmlu
+ZmluZW9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKLqZFx1
+XYv6ea30TVM4107RHckfjUVioNAqf7S2y4RkSWAXrWC5JimrOnbgDpDpHQlWDaP8
+heQlNi/kcVIe6IFj0jy7aRo5XhJn6VZJqfh6RK5bw7DkeS/1jxDAPy+x6XKbFIWA
+amZBF+zdrkm4YxYEBRuIc4hLy17sGPNxjCcCNz0jylh6S/9Qv2EkuEly46vwpXuJ
+5S2n7M1ka7IV8d+iGQaMdZcOqp7NJuXuyCbs2MBUGVjyCR5m5zQ2di/V7+JHdu/w
+PZ27RbFhYHtmiKJQc+fzOsfhvs2UfNoYr6AShppsRTgMq4SNn1dxh6znXudA6bOY
+GVr63OAybFb0F8MCAwEAAaNQME4wTAYDVR0RBEUwQ4IbSVNDTjVDRzEzMjVDMFgu
+aW5maW5lb24uY29tgg5JU0NONUNHMTMyNUMwWIIJbG9jYWxob3N0ggkxMjcuMC4w
+LjEwDQYJKoZIhvcNAQELBQADggEBAFxGmOOldrAAwpRgl73WicIgygKqTMk79ale
+kwlsz704X2YCNe3eBL8iqXSIBpiwI3bnbqwOk0rsM9ftzQ3OBfGXk6qWqAaFmqlk
+oDQcT8l44eb7oOAvwfswpkxmJKCuriv/qjVuJizXBX8a+K4sYPe7DBPyW89TBxbg
+UFXLp/iUaBmf74ebZPs0jnFBZMeYmJ4W9F7xYwNcJSegMakeQ+B23vcaF0XNklYP
+iNss9S1HRDB0cGYMvZRWlbSpPv5ZAvddo3w6lYMwd2N9ZByFBwEm56rp53hMFPWa
+qPXLnkyqrcBLv5h/agWcpuRLLECSmxIrvHoUxWXHrs7ZBGvc8B4=
+-----END CERTIFICATE-----

conf/includes/localhost.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCi6mRcdV2L+nmt
+9E1TONdO0R3JH41FYqDQKn+0tsuEZElgF61guSYpqzp24A6Q6R0JVg2j/IXkJTYv
+5HFSHuiBY9I8u2kaOV4SZ+lWSan4ekSuW8Ow5Hkv9Y8QwD8vselymxSFgGpmQRfs
+3a5JuGMWBAUbiHOIS8te7BjzcYwnAjc9I8pYekv/UL9hJLhJcuOr8KV7ieUtp+zN
+ZGuyFfHfohkGjHWXDqqezSbl7sgm7NjAVBlY8gkeZuc0NnYv1e/iR3bv8D2du0Wx
+YWB7ZoiiUHPn8zrH4b7NlHzaGK+gEoaabEU4DKuEjZ9XcYes517nQOmzmBla+tzg
+MmxW9BfDAgMBAAECggEAVWJbb0nj2XVRSKZ90Fw+HATlg3+R3weuGOvtOp2DVMPq
+4P4H1GW1ZqljXuJXQAOtQDNlusiis8v89mTYL54bZZUXntTqZOAkOalUVfENsDkE
+vg1CJvfXvBcLAFCBzVGFdJdqzf1bxnPfQjl9Gw4UgHli4+dEBe8Ti5BaE10zg02D
+1WPSy7+CbUDtqEWPW1MOfcrgUWtJw0+GjZCH2FaFbeb2CozOPNTJroRdKblFhFnY
+yLxgcULURc3ySk0iHUndSvA3ZK5YXRxlx/Fa0J8DVg8vTwfPAM0famZsWth1xJWR
+zt7/5eNHiyWudKZyvQnkqGYMgSxJGY7QSr2rfbpeYQKBgQDSOxrbXfQvGIIzOoxg
+N7T1aBdJSWsAdZGZ8pEgJO3QkwQ2pUyfeYEoLQoPPyyUSvrlqOhia+pmvgd3qoyh
+WrD/CniD3/7yV/IY1G9PMZcPKOhrncvva6Dn5DMiKdzFUGGWp23Ux1zQKwf8svU3
+r/wPRsXaERVf/k2hlf+BQB3C3QKBgQDGYj4O2fORdnplFmIHRVRSP/aXKagoBDBd
+qyl4+quXDjdcCJDUwv1Y67W1fjmqvUXVYQTpiQtKL7PGSlDtaOzQfY4AHQwO0R+z
+C+/AXMmSa1iMq6Wf53JqhFT9yH7PWl51RHcow6lJlAjq66QtJBaObLxfoKgISrNM
+sFJp20ILHwKBgCtuQG8fKsnr80HoD4X1HDIyjdT7ENroburx3J9aYbLcHFu5rGmp
+rVACdfiOYYRFNS3qxg9HIgaVrW9AUYsn9DbMD/eWd9HS71XH1TL0GLPuDI3m7HGK
+t5QQZaviIBS3NWHtNthlUzxCF4VR5yzY82aohUk2jEbnf1wpY75s43kVAoGAOyVB
+IUZjssOi/A5vTYGjAR6m0yyNQNj23oZQSAxcKh4H7T10iKpVxDQKKcEnSjtB3bse
+Ls43+nc8Xur7M7zrlcFJG8mNNcGtdMEjSrOfOTMd5Fqsd38WgqFPgZZMEF/993Jh
+IFstVo13FysH+JlgzDeo9c29KzOyPzP2bi77grsCgYEAw4dkkQiPVs0s+u0TnT6r
+2t+d9lOS3iKqoaD9Wd1KdLxV6e5sHLMdj76Q+p5G8xOpQF1WfXR5wvWTkL7xFPgY
+xMyiJ72AIlvrmeinfwfUdFILSu6rrO0Fo3sB23+vXxEv3+6MnC3QneZooIGnKYqL
+WpiDFEw2WBvluU+neub84gg=
+-----END PRIVATE KEY-----

conf/includes/wwwroot.conf

@@ -0,0 +1,4 @@
+location / {
+    root "D://wwwroot";
+    try_files $uri $uri/ /index.html =404;
+}

conf/nginx.conf

@@ -8,11 +8,22 @@ http {
     sendfile on;
     keepalive_timeout 65;
     server {
-        listen 5050;
+        # listen 80;
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
         server_name localhost;
-        include "includes/html.conf";
+        ssl_certificate "includes/localhost.crt";
+        ssl_certificate_key "includes/localhost.key";
+        # ssl_certificate "includes/ec-server.cer";
+        # ssl_certificate "includes/ec-server.crt";
+        # ssl_certificate_key "includes/ec-server.key";
+        # ssl_password_file "includes/ec-server.pass";
+        ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
+        # include "includes/html.conf";
+        include "includes/BaGet.conf";
         error_page 500 502 503 504 /50x.html;
         include "includes/html-error.conf";
+        # include "includes/github.conf";
     }
     server {
         listen 4430;
@@ -27,7 +38,7 @@ http {
     server {
         listen 5052;
         server_name localhost;
-        include "includes/json.conf";
+        include "includes/dex.conf";
     }
     server {
         listen 5053;
@@ -35,26 +46,69 @@ http {
         include "includes/ProgramData.conf";
     }
     server {
-        listen 8080;
+        listen 5054;
-        server_name ~(oi-metrology-viewer-archive).mes.infineon.com;
+        server_name localhost;
-        location / {
+        include "includes/json.conf";
-            include "includes/Archive.conf";
-        }
     }
     server {
-        listen 8080;
+        listen 5055;
-        server_name ~(oi-metrology-viewer-prod).mes.infineon.com;
+        server_name localhost;
-        location / {
+        include "includes/wwwroot.conf";
-            include "includes/Viewer.conf";
-        }
     }
+    server {
+        listen 8011;
+        server_name localhost;
+        include "includes/Gogs.conf";
+    }
+    # server {
+    #     listen 8080;
+    #     server_name ~(oi-metrology-viewer-archive).mes.infineon.com;
+    #     location / {
+    #         include "includes/Archive.conf";
+    #     }
+    # }
+    # server {
+    #     listen 8080;
+    #     server_name ~(oi-metrology-viewer-prod).mes.infineon.com;
+    #     location / {
+    #         include "includes/Viewer.conf";
+    #     }
+    # }
     server {
         listen 8088;
         server_name *.mes.infineon.com;
         include "includes/EAF-Viewer.Server.conf";
     }
 }
-# mklink /J "C:\Users\phares\AppData\Local\IFXApps\nginx-1.20.1\conf" "L:\Git\NGINX-Conf\conf"
+# mkdir "L:\DevOps\Mesa_FI"
-# cd "C:\Users\ECMESEAF\AppData\Local\IFXApps\nginx-1.20.1"
+# cd "L:\DevOps\Mesa_FI"
+# git clone https://tfs.intra.infineon.com/tfs/ManufacturingIT/Mesa_FI/_git/NGINX-Conf
+# -
+# rmdir /s "C:\Users\phares\AppData\Local\IFXApps\nginx-1.20.1\conf"
+# mklink /J "C:\Users\phares\AppData\Local\IFXApps\nginx-1.20.1\conf" "L:\DevOps\Mesa_FI\NGINX-Conf\conf"
+# -
+# As administrator
+# -
+# cd "C:\Users\phares\AppData\Local\IFXApps\nssm-2.24\win64"
+# nssm install "nginx"
+# -
+# C:\Users\phares\AppData\Local\IFXApps\nginx-1.20.1\nginx.exe
+# C:\Users\phares\AppData\Local\IFXApps\nginx-1.20.1
+# -
+# start nginx
+# C:\Users\phares\AppData\Local\IFXApps\nginx-1.20.1\logs\service.out.log
+# C:\Users\phares\AppData\Local\IFXApps\nginx-1.20.1\logs\service.error.log
+# -
+# mklink /J "D:\Tmp\Phares\www\pictures" "D:\Documents\Pictures"
+# mklink /J "D:\Tmp\Phares\www\NGINdeX.io" "L:\DevOps\Mesa_FI\NGINdeX.io"
+# mklink /J "D:\Tmp\Phares\www\pictures" "D:\Documents\Pictures"
+# mklink /J "D:\Tmp\Phares\www\NGINdeX.io" "L:\DevOps\Mesa_FI\NGINdeX.io"
+# -
+# ln -s /etc/nginx/sites-available/json /etc/nginx/sites-enabled/
+# ln -s /srv/samba/share/637998119172547651 /var/www/html/637998119172547651
+# ln -s /var/www/html/NGINdeX.io /var/www/html/637998119172547651/NGINdeX.io
+# ln -s /srv/git /var/www/html/637998119172547651/git
+# -
+# cd "C:\Users\phares\AppData\Local\IFXApps\nginx-1.20.1"
 # .\nginx -t
-# .\nginx -s reload
+# .\nginx -s reload