diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index ece3800e1c49914b5f7bba11a9cd952209b969a6..aeb03549ad57ef5935f6b4730ea615a031519251 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -36,5 +36,5 @@ deploy_docker:
- apt-get -yqq install ssh
- apt-get install sshpass
script:
- - sshpass -p sParest1en ssh -v -o StrictHostKeyChecking=no root@128.199.53.153 "docker rm -f frontend || true; docker pull registry.gitlab.com/$DOCKER_USER/sparesti-registry:frontend && docker run -d -p 443:5173 --name frontend registry.gitlab.com/$DOCKER_USER/sparesti-registry:frontend"
+ - sshpass -p sParest1en ssh -v -o StrictHostKeyChecking=no root@128.199.53.153 "docker rm -f frontend || true; docker pull registry.gitlab.com/$DOCKER_USER/sparesti-registry:frontend && docker run -d -p 82:5173 --name frontend registry.gitlab.com/$DOCKER_USER/sparesti-registry:frontend"
when: manual
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index 9efa9c9950709c0f8c22bd30b58b54096218e778..5778151f7ea1bda0723d6d6f451974c4a4f6ff58 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,8 +9,5 @@ RUN npm run build
# Step 2: Setup the server with Nginx
FROM nginx:stable-alpine as production-stage
COPY --from=build-stage /app/dist /usr/share/nginx/html
-COPY web/nginx.conf /etc/nginx/nginx.conf
-COPY web/nginx-selfsigned.crt /etc/ssl/certs/nginx-selfsigned.crt
-COPY web/nginx-selfsigned.key /etc/ssl/private/nginx-selfsigned.key
CMD ["nginx", "-g", "daemon off;"]
\ No newline at end of file
diff --git a/web/nginx.conf b/web/nginx.conf
index 2b034afd0bfc02089c6afb786fdc86f6163904e0..aba6eb2358d99a4d82bace63ee340185558c5ec2 100644
--- a/web/nginx.conf
+++ b/web/nginx.conf
@@ -1,39 +1,40 @@
-worker_processes auto;
-
-error_log /var/log/nginx/error.log notice;
-pid /var/run/nginx.pid;
-
-events {
- worker_connections 1024;
+# Frontend server configuration
+server {
+ listen 443 ssl;
+ server_name sparesti.org; # Main domain for the frontend
+
+ ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
+ ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
+
+ location / {
+ proxy_pass http://vue-frontend:80; # Adjust the port and container name as necessary
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ }
}
-http {
- include /etc/nginx/mime.types;
+# API server configuration
+server {
+ listen 443 ssl;
+ server_name api.sparesti.org; # API subdomain
- server {
- listen 5173;
- server_name localhost;
+ ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
+ ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
- location / {
- root /usr/share/nginx/html;
- try_files $uri $uri/ /index.html;
- }
+ location / {
+ proxy_pass http://spring-backend:8080; # Adjust the port and container name as necessary
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
}
+}
- server {
- listen 443 ssl;
- server_name sparesti.org;
-
- ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
- ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
-
- ssl_protocols TLSv1.2 TLSv1.3;
- ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384';
- ssl_prefer_server_ciphers on;
-
- location / {
- root /usr/share/nginx/html;
- try_files $uri $uri/ /index.html;
- }
- }
+# HTTP to HTTPS redirection for main domain and subdomain
+server {
+ listen 80;
+ server_name sparesti.org api.sparesti.org;
+ return 301 https://$host$request_uri;
}
\ No newline at end of file