From f02e283ad272e9659d95f6255d2512a3e1950445 Mon Sep 17 00:00:00 2001 From: Chris Lu Date: Thu, 8 Jan 2026 09:59:31 -0800 Subject: [PATCH] add a nginx with ssl for easier testing --- unmaintained/local-nginx/Makefile | 25 ++++++++ unmaintained/local-nginx/cert.pem | 22 +++++++ unmaintained/local-nginx/gen_certs.sh | 11 ++++ unmaintained/local-nginx/key.pem | 28 +++++++++ unmaintained/local-nginx/mime.types | 85 +++++++++++++++++++++++++++ unmaintained/local-nginx/nginx.conf | 55 +++++++++++++++++ 6 files changed, 226 insertions(+) create mode 100644 unmaintained/local-nginx/Makefile create mode 100644 unmaintained/local-nginx/cert.pem create mode 100755 unmaintained/local-nginx/gen_certs.sh create mode 100644 unmaintained/local-nginx/key.pem create mode 100644 unmaintained/local-nginx/mime.types create mode 100644 unmaintained/local-nginx/nginx.conf diff --git a/unmaintained/local-nginx/Makefile b/unmaintained/local-nginx/Makefile new file mode 100644 index 000000000..a3c3adec9 --- /dev/null +++ b/unmaintained/local-nginx/Makefile @@ -0,0 +1,25 @@ + +# Makefile for managing local Nginx instance + +# Current directory +PWD := $(shell pwd) + +.PHONY: start stop reload clean + +logs: + mkdir -p logs + +start: logs + nginx -p $(PWD) -c nginx.conf + +stop: + nginx -p $(PWD) -s stop + +reload: + nginx -p $(PWD) -s reload + +check: + nginx -p $(PWD) -c nginx.conf -t + +clean: + rm -rf logs diff --git a/unmaintained/local-nginx/cert.pem b/unmaintained/local-nginx/cert.pem new file mode 100644 index 000000000..37c0bd8c8 --- /dev/null +++ b/unmaintained/local-nginx/cert.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDrTCCApWgAwIBAgIUHqubAnjJikbPDqGiqDT87mbcB+owDQYJKoZIhvcNAQEL +BQAwZjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVN0YXRlMQ0wCwYDVQQHDARDaXR5 +MRUwEwYDVQQKDAxPcmdhbml6YXRpb24xDTALBgNVBAsMBFVuaXQxEjAQBgNVBAMM +CWxvY2FsaG9zdDAeFw0yNjAxMDgwODAyMzJaFw0yNzAxMDgwODAyMzJaMGYxCzAJ +BgNVBAYTAlVTMQ4wDAYDVQQIDAVTdGF0ZTENMAsGA1UEBwwEQ2l0eTEVMBMGA1UE +CgwMT3JnYW5pemF0aW9uMQ0wCwYDVQQLDARVbml0MRIwEAYDVQQDDAlsb2NhbGhv +c3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3gozRVkW8EFsOv75Q +AgzN0RlOkt+cyesmI71YF0NXOGlYG68Ibb4H7yemX1z663pK3e2MK0k94innW02q +0TcBvlu1Emv3Uo+iSTC6hkWR51ZkbfJDjERpO37fZhmdGexHAR2JOLGGTkTkbsRu +/lKg8HBHKcEL2NBI1D6LsOU3n+m9p0eSytzE92qY4hRtxaPgK4UUpMaEq64v8NDk +HfMFjLXmuxCSUpRTowh4MCcSS1hJCD7SJmsdXHOTQc3dgc/WJOP1rkvCZRUHVaR6 +ujAIsUo9R2esevrWvxZGXFmJJDuq7u1SNnkArQludD93kovkITjb8+KsdhFGkMJR +xzdxAgMBAAGjUzBRMB0GA1UdDgQWBBSaoIBAFJGjfUpC04hJ0AlMVBuXOzAfBgNV +HSMEGDAWgBSaoIBAFJGjfUpC04hJ0AlMVBuXOzAPBgNVHRMBAf8EBTADAQH/MA0G +CSqGSIb3DQEBCwUAA4IBAQCSuLPsFF4ETql1OLr6p5FqzP6+Cg8VVkzaMJskUBA/ +MEwZij+wR6teoAv8AzptByHoycOLRjYXDgweL5Z37Vr1Fo8bSqzGPqrGh6YkBNTZ +heXFf8g5lOWiv3OypxVtkEFD1tYhdU//5tnipHh08dEjZBuTumMMYhr6xcYBecI7 +Lw6uo+TRrPrPLgcJU53Sivm8c2fGVexGfcklvtW4qvkQik+r9BfnoJ/f12PBq2J5 +nKEQFR9EwULnkqREf0Iw/mDPS275brhdDA8JNlB49GGcRGcYu9tOVGDX5rfdIwXB +PTaWwrOoY5F4NVPlY7d5E8eLHSt8/zd+56w4g5YaQUaH +-----END CERTIFICATE----- diff --git a/unmaintained/local-nginx/gen_certs.sh b/unmaintained/local-nginx/gen_certs.sh new file mode 100755 index 000000000..45388630a --- /dev/null +++ b/unmaintained/local-nginx/gen_certs.sh @@ -0,0 +1,11 @@ +#!/bin/bash +set -e + +# Generate a private key +openssl genrsa -out key.pem 2048 + +# Generate a self-signed certificate +openssl req -new -x509 -key key.pem -out cert.pem -days 365 \ + -subj "/C=US/ST=State/L=City/O=Organization/OU=Unit/CN=localhost" + +echo "Certificate (cert.pem) and Key (key.pem) generated successfully in $(pwd)" diff --git a/unmaintained/local-nginx/key.pem b/unmaintained/local-nginx/key.pem new file mode 100644 index 000000000..39a85aa8a --- /dev/null +++ b/unmaintained/local-nginx/key.pem @@ -0,0 +1,28 @@ +-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC3gozRVkW8EFsO +v75QAgzN0RlOkt+cyesmI71YF0NXOGlYG68Ibb4H7yemX1z663pK3e2MK0k94inn +W02q0TcBvlu1Emv3Uo+iSTC6hkWR51ZkbfJDjERpO37fZhmdGexHAR2JOLGGTkTk +bsRu/lKg8HBHKcEL2NBI1D6LsOU3n+m9p0eSytzE92qY4hRtxaPgK4UUpMaEq64v +8NDkHfMFjLXmuxCSUpRTowh4MCcSS1hJCD7SJmsdXHOTQc3dgc/WJOP1rkvCZRUH +VaR6ujAIsUo9R2esevrWvxZGXFmJJDuq7u1SNnkArQludD93kovkITjb8+KsdhFG +kMJRxzdxAgMBAAECggEAUUf932r7EEWeT3YWcZG24iLPtsHPUb8N7KK/5xjGtwdB +gckhSfZxyUngogxzPqC2VhrecMtrcYGPVe5XBGYOmzMZo6Y5NB7Zh+QrNTLr9agl +1+3q9IhYdNPpakHq7m7g/MI9tt3po7dfRF7bmt4C804MLTkNTJYIC3oXCgCcRnpJ +NYLtombx6FNzivUMB9/FGoR3MeVsenCNmbfGyqssKafsoNfBnszg2XT4W9TpynA5 +ThER0ZjAu8Wi4QJ4rGuwgCqoobe9qw5xUdnerj84O/FDxY38zK92yZzxPG39O61U +kSna0WKAhtvOqYvYe5KvIFs8AbFNBn+/mCEhaPmYEQKBgQDvXjy7maM0L8yDYNs5 +2Mups0DC6E3Xkx5k6O6/TPfBBY949ZBsAT+hDpJA119/UOxGRE/wZaQ+09blyjOD +B8Nw0m0OOgpERIHhm+uDXpkVhFJXkBQMB7Jsc2tZKxHNY78UD4K4YcsbRGBNZryf +6Fd6uVad0qMKJF825gN3f7d5twKBgQDEQrxBEensG6D5XWoYTqwvNfgc9BqOAWrJ +IkX4l99n9yJUHJ+h7wcrzA1FfKVJU5LkvR+YqCxcSyil5BnQFU7s3JqnhIkwfk9R +wS2pPXLaJS6oQQcr2yRQgP8xDDMlBNABIkw/JARXsPkdxM+y93G4s+O4GIsrOJHX +zZWjoK74FwKBgDsKjoZjZfsIUzSQnmJNVCbefPnWXOTwd83CGql67Z1hprraLy5E +vJIYSwDNXtPDfRPz45fTKkkI7XeugTgvoQhiDt40eLXQBA1G7TdxDOdexQSuGBPD +jkHr0i2jTvfPQ6FKFh8ul+941RwiXCJBJ9qwfmndO7PTttyOrYo7KWFPAoGBAJHb +jxFFAPaKag4pkKnT/j9v+p96Ayo6f2RP5nSkWlJn5slgJHsyq7+u/MYBps1iIS+C +JrNLePx2lxUC+vQcgfWi1gVdiJ/Tn5uA2DCJDIx3Sb+d5HiBevGhjQakrHX8p6HQ +HZ5nZBrP2bR4CmxVXd0JRFoTU4qhljIuBeH/j0mtAoGAN9Hf3txLTm7PbuNy0xOM +Us+nHsVjIzZvZ6H413kzs85QIf22lw0JEoRBnhtZmxATERrvYJ9YtyZH0Tf+b+eU +TioM9wDi62tDjgMK+jgoIPid4hgMdHzdjjxJ6kZ9sFjR/3dOKxDwe8jU1YybFqxH +yYRlpVwN2c++XrbOPfE+m7E= +-----END PRIVATE KEY----- diff --git a/unmaintained/local-nginx/mime.types b/unmaintained/local-nginx/mime.types new file mode 100644 index 000000000..d6be4e06c --- /dev/null +++ b/unmaintained/local-nginx/mime.types @@ -0,0 +1,85 @@ + +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + image/svg+xml svg svgz; + image/webp webp; + + application/font-woff woff; + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.wap.wmlc wmlc; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asf x-ms-asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/unmaintained/local-nginx/nginx.conf b/unmaintained/local-nginx/nginx.conf new file mode 100644 index 000000000..e58c940dd --- /dev/null +++ b/unmaintained/local-nginx/nginx.conf @@ -0,0 +1,55 @@ + +worker_processes 1; + +events { + worker_connections 1024; +} + +http { + include mime.types; + default_type application/octet-stream; + + sendfile on; + keepalive_timeout 65; + + # Standard Configuration from Wiki + upstream seaweedfs { + server 127.0.0.1:8334; + keepalive 20; + } + + server { + listen 8333 ssl; + server_name localhost; + + ssl_certificate cert.pem; + ssl_certificate_key key.pem; + + ssl_session_cache shared:SSL:1m; + ssl_session_timeout 5m; + + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + + ignore_invalid_headers off; + client_max_body_size 0; + proxy_buffering off; + + location / { + proxy_pass http://seaweedfs; + + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Port $server_port; + proxy_set_header X-Forwarded-Proto $scheme; + + proxy_connect_timeout 300; + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_request_buffering off; + chunked_transfer_encoding off; + } + } +}