From 12ab41033be6a97a6c8ebe77442683d9bd4bc0e5 Mon Sep 17 00:00:00 2001 From: Chunsoo Park Date: Fri, 28 Feb 2025 22:18:35 +0900 Subject: [PATCH 01/10] Update nginx.conf --- nginx.conf | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/nginx.conf b/nginx.conf index 08c168a..3ba2652 100644 --- a/nginx.conf +++ b/nginx.conf @@ -11,14 +11,32 @@ http { sendfile on; keepalive_timeout 65; + # Gzip 압축 활성화 + gzip on; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + gzip_vary on; + server { listen 80; server_name localhost; + root /usr/share/nginx/html; + index index.html index.htm; + location / { - root /usr/share/nginx/html; - index index.html index.htm; try_files $uri $uri/ /index.html; + + # 캐싱 최적화 + expires 1y; + add_header Cache-Control "public, max-age=31536000, immutable"; + } + + # CORS 설정 (필요 시 활성화) + location /api/ { + proxy_pass http://112.152.14.116:25114; + add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; + add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type'; } } -} \ No newline at end of file +} From fdc56b7a1e4d373da8d3ba74f798588785c1b43b Mon Sep 17 00:00:00 2001 From: Chunsoo Park Date: Fri, 28 Feb 2025 22:24:50 +0900 Subject: [PATCH 02/10] Update nginx.conf --- nginx.conf | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/nginx.conf b/nginx.conf index 3ba2652..9ab8a95 100644 --- a/nginx.conf +++ b/nginx.conf @@ -11,29 +11,40 @@ http { sendfile on; keepalive_timeout 65; - # Gzip 압축 활성화 + # Gzip 압축 활성화 (성능 최적화) gzip on; gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; gzip_vary on; server { + # IPv4와 IPv6 동시 지원 listen 80; + listen [::]:80; + server_name localhost; root /usr/share/nginx/html; index index.html index.htm; - + + # React SPA 라우팅 지원 location / { try_files $uri $uri/ /index.html; - - # 캐싱 최적화 + } + + # /recording 경로도 React 앱이 처리하도록 설정 (SPA 지원) + location /recording { + try_files $uri $uri/ /index.html; + } + + # 정적 파일 캐싱 최적화 + location ~* \.(?:ico|css|js|gif|jpe?g|png|woff2?|eot|ttf|svg|map)$ { expires 1y; add_header Cache-Control "public, max-age=31536000, immutable"; } - # CORS 설정 (필요 시 활성화) + # CORS 설정 (필요 시) location /api/ { - proxy_pass http://112.152.14.116:25114; + proxy_pass http://112.152.14.116:8000; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type'; From 1f1dc7de0776c096df1d1de1df00f1f33dcae01d Mon Sep 17 00:00:00 2001 From: Chunsoo Park Date: Fri, 28 Feb 2025 22:32:06 +0900 Subject: [PATCH 03/10] Update nginx.conf --- nginx.conf | 32 +++++++++++++++++++++++--------- 1 file changed, 23 insertions(+), 9 deletions(-) diff --git a/nginx.conf b/nginx.conf index 9ab8a95..8512918 100644 --- a/nginx.conf +++ b/nginx.conf @@ -11,17 +11,36 @@ http { sendfile on; keepalive_timeout 65; - # Gzip 압축 활성화 (성능 최적화) + # Gzip 압축 활성화 gzip on; gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; gzip_vary on; + # HTTP 요청을 HTTPS로 리디렉션 (80 → 443) server { - # IPv4와 IPv6 동시 지원 listen 80; listen [::]:80; + server_name meetokey.duckdns.org; - server_name localhost; + return 301 https://$host$request_uri; + } + + # HTTPS 설정 + server { + listen 443 ssl; + listen [::]:443 ssl; + server_name meetokey.duckdns.org; + + # SSL 인증서 경로 (Let's Encrypt 사용) + ssl_certificate /etc/letsencrypt/live/meetokey.duckdns.org/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/meetokey.duckdns.org/privkey.pem; + + # 최신 SSL 보안 설정 + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; root /usr/share/nginx/html; index index.html index.htm; @@ -31,11 +50,6 @@ http { try_files $uri $uri/ /index.html; } - # /recording 경로도 React 앱이 처리하도록 설정 (SPA 지원) - location /recording { - try_files $uri $uri/ /index.html; - } - # 정적 파일 캐싱 최적화 location ~* \.(?:ico|css|js|gif|jpe?g|png|woff2?|eot|ttf|svg|map)$ { expires 1y; @@ -44,7 +58,7 @@ http { # CORS 설정 (필요 시) location /api/ { - proxy_pass http://112.152.14.116:8000; + proxy_pass http://112.152.14.116:25114; add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type'; From 5d5644bba8bb160df80a609ba348ff0a1a17ad70 Mon Sep 17 00:00:00 2001 From: Chunsoo Park Date: Fri, 28 Feb 2025 23:25:56 +0900 Subject: [PATCH 04/10] Update nginx.conf --- nginx.conf | 17 +---------------- 1 file changed, 1 insertion(+), 16 deletions(-) diff --git a/nginx.conf b/nginx.conf index 8512918..7a575ce 100644 --- a/nginx.conf +++ b/nginx.conf @@ -11,12 +11,7 @@ http { sendfile on; keepalive_timeout 65; - # Gzip 압축 활성화 - gzip on; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; - gzip_vary on; - - # HTTP 요청을 HTTPS로 리디렉션 (80 → 443) + # HTTP 요청을 HTTPS로 리디렉션 server { listen 80; listen [::]:80; @@ -35,7 +30,6 @@ http { ssl_certificate /etc/letsencrypt/live/meetokey.duckdns.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/meetokey.duckdns.org/privkey.pem; - # 최신 SSL 보안 설정 ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; @@ -45,7 +39,6 @@ http { root /usr/share/nginx/html; index index.html index.htm; - # React SPA 라우팅 지원 location / { try_files $uri $uri/ /index.html; } @@ -55,13 +48,5 @@ http { expires 1y; add_header Cache-Control "public, max-age=31536000, immutable"; } - - # CORS 설정 (필요 시) - location /api/ { - proxy_pass http://112.152.14.116:25114; - add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type'; - } } } From 9fd69e2a4e71cff76cb7d21375534c6daf0462fc Mon Sep 17 00:00:00 2001 From: Chunsoo Park Date: Fri, 28 Feb 2025 23:32:27 +0900 Subject: [PATCH 05/10] Update nginx.conf --- nginx.conf | 41 +++++++++++------------------------------ 1 file changed, 11 insertions(+), 30 deletions(-) diff --git a/nginx.conf b/nginx.conf index 7a575ce..6cdfc18 100644 --- a/nginx.conf +++ b/nginx.conf @@ -11,42 +11,23 @@ http { sendfile on; keepalive_timeout 65; - # HTTP 요청을 HTTPS로 리디렉션 + # Gzip 압축 활성화 (성능 최적화) + gzip on; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + gzip_vary on; + + # HTTP 트래픽을 HTTPS로 Nginx Proxy Manager에 넘김 server { listen 80; listen [::]:80; server_name meetokey.duckdns.org; - return 301 https://$host$request_uri; - } - - # HTTPS 설정 - server { - listen 443 ssl; - listen [::]:443 ssl; - server_name meetokey.duckdns.org; - - # SSL 인증서 경로 (Let's Encrypt 사용) - ssl_certificate /etc/letsencrypt/live/meetokey.duckdns.org/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/meetokey.duckdns.org/privkey.pem; - - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:10m; - ssl_session_timeout 10m; - - root /usr/share/nginx/html; - index index.html index.htm; - location / { - try_files $uri $uri/ /index.html; - } - - # 정적 파일 캐싱 최적화 - location ~* \.(?:ico|css|js|gif|jpe?g|png|woff2?|eot|ttf|svg|map)$ { - expires 1y; - add_header Cache-Control "public, max-age=31536000, immutable"; + proxy_pass http://npm_container:80; # Nginx Proxy Manager 컨테이너로 트래픽 전달 + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; } } } From cfe13b33480ed0fef638077d663a706b1463fc1b Mon Sep 17 00:00:00 2001 From: Chunsoo Park Date: Fri, 28 Feb 2025 23:36:21 +0900 Subject: [PATCH 06/10] Update nginx.conf --- nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index 6cdfc18..d5248ba 100644 --- a/nginx.conf +++ b/nginx.conf @@ -23,7 +23,7 @@ http { server_name meetokey.duckdns.org; location / { - proxy_pass http://npm_container:80; # Nginx Proxy Manager 컨테이너로 트래픽 전달 + proxy_pass http://nginx_proxy_manager:80; # Nginx Proxy Manager 컨테이너로 트래픽 전달 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; From f29c3d7a739f8f06107d19db41eef72da8d717aa Mon Sep 17 00:00:00 2001 From: Chunsoo Park Date: Fri, 28 Feb 2025 23:39:19 +0900 Subject: [PATCH 07/10] Update nginx.conf --- nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nginx.conf b/nginx.conf index d5248ba..7b8d02a 100644 --- a/nginx.conf +++ b/nginx.conf @@ -23,7 +23,7 @@ http { server_name meetokey.duckdns.org; location / { - proxy_pass http://nginx_proxy_manager:80; # Nginx Proxy Manager 컨테이너로 트래픽 전달 + proxy_pass http://192.168.39.14:80; # Nginx Proxy Manager 컨테이너로 트래픽 전달 proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; From b9c43d350f14e6c7f7baa6c13cef6675268fce6b Mon Sep 17 00:00:00 2001 From: Chunsoo Park Date: Sat, 1 Mar 2025 20:33:24 +0900 Subject: [PATCH 08/10] Rollback nginx.conf --- nginx.conf | 17 ++++------------- 1 file changed, 4 insertions(+), 13 deletions(-) diff --git a/nginx.conf b/nginx.conf index 7b8d02a..d908d99 100644 --- a/nginx.conf +++ b/nginx.conf @@ -11,23 +11,14 @@ http { sendfile on; keepalive_timeout 65; - # Gzip 압축 활성화 (성능 최적화) - gzip on; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; - gzip_vary on; - - # HTTP 트래픽을 HTTPS로 Nginx Proxy Manager에 넘김 server { listen 80; - listen [::]:80; - server_name meetokey.duckdns.org; + server_name localhost; location / { - proxy_pass http://192.168.39.14:80; # Nginx Proxy Manager 컨테이너로 트래픽 전달 - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; + root /usr/share/nginx/html; + index index.html index.htm; + try_files $uri $uri/ /index.html; } } } From a92d8f373de1671152eabb1e70ce445569ef3269 Mon Sep 17 00:00:00 2001 From: Chunsoo Park Date: Sun, 2 Mar 2025 00:11:39 +0900 Subject: [PATCH 09/10] Update nginx.conf --- nginx.conf | 41 +++++++++++++++++++++++++++++++++++++++-- 1 file changed, 39 insertions(+), 2 deletions(-) diff --git a/nginx.conf b/nginx.conf index d908d99..901edba 100644 --- a/nginx.conf +++ b/nginx.conf @@ -1,4 +1,4 @@ -worker_processes 1; +worker_processes auto; events { worker_connections 1024; @@ -11,10 +11,47 @@ http { sendfile on; keepalive_timeout 65; + # Gzip 압축 활성화 + gzip on; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + gzip_vary on; + + # 캐싱 설정 (브라우저 캐싱 개선) + expires 1M; + add_header Cache-Control "public, max-age=31536000, immutable"; + + # HTTP 서버 설정 (HTTP → HTTPS 리디렉션) server { listen 80; - server_name localhost; + server_name meetokey.duckdns.org; + + location / { + return 301 https://$host$request_uri; + } + } + + # HTTPS 서버 설정 (Let's Encrypt SSL 적용) + server { + listen 443 ssl; + server_name meetokey.duckdns.org; + + # SSL 인증서 경로 (Let's Encrypt 사용 시) + ssl_certificate /etc/letsencrypt/live/meetokey.duckdns.org/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/meetokey.duckdns.org/privkey.pem; + + # SSL 보안 설정 + ssl_protocols TLSv1.2 TLSv1.3; + ssl_prefer_server_ciphers on; + ssl_ciphers HIGH:!aNULL:!MD5; + + # 보안 헤더 추가 + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; + add_header X-Frame-Options DENY; + add_header X-Content-Type-Options nosniff; + add_header Referrer-Policy "strict-origin-when-cross-origin"; + add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'none'; base-uri 'self';"; + # 파일 서빙 설정 location / { root /usr/share/nginx/html; index index.html index.htm; From e7d70e7412154238a53bc3a4089403307b2b1f6e Mon Sep 17 00:00:00 2001 From: Chunsoo Park Date: Sun, 2 Mar 2025 14:06:04 +0900 Subject: [PATCH 10/10] Update nginx.conf --- nginx.conf | 41 ++--------------------------------------- 1 file changed, 2 insertions(+), 39 deletions(-) diff --git a/nginx.conf b/nginx.conf index 901edba..d908d99 100644 --- a/nginx.conf +++ b/nginx.conf @@ -1,4 +1,4 @@ -worker_processes auto; +worker_processes 1; events { worker_connections 1024; @@ -11,47 +11,10 @@ http { sendfile on; keepalive_timeout 65; - # Gzip 압축 활성화 - gzip on; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; - gzip_vary on; - - # 캐싱 설정 (브라우저 캐싱 개선) - expires 1M; - add_header Cache-Control "public, max-age=31536000, immutable"; - - # HTTP 서버 설정 (HTTP → HTTPS 리디렉션) server { listen 80; - server_name meetokey.duckdns.org; - - location / { - return 301 https://$host$request_uri; - } - } - - # HTTPS 서버 설정 (Let's Encrypt SSL 적용) - server { - listen 443 ssl; - server_name meetokey.duckdns.org; - - # SSL 인증서 경로 (Let's Encrypt 사용 시) - ssl_certificate /etc/letsencrypt/live/meetokey.duckdns.org/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/meetokey.duckdns.org/privkey.pem; - - # SSL 보안 설정 - ssl_protocols TLSv1.2 TLSv1.3; - ssl_prefer_server_ciphers on; - ssl_ciphers HIGH:!aNULL:!MD5; - - # 보안 헤더 추가 - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - add_header X-Frame-Options DENY; - add_header X-Content-Type-Options nosniff; - add_header Referrer-Policy "strict-origin-when-cross-origin"; - add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; object-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; frame-ancestors 'none'; base-uri 'self';"; + server_name localhost; - # 파일 서빙 설정 location / { root /usr/share/nginx/html; index index.html index.htm;