# Office Translator - Local Nginx Config (HTTP only, no SSL) # Used by: docker-compose.local.yml # Upstreams (backend, frontend) and rate limit zones are defined in nginx.conf server { listen 80; listen [::]:80; server_name _; # File upload size client_max_body_size 100M; client_body_timeout 300s; # Proxy settings proxy_connect_timeout 60s; proxy_send_timeout 300s; proxy_read_timeout 300s; proxy_buffer_size 128k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k; # API routes -> Backend location /api/ { limit_req zone=api_limit burst=20 nodelay; limit_conn conn_limit 10; proxy_pass http://backend; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Connection ""; # CORS headers add_header Access-Control-Allow-Origin $cors_origin always; add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always; add_header Access-Control-Allow-Headers "Authorization, Content-Type, X-Requested-With, X-API-Key" always; add_header Access-Control-Allow-Credentials "true" always; if ($request_method = 'OPTIONS') { return 204; } } # File upload / translate endpoint location /translate { limit_req zone=upload_limit burst=5 nodelay; limit_conn conn_limit 5; proxy_pass http://backend/translate; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_connect_timeout 60s; proxy_send_timeout 600s; proxy_read_timeout 600s; } # Health check endpoint location /health { proxy_pass http://backend/health; proxy_http_version 1.1; proxy_set_header Connection ""; } # Readiness check location /ready { proxy_pass http://backend/ready; proxy_http_version 1.1; proxy_set_header Connection ""; } # OpenAPI docs location /docs { proxy_pass http://backend/docs; proxy_http_version 1.1; proxy_set_header Host $host; } location /redoc { proxy_pass http://backend/redoc; proxy_http_version 1.1; proxy_set_header Host $host; } location /openapi.json { proxy_pass http://backend/openapi.json; proxy_http_version 1.1; proxy_set_header Host $host; } # Admin UI -> Frontend (Next.js page) location /admin { proxy_pass http://frontend; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } # Frontend static assets with caching location /_next/static/ { proxy_pass http://frontend; add_header Cache-Control "public, max-age=31536000, immutable"; } # Frontend -> Next.js location / { proxy_pass http://frontend; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } }