Commit 9a15d0b2 authored by Bozidar Proevski's avatar Bozidar Proevski

Initial commit

parents
#!/bin/bash
openssl genrsa -out example.key 2048
openssl req -new -sha256 -key example.key -out example.csr
openssl req -noout -text -in example.csr
version: "3"
services:
nginx:
image: nginx
hostname: nginx
container_name: nginx
volumes:
- ./nginx/nginx.conf:/etc/nginx/nginx.conf
- ./nginxconf.d/:/etc/nginx/conf.d/
ports:
- 443:443
- 8443:8443
zookeeper:
hostname: zookeeper
container_name: zookeeper
image: 'bitnami/zookeeper:latest'
environment:
- ALLOW_ANONYMOUS_LOGIN=yes
nifi:
image: apache/nifi:1.8.0
expose:
- 8080
ports:
- 5044
- 7054
environment:
#- NIFI_WEB_HTTP_PORT=8080
- NIFI_CLUSTER_IS_NODE=true
- NIFI_CLUSTER_NODE_PROTOCOL_PORT=8082
- NIFI_ZK_CONNECT_STRING=zookeeper:2181
- NIFI_ELECTION_MAX_WAIT=1 min
# For error Exit 78:
# sysctl -w vm.max_map_count=262144
elastic:
image: docker.elastic.co/elasticsearch/elasticsearch:6.6.0
ports:
- 9200
- 9300
environment:
- discovery.type=zen
#- discovery.type=single-node
kibana:
image: docker.elastic.co/kibana/kibana:6.6.0
hostname: kibana
container_name: kibana
ports:
- 5601
environment:
ELASTICSEARCH_URL: http://dsoclab_elastic_1:9200
SERVER_BASEPATH: /kibana
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
include /etc/nginx/conf.d/dsoclab.conf;
}
include /etc/nginx/conf.d/nifiports.conf;
upstream nifilistenhttp_7754 {
server dsoclab_nifi_1:7754;
server dsoclab_nifi_2:7754;
server dsoclab_nifi_3:7754;
}
resolver 127.0.0.11;
server {
listen 443 ssl;
server_name _;
ssl_certificate conf.d/dsoclab.crt;
ssl_certificate_key conf.d/dsoclab.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_client_certificate conf.d/ca.crt;
ssl_verify_client on;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
location /nifi {
proxy_set_header X-ProxyScheme https;
proxy_set_header X-ProxyHost $host;
proxy_set_header X-ProxyPort 443;
proxy_set_header X-ProxyContextPath "";
proxy_pass http://dsoclab_nifi_1:8080/nifi;
}
location /kibana/ {
proxy_set_header X-ProxyScheme https;
proxy_set_header X-ProxyHost $host;
proxy_set_header X-ProxyPort 443;
proxy_set_header X-ProxyContextPath "";
proxy_pass http://kibana:5601/;
}
location ~ ^/lp77([0-9][0-9])/.*$ {
proxy_set_header X-ProxyScheme https;
proxy_set_header X-ProxyHost $host;
proxy_set_header X-ProxyPort 443;
proxy_set_header X-ProxyContextPath "";
proxy_pass http://nifilistenhttp_77$1;
}
}
stream {
upstream nifi_listeners_5044 {
server dsoclab_nifi_1:5044;
server dsoclab_nifi_2:5044;
server dsoclab_nifi_3:5044;
}
resolver 127.0.0.11;
server {
ssl_certificate conf.d/dsoclab.crt;
ssl_certificate_key conf.d/dsoclab.key;
ssl_session_cache shared:SSLN:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_client_certificate conf.d/ca.crt;
ssl_verify_client on;
#listen 8443;
listen 8443 ssl;
proxy_pass nifi_listeners_$remote_port;
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment