admin/ips-nodo-dominio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
ips-nodo-dominio/nginx/https.conf

114 lines
4.1 KiB
Plaintext
Raw Blame History

events {}
http {
upstream hapi_fhir {
server hapi-fhir:8080;
}
upstream bus_gateway {
server bus-gateway:3000;
}
# Redirige HTTP → HTTPS
server {
listen 80;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name _;
# Certificados montados como Docker secrets
ssl_certificate /run/secrets/ssl_cert;
ssl_certificate_key /run/secrets/ssl_key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
# Rutas del bus-gateway (prefijo más específico gana sobre /fhir/)
# ITI-65: Provide Document Bundle — transaction Bundle
location /fhir/IPSTransaction {
proxy_pass http://bus_gateway;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90s;
}
# ITI-65: Provide Document Bundle — IPS document Bundle
location /fhir/IPSDocument {
proxy_pass http://bus_gateway;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90s;
}
# ITI-67: Find Document References
location /fhir/DocumentReference {
proxy_pass http://bus_gateway;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90s;
}
# ITI-78: Mobile Patient Demographics Query
# ITI-104: Patient Identity Feed FHIR
location /fhir/Patient {
proxy_pass http://bus_gateway;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90s;
}
location /vhl/ {
proxy_pass http://bus_gateway;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90s;
}
# Resto de /fhir/* va a hapi-fhir
location /fhir/ {
proxy_pass http://hapi_fhir;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90s;
}
location /gdhcn/ {
proxy_pass http://gdhcn-validator-service:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90s;
}
# Todo lo demás va a hapi-fhir
location / {
proxy_pass http://hapi_fhir;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 90s;
}
}
}
Reference in New Issue View Git Blame Copy Permalink