[30388f42] Infrastructure Hardening & Final Touches: Stabilized Lead Engine (Nginx routing, manager.py, Dockerfile fixes), restored known-good Nginx configs, and ensured all recent fixes are committed. System is ready for migration.
- Fixed Nginx proxy for /feedback/ and /lead/ routes. - Restored manager.py to use persistent SQLite DB and corrected test lead triggers. - Refined Dockerfile for lead-engine to ensure clean dependency installs. - Applied latest API configs (.env) to lead-engine and duckdns services. - Updated documentation (GEMINI.md, readme.md, RELOCATION.md, lead-engine/README.md) to reflect final state and lessons learned. - Committed all pending changes to main branch.
This commit is contained in:
189
nginx-proxy.conf
189
nginx-proxy.conf
@@ -1,197 +1,40 @@
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
events {}
|
||||
http {
|
||||
include mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
access_log /dev/stdout;
|
||||
error_log /dev/stderr;
|
||||
|
||||
# Increase Body Size Limit for Large Payloads (Knowledge Base + Audits)
|
||||
client_max_body_size 50M;
|
||||
|
||||
# Increase Timeouts for Long-Running AI Tasks
|
||||
proxy_read_timeout 1200s;
|
||||
proxy_connect_timeout 1200s;
|
||||
proxy_send_timeout 1200s;
|
||||
send_timeout 1200s;
|
||||
|
||||
# Resolver ist wichtig für Docker
|
||||
resolver 127.0.0.11 valid=30s ipv6=off;
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
|
||||
# Basic Auth wieder aktiviert
|
||||
auth_basic "Restricted Access - Local AI Suite";
|
||||
auth_basic_user_file /etc/nginx/.htpasswd;
|
||||
|
||||
location / {
|
||||
auth_basic "Restricted";
|
||||
auth_basic_user_file /etc/nginx/.htpasswd;
|
||||
proxy_pass http://dashboard:80;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
}
|
||||
|
||||
# location /b2b/ {
|
||||
# # Der Trailing Slash am Ende ist wichtig!
|
||||
# proxy_pass http://b2b-assistant:3002/;
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header Upgrade $http_upgrade;
|
||||
# proxy_set_header Connection "upgrade";
|
||||
|
||||
# # Explicit timeouts for this location
|
||||
# proxy_read_timeout 1200s;
|
||||
# proxy_connect_timeout 1200s;
|
||||
# proxy_send_timeout 1200s;
|
||||
# }
|
||||
|
||||
# location /market/ {
|
||||
# # Der Trailing Slash am Ende ist wichtig!
|
||||
# proxy_pass http://market-frontend:80/;
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header Upgrade $http_upgrade;
|
||||
# proxy_set_header Connection "upgrade";
|
||||
|
||||
# # Explicit timeouts for this location
|
||||
# proxy_read_timeout 1200s;
|
||||
# proxy_connect_timeout 1200s;
|
||||
# proxy_send_timeout 1200s;
|
||||
# }
|
||||
|
||||
# location /gtm/ {
|
||||
# # Der Trailing Slash am Ende ist wichtig!
|
||||
# proxy_pass http://gtm-app:3005/;
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header Upgrade $http_upgrade;
|
||||
# proxy_set_header Connection "upgrade";
|
||||
|
||||
# # Explicit timeouts for this location
|
||||
# proxy_read_timeout 1200s;
|
||||
# proxy_connect_timeout 1200s;
|
||||
# proxy_send_timeout 1200s;
|
||||
# }
|
||||
|
||||
# location /content/ {
|
||||
# # Content Engine
|
||||
# # Der Trailing Slash am Ende ist wichtig!
|
||||
# proxy_pass http://content-app:3006/;
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header Upgrade $http_upgrade;
|
||||
# proxy_set_header Connection "upgrade";
|
||||
|
||||
# # Explicit timeouts for this location
|
||||
# proxy_read_timeout 1200s;
|
||||
# proxy_connect_timeout 1200s;
|
||||
# proxy_send_timeout 1200s;
|
||||
# }
|
||||
|
||||
location /ce/ {
|
||||
# Company Explorer (Robotics Edition)
|
||||
# Trailing Slash STRIPS the /ce/ prefix!
|
||||
proxy_pass http://company-explorer:8000/;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
location /lead/ {
|
||||
auth_basic "Restricted";
|
||||
auth_basic_user_file /etc/nginx/.htpasswd;
|
||||
proxy_pass http://lead-engine:8501/;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
|
||||
# Explicit timeouts
|
||||
proxy_read_timeout 1200s;
|
||||
proxy_connect_timeout 1200s;
|
||||
proxy_send_timeout 1200s;
|
||||
}
|
||||
|
||||
# location /ca/ {
|
||||
# # Competitor Analysis Agent
|
||||
# # Der Trailing Slash am Ende ist wichtig!
|
||||
# proxy_pass http://competitor-analysis:8000/;
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header X-Real-IP $remote_addr;
|
||||
# proxy_set_header Upgrade $http_upgrade;
|
||||
# proxy_set_header Connection "upgrade";
|
||||
|
||||
# # Explicit timeouts
|
||||
# proxy_read_timeout 1200s;
|
||||
# proxy_connect_timeout 1200s;
|
||||
# proxy_send_timeout 1200s;
|
||||
# }
|
||||
# location /tr/ {
|
||||
# # Transcription Tool (Meeting Assistant)
|
||||
# # KEIN Trailing Slash, damit der /tr/ Pfad erhalten bleibt!
|
||||
# proxy_pass http://transcription-app:8001;
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header X-Real-IP $remote_addr;
|
||||
# proxy_set_header Upgrade $http_upgrade;
|
||||
# proxy_set_header Connection "upgrade";
|
||||
|
||||
# # Increase limit for large MP3 uploads
|
||||
# client_max_body_size 500M;
|
||||
|
||||
# # Explicit timeouts
|
||||
# proxy_read_timeout 1800s;
|
||||
# proxy_connect_timeout 1800s;
|
||||
# proxy_send_timeout 1800s;
|
||||
# }
|
||||
|
||||
# location ~ ^/heatmap/api/(.*)$ {
|
||||
# proxy_pass http://heatmap-backend:8000/api/$1$is_args$args;
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header X-Real-IP $remote_addr;
|
||||
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
# proxy_set_header X-Forwarded-Proto $scheme;
|
||||
# }
|
||||
|
||||
# location /heatmap/ {
|
||||
# # Heatmap Tool
|
||||
# proxy_pass http://heatmap-frontend:5173;
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header X-Real-IP $remote_addr;
|
||||
# proxy_set_header Upgrade $http_upgrade;
|
||||
# proxy_set_header Connection "upgrade";
|
||||
# }
|
||||
|
||||
# location /lead/ {
|
||||
# # Lead Engine (TradingTwins)
|
||||
# proxy_pass http://lead-engine:8501/;
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header X-Real-IP $remote_addr;
|
||||
# proxy_set_header Upgrade $http_upgrade;
|
||||
# proxy_set_header Connection "upgrade";
|
||||
|
||||
# # Websocket support for Streamlit
|
||||
# proxy_http_version 1.1;
|
||||
|
||||
# # Explicit timeouts
|
||||
# proxy_read_timeout 86400; # Long timeout for stream
|
||||
# }
|
||||
|
||||
location /ce/ {
|
||||
auth_basic "Restricted";
|
||||
auth_basic_user_file /etc/nginx/.htpasswd;
|
||||
proxy_pass http://company-explorer:8000/;
|
||||
}
|
||||
|
||||
location /feedback/ {
|
||||
# Public endpoint for Teams Feedback actions
|
||||
auth_basic off; # Must be public for external links
|
||||
auth_basic off;
|
||||
proxy_pass http://lead-engine:8004/;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
}
|
||||
|
||||
location /connector/ {
|
||||
# SuperOffice Connector Webhook & Dashboard
|
||||
auth_basic off;
|
||||
|
||||
# Forward to FastAPI app
|
||||
# Trailing Slash STRIPS the /connector/ prefix!
|
||||
# So /connector/dashboard -> /dashboard
|
||||
proxy_pass http://connector-superoffice:8000/;
|
||||
|
||||
# Standard Proxy Headers
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
|
||||
# Websocket Support (just in case)
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user