ngcp-csc-ui/dev-config/ngcp-panel_csc.customtt.tt2

[%
   PROCESS '/usr/lib/ngcp-ngcpcfg/get_hostname';
   hostname = out;

   argv.host=hostname; argv.type='sip_ext';
   PROCESS '/usr/lib/ngcp-ngcpcfg/get_all_shared_ips_for_host';
   sip_ext_ips = out;

   IF !sip_ext_ips.size;
     argv.type='sip_ext';
     PROCESS '/usr/lib/ngcp-ngcpcfg/get_all_ips_for_host';
     sip_ext_ips = out;
   END;
   ext_ip = sip_ext_ips.0;

   argv.type='web_ext';
   PROCESS '/usr/lib/ngcp-ngcpcfg/get_all_shared_ips_for_host';
   web_ext_ips = out;
   PROCESS '/usr/lib/ngcp-ngcpcfg/get_all_shared_v6ips_for_host';
   web_ext_v6ips = out;

   argv.type='web_ext';
   PROCESS '/usr/lib/ngcp-ngcpcfg/get_all_ips_for_host';
   web_ext_ips = out.merge(web_ext_ips);

   argv.type='web_ext';
   PROCESS '/usr/lib/ngcp-ngcpcfg/get_all_v6ips_for_host';
   web_ext_v6ips = out.merge(web_ext_v6ips);

   argv.role='mgmt';
   PROCESS '/usr/lib/ngcp-ngcpcfg/has_role';
   is_mgmt = out;

   argv.role='proxy'; argv.type='sip_int';
   PROCESS '/usr/lib/ngcp-ngcpcfg/get_all_shared_ips';
   sip_int_ips = out;
   IF !sip_int_ips.size;
     argv.type='sip_int';
     PROCESS '/usr/lib/ngcp-ngcpcfg/get_all_ips_for_host';
     sip_int_ips = out;
   END;
-%]
[% IF www_admin.enable == 'yes' && is_mgmt -%]
[% IF www_admin.http_admin.port != 80 && www_admin.http_csc.port != 80 -%]
server {
	listen   [::]:80 ipv6only=off;

	location /handbook {
		return 301 http://$host:[% www_admin.http_admin.port %]$request_uri;
	}

	location /login/subscriber {
		return 301 https://$host:[% www_admin.http_csc.port %]$request_uri;
	}

	location /login/admin {
		return 301 https://$host:[% www_admin.http_admin.port %]$request_uri;
	}

	location / {
		return 301 https://$host:[% www_admin.http_csc.port %]$request_uri;
	}
}
[% END -%]
[% IF rtcengine.enable == 'yes' -%]
upstream rtc_ws {
[% FOREACH ip IN sip_int_ips -%]
[% IF ip -%]
	server [% ip %]:[% rtcengine.port %];
[% END -%]
[% END -%]
}
[% END -%]

server {
[% FOREACH ip IN web_ext_ips -%]
[% IF ip -%]
	listen [% ip %]:[% www_admin.http_csc.port %];
[% END -%]
[% END -%]
[% FOREACH ip IN web_ext_v6ips -%]
[% IF ip -%]
	listen [[% ip %]]:[% www_admin.http_csc.port %];
[% END -%]
[% END -%]
	server_name [% www_admin.http_csc.servername.remove('\"') %];

	ssl_certificate             [% www_admin.http_csc.sslcertfile %];
	ssl_certificate_key         [% www_admin.http_csc.sslcertkeyfile %];
	include /etc/nginx/ssl_params;
	client_max_body_size [% www_admin.filesize_limit ? www_admin.filesize_limit : "128M"%];

	location ~* /login(/)?$ {
		return 301 /login/subscriber;
	}

	location /login/admin {
		return 301 https://$host:[% www_admin.http_admin.port %]$request_uri;
	}

	location /favicon.ico {
		alias  /usr/share/ngcp-panel/static/favicon.ico;
	}

	location /static {
		root  /usr/share/ngcp-panel;
	}

[% IF rtcengine.enable == 'yes' -%]
	location ~* /rtc/api(/)?$ {

        add_header 'Access-Control-Allow-Origin' '*' always;
        add_header 'Access-Control-Allow-Headers' 'Prefer,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always;
        add_header 'Access-Control-Allow-Methods' 'POST, GET, PUT, DELETE, PATCH, OPTIONS' always;
        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range,Location';

        if ($request_method = 'OPTIONS') {
            add_header 'Access-Control-Allow-Origin' '*' always;
            add_header 'Access-Control-Allow-Headers' 'Prefer,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always;
            add_header 'Access-Control-Allow-Methods' 'POST, GET, PUT, DELETE, PATCH, OPTIONS' always;
            add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range,Location';
            add_header 'Access-Control-Max-Age' '1728000' always;
                add_header 'Content-Type' 'text/plain charset=UTF-8' always;
                add_header 'Content-Length' '0' always;
                return 204;
        }

		### Set proxy ####
		proxy_max_temp_file_size 0;
		proxy_connect_timeout 43200000;
		proxy_send_timeout 43200000;
		proxy_read_timeout 43200000;

		proxy_buffer_size 4k;
		proxy_buffers 4 32k;
		proxy_busy_buffers_size 64k;
		proxy_temp_file_write_size 64k;

		### Set headers ####
		proxy_set_header	Upgrade           $http_upgrade;
		proxy_set_header	Connection        $connection_upgrade;
		proxy_set_header	Accept-Encoding   "";
		proxy_set_header	Host              $host;
		proxy_set_header	X-Real-IP         $remote_addr;
		proxy_set_header	X-Server-IP       $server_addr;
		proxy_set_header	X-Forwarded-For   $proxy_add_x_forwarded_for;
		proxy_set_header	X-Forwarded-Proto $scheme;
		add_header			Front-End-Https   on;

		proxy_pass http://rtc_ws;
		proxy_http_version 1.1;
	}

	location /rtc/files {

        add_header 'Access-Control-Allow-Origin' '*' always;
        add_header 'Access-Control-Allow-Headers' 'Prefer,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always;
        add_header 'Access-Control-Allow-Methods' 'POST, GET, PUT, DELETE, PATCH, OPTIONS' always;
        add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range,Location';

        if ($request_method = 'OPTIONS') {
            add_header 'Access-Control-Allow-Origin' '*' always;
            add_header 'Access-Control-Allow-Headers' 'Prefer,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' always;
            add_header 'Access-Control-Allow-Methods' 'POST, GET, PUT, DELETE, PATCH, OPTIONS' always;
            add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range,Location';
            add_header 'Access-Control-Max-Age' '1728000' always;
                add_header 'Content-Type' 'text/plain charset=UTF-8' always;
                add_header 'Content-Length' '0' always;
                return 204;
        }

		rewrite /rtc/files/(.*) /$1 break;
		index index.html;
		root /usr/share/ngcp-rtcengine/public/;
	}
[% END -%]
[% IF rtcengine.expose_provisioning_api == 'yes' %]
	location /rtc/prov/ {
		rewrite /rtc/prov/(.*) /$1 break;
		proxy_pass http://rtc_ws;
		proxy_http_version 1.1;
	}
[% END %]


	location /api {
		include /etc/nginx/ngcp-panel_params;
		# fastcgi_param  SSL_CLIENT_CERT  $ssl_client_raw_cert;
		# fastcgi_param  SSL_CLIENT_M_SERIAL $ssl_client_serial;
		# fastcgi_param  SSL_CLIENT_M_DN $ssl_client_s_dn;
		fastcgi_param  NGCP_API_REALM "subscriber";
		proxy_buffers 8 1024k;
		proxy_buffer_size 1024k;
		proxy_busy_buffers_size 1024k;
		fastcgi_buffers 8 16k;
		fastcgi_buffer_size 32k;
	}

	location / {
		include /etc/nginx/ngcp-panel_params;
	}

	location ~ ^/wss/xmpp/(.*)$ {
		proxy_pass        https://127.0.0.1:5281/xmpp-websocket/$1;
		proxy_set_header Host $host;
		proxy_buffering off;
		tcp_nodelay on;
		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "upgrade";
	}

	location ~ ^/wss/sip/(.*)$ {
		proxy_pass        https://[% ext_ip %]:[% kamailio.lb.tls.port %]/ws/$1;
		proxy_set_header Host $host;
		proxy_buffering off;
		tcp_nodelay on;
		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "upgrade";
	}

    [% IF www_admin.http_csc.csc_js_enable == "yes" -%]
	location /csc {
		root  /usr/share/ngcp-csc;
	}
    [% END -%]
}
[% END -%]