1.1 changes

2025-12-29 14:17:53 -03:00
parent 11fde0636f
commit c5546cf7fc
58 changed files with 1048 additions and 496 deletions
--- a/mainroom/ctrl/server/nginx/core_room.conf
+++ b/mainroom/ctrl/server/nginx/core_room.conf
@@ -0,0 +1,292 @@
+# Core Room - All Services Nginx Config
+# Single config for entire room deployment
+#
+# Docker Services (primary):
+#   - amar.room.mcrn.ar     (frontend:3000 + backend:8000)
+#   - soleprint.mcrn.ar      (port 13000)
+#   - artery.mcrn.ar        (port 13001)
+#   - album.mcrn.ar         (port 13002)
+#   - ward.mcrn.ar          (port 13003)
+#
+# Bare Metal Services (fallback):
+#   - soleprint.bare.mcrn.ar (port 12000)
+#   - artery.bare.mcrn.ar   (port 12001)
+#   - album.bare.mcrn.ar    (port 12002)
+#   - ward.bare.mcrn.ar     (port 12003)
+
+# =============================================================================
+# AMAR - Frontend + Backend
+# =============================================================================
+server {
+    listen 80;
+    server_name amar.room.mcrn.ar;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name amar.room.mcrn.ar;
+
+    ssl_certificate /etc/letsencrypt/live/room.mcrn.ar/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/room.mcrn.ar/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+    # Backend API
+    location /api/ {
+        proxy_pass http://127.0.0.1:8000/api/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_read_timeout 300;
+    }
+
+    # Django admin
+    location /admin/ {
+        proxy_pass http://127.0.0.1:8000/admin/;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    # Django static files
+    location /static/ {
+        proxy_pass http://127.0.0.1:8000/static/;
+    }
+
+    # Frontend (default)
+    location / {
+        proxy_pass http://127.0.0.1:3000;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_read_timeout 300;
+    }
+}
+
+# =============================================================================
+# SOLEPRINT - Main Service
+# =============================================================================
+server {
+    listen 80;
+    server_name soleprint.mcrn.ar;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name soleprint.mcrn.ar;
+
+    ssl_certificate /etc/letsencrypt/live/soleprint.mcrn.ar/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/soleprint.mcrn.ar/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:13000;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+
+# =============================================================================
+# ARTERY - API Gateway
+# =============================================================================
+server {
+    listen 80;
+    server_name artery.mcrn.ar;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name artery.mcrn.ar;
+
+    ssl_certificate /etc/letsencrypt/live/artery.mcrn.ar/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/artery.mcrn.ar/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:13001;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+
+# =============================================================================
+# ALBUM - Media Service
+# =============================================================================
+server {
+    listen 80;
+    server_name album.mcrn.ar;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name album.mcrn.ar;
+
+    ssl_certificate /etc/letsencrypt/live/album.mcrn.ar/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/album.mcrn.ar/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:13002;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+
+# =============================================================================
+# WARD - Admin Interface
+# =============================================================================
+server {
+    listen 80;
+    server_name ward.mcrn.ar;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name ward.mcrn.ar;
+
+    ssl_certificate /etc/letsencrypt/live/ward.mcrn.ar/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/ward.mcrn.ar/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:13003;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+
+# =============================================================================
+# BARE METAL SERVICES (FALLBACK)
+# =============================================================================
+
+# =============================================================================
+# SOLEPRINT BARE - Main Service (Bare Metal)
+# =============================================================================
+server {
+    listen 80;
+    server_name soleprint.bare.mcrn.ar;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name soleprint.bare.mcrn.ar;
+
+    ssl_certificate /etc/letsencrypt/live/bare.mcrn.ar/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/bare.mcrn.ar/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:12000;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+
+# =============================================================================
+# ARTERY BARE - API Gateway (Bare Metal)
+# =============================================================================
+server {
+    listen 80;
+    server_name artery.bare.mcrn.ar;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name artery.bare.mcrn.ar;
+
+    ssl_certificate /etc/letsencrypt/live/bare.mcrn.ar/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/bare.mcrn.ar/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:12001;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+
+# =============================================================================
+# ALBUM BARE - Media Service (Bare Metal)
+# =============================================================================
+server {
+    listen 80;
+    server_name album.bare.mcrn.ar;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name album.bare.mcrn.ar;
+
+    ssl_certificate /etc/letsencrypt/live/bare.mcrn.ar/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/bare.mcrn.ar/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:12002;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+
+# =============================================================================
+# WARD BARE - Admin Interface (Bare Metal)
+# =============================================================================
+server {
+    listen 80;
+    server_name ward.bare.mcrn.ar;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name ward.bare.mcrn.ar;
+
+    ssl_certificate /etc/letsencrypt/live/bare.mcrn.ar/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/bare.mcrn.ar/privkey.pem;
+    include /etc/letsencrypt/options-ssl-nginx.conf;
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+    location / {
+        proxy_pass http://127.0.0.1:12003;
+        proxy_http_version 1.1;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}