feat: add nginx reversed proxy (#15)

* docs: add nginx reverse proxy documentation Add comprehensive nginx configuration documentation to README including: - Production deployment instructions with step-by-step setup - Architecture diagram showing traffic routing between services - Nginx features: unified entry point, CORS handling, SSE support - Updated project structure with nginx.conf and service ports Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * feat: implement nginx --------- Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-04-19 04:14:46 +08:00 · 2026-01-19 23:23:38 +08:00
parent b8f9678d07
commit 513332b746
6 changed files with 177 additions and 202 deletions
--- a/nginx.conf
+++ b/nginx.conf
@@ -0,0 +1,102 @@
+events {
+    worker_connections 1024;
+}
+
+http {
+    # Basic settings
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    types_hash_max_size 2048;
+
+    # Logging
+    access_log /dev/stdout;
+    error_log /dev/stderr;
+
+    # Upstream servers
+    upstream gateway {
+        server localhost:8001;
+    }
+
+    upstream langgraph {
+        server localhost:2024;
+    }
+
+    server {
+        listen 8000;
+        server_name _;
+
+        # Hide CORS headers from upstream to prevent duplicates
+        proxy_hide_header 'Access-Control-Allow-Origin';
+        proxy_hide_header 'Access-Control-Allow-Methods';
+        proxy_hide_header 'Access-Control-Allow-Headers';
+        proxy_hide_header 'Access-Control-Allow-Credentials';
+
+        # CORS headers for all responses (nginx handles CORS centrally)
+        add_header 'Access-Control-Allow-Origin' '*' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always;
+        add_header 'Access-Control-Allow-Headers' '*' always;
+
+        # Handle OPTIONS requests (CORS preflight)
+        if ($request_method = 'OPTIONS') {
+            return 204;
+        }
+
+        # Custom API: Models endpoint
+        location /api/models {
+            proxy_pass http://gateway;
+            proxy_http_version 1.1;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+
+        # Custom API: Artifacts endpoint
+        location ~ ^/api/threads/[^/]+/artifacts {
+            proxy_pass http://gateway;
+            proxy_http_version 1.1;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+
+        # Health check endpoint (gateway)
+        location /health {
+            proxy_pass http://gateway;
+            proxy_http_version 1.1;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+
+        # All other requests go to LangGraph
+        location / {
+            proxy_pass http://langgraph;
+            proxy_http_version 1.1;
+
+            # Headers
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+            proxy_set_header Connection '';
+
+            # SSE/Streaming support
+            proxy_buffering off;
+            proxy_cache off;
+            proxy_set_header X-Accel-Buffering no;
+
+            # Timeouts for long-running requests
+            proxy_connect_timeout 600s;
+            proxy_send_timeout 600s;
+            proxy_read_timeout 600s;
+
+            # Chunked transfer encoding
+            chunked_transfer_encoding on;
+        }
+    }
+}