# NGINX Plus configuration for Oracle EBS # # For simplicity, all directives appear in this file. You can also create # function-specific files in the /etc/nginx/conf.d directory (for example, # create separate files for the separate server blocks in this file). Then # use the 'include' directive in the main nginx.conf file to reference the # function-specific files. # # For more information, see http://nginx.org/r/include, and the 'Oracle E-Business # Suite deployment guide' at nginx.com. user nginx; worker_processes auto; events { worker_connections 1024; } http { default_type text/html; proxy_cache_path /var/oracle-cache keys_zone=cache_oracle:50m max_size=500m; # Custom logging configuration: log_format main '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" $upstream_addr'; access_log /var/log/nginx/access.log main; upstream oracle { zone oracle 64k; # Production servers: server 172.31.11.210:8000 max_fails=0; server 172.31.0.146:8000 max_fails=0; # Disaster recovery servers: server 172.33.111.210:8000 max_fails=0 backup; server 172.33.100.146:8000 max_fails=0 backup; # Session persistence setup: sticky cookie ngxcookie; } server { listen 80; status_zone oracle-http-redirect; return 302 https://$http_host$request_uri; } server { listen 443 ssl; ssl_certificate /etc/nginx/ssl/server.crt; ssl_certificate_key /etc/nginx/ssl/server.key; ssl_protocols TLSv1.2; status_zone oracle-ssl; proxy_cache cache_oracle; location / { proxy_pass http://oracle; proxy_set_header Host $host; proxy_cache_valid any 1h; } location @health_check { internal; proxy_connect_timeout 3s; proxy_read_timeout 3s; proxy_pass http://oracle; proxy_set_header Host "oracle.company.com"; health_check match=oracleok interval=4s uri=/OA_HTML/AppsLocalLogin.jsp; } } match oracleok { status 200-399; header X-ORACLE-DMS-ECID; } server { # Status zone allows the status page to display statistics for the whole server block. # It should be enabled for every server block in other configuration files. status_zone status-page; # In case of nginx process listening on multiple IPs you can restrict status page # to single IP only. # listen 10.2.3.4:8080; # Status page is enabled on port 8080 by default. listen 8080; # HTTP basic Authentication is enabled by default. # You can add users with any htpasswd generator. # Command line and online tools are very easy to find. # You can also reuse your htpasswd file from Apache web server installation. #auth_basic on; #auth_basic_user_file /etc/nginx/users; # It is recommended to limit the use of status page to admin networks only # Uncomment and change the networks accordingly. #allow 10.0.0.0/8; deny all; # NGINX provides a sample HTML status page for easy dashboard view root /usr/share/nginx/html; location = /status.html { } # Standard HTTP features are fully supported with the status page. # An example below provides a redirect from "/" to "/status.html" location = / { return 301 /status.html; } # Main status location. HTTP features like authentication, access control, # header changes, logging are fully supported. location /status { status; status_format json; access_log off; } } }