c62d7f77b5
Container stability: - Merge scan results instead of full replacement (prevents UI flapping) - Absence threshold: 3 consecutive missed scans before removing from state - container-list RPC uses cached scanner state for consistency - Increased Podman API timeout 30s → 60s (scanner + health monitor) - Keep crashed containers visible as "exited" instead of podman rm -f - Resolve host-gateway IP via ip route (podman 4.3.x compatibility) ISO build fixes: - AIUI web app inclusion: searches 5 paths + CI step to copy from build server - Claude API proxy: systemctl enable with symlink fallback - AIUI nginx: try_files =404 (was /aiui/index.html redirect loop) - Build version set to 1.3.0 Container fixes: - lnd-ui: nginx listens on 8080 (was 80, Permission denied in rootless) - first-boot: image-versions.sh sourced from correct path with validation - first-boot: host-gateway resolved to actual gateway IP Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
130 lines
4.1 KiB
Plaintext
130 lines
4.1 KiB
Plaintext
worker_processes 1;
|
|
error_log /var/log/nginx/error.log warn;
|
|
|
|
events {
|
|
worker_connections 768;
|
|
}
|
|
|
|
http {
|
|
include /etc/nginx/mime.types;
|
|
default_type application/octet-stream;
|
|
access_log /var/log/nginx/access.log;
|
|
sendfile on;
|
|
keepalive_timeout 65;
|
|
gzip on;
|
|
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
|
|
|
# Allow large uploads globally (filebrowser, etc.)
|
|
client_max_body_size 0;
|
|
|
|
server {
|
|
listen 80 default_server;
|
|
server_name _;
|
|
root /usr/share/nginx/html;
|
|
index index.html index.htm;
|
|
|
|
# Proxy API requests to backend
|
|
location /rpc/v1 {
|
|
proxy_pass http://neode-backend:5959;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
|
|
# Proxy WebSocket connections
|
|
location /ws {
|
|
proxy_pass http://neode-backend:5959;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_read_timeout 86400;
|
|
}
|
|
|
|
# Proxy public assets from backend
|
|
location /public {
|
|
proxy_pass http://neode-backend:5959;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
|
|
# Proxy REST API requests
|
|
location /rest {
|
|
proxy_pass http://neode-backend:5959;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
|
|
# Proxy FileBrowser API to mock backend (demo mode)
|
|
location /app/filebrowser/ {
|
|
client_max_body_size 10G;
|
|
proxy_pass http://neode-backend:5959;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_request_buffering off;
|
|
}
|
|
|
|
# Serve AIUI SPA
|
|
location /aiui/ {
|
|
alias /usr/share/nginx/html/aiui/;
|
|
try_files $uri $uri/ =404;
|
|
|
|
location ~* /aiui/assets/ {
|
|
expires 1y;
|
|
add_header Cache-Control "public, immutable";
|
|
}
|
|
}
|
|
|
|
# Proxy AIUI API requests (web-search, etc.) to backend
|
|
location /api/ {
|
|
proxy_pass http://neode-backend:5959;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
|
|
# Proxy Ollama (local AI) requests to backend
|
|
location /aiui/api/ollama/ {
|
|
proxy_pass http://neode-backend:5959;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_buffering off;
|
|
proxy_cache off;
|
|
proxy_read_timeout 300s;
|
|
proxy_set_header Connection "";
|
|
}
|
|
|
|
# Proxy Claude API requests to backend (which handles API key + streaming)
|
|
location /aiui/api/claude/ {
|
|
proxy_pass http://neode-backend:5959;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_buffering off;
|
|
proxy_cache off;
|
|
proxy_read_timeout 300s;
|
|
proxy_set_header Connection "";
|
|
}
|
|
|
|
# Serve static files
|
|
location / {
|
|
try_files $uri $uri/ /index.html;
|
|
}
|
|
|
|
# Cache static assets
|
|
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
|
expires 1y;
|
|
add_header Cache-Control "public, immutable";
|
|
}
|
|
}
|
|
}
|