Skip to content

πŸ“ NGINX Gateway

πŸ” Security Notes

  • TLS/SSL termination must not be configured in NGINX
  • No certificates, private keys, or SSL configs are stored in this repository
  • HTTPS, certificates, and renewals are handled by Azure App Service Certificate Manager
  • NGINX operates over internal HTTP only
  • (TLS managed by Azure App Service)
gateway-nginx/
β”‚
β”œβ”€ docs/                                # Gateway documentation
β”‚  β”œβ”€ overview.md                       # Gateway purpose and responsibilities
β”‚  β”œβ”€ routing.md                        # Routing rules and upstream design
β”‚  β”œβ”€ security.md                       # Security headers, auth, rate limiting (NO TLS)
β”‚  β”œβ”€ observability.md                  # Logging, metrics and monitoring
β”‚  └─ deployment.md                     # Deployment on Azure App Service
β”‚
β”œβ”€ tests/                               # Gateway tests
β”‚  β”œβ”€ smoke-tests/                      # Basic routing and availability tests
β”‚  β”œβ”€ security-tests/                   # Headers, CORS and rate limit validation
β”‚  └─ performance-tests/                # Basic load and stress tests
β”‚
β”œβ”€ nginx/                               # NGINX configuration
β”‚  β”œβ”€ nginx.conf                        # Main NGINX configuration file
β”‚  β”‚
β”‚  β”œβ”€ conf.d/                           # Modular included configurations
β”‚  β”‚  β”œβ”€ upstreams.conf                 # Backend service definitions
β”‚  β”‚  β”œβ”€ routes.conf                    # Routing rules
β”‚  β”‚  β”œβ”€ security.conf                  # Security headers configuration
β”‚  β”‚  β”œβ”€ cors.conf                      # CORS configuration
β”‚  β”‚  └─ rate-limit.conf                # Rate limiting rules
β”‚  β”‚
β”‚  └─ snippets/                         # Reusable configuration blocks
β”‚     β”œβ”€ proxy-headers.conf             # Standard proxy headers to backends
β”‚     └─ logging.conf                   # Log format definitions
β”‚
β”œβ”€ Dockerfile                           # NGINX container image definition
└─ README.md                            # Gateway entry point and usage