2020-12-24 14:27:31 +01:00
|
|
|
server
|
|
|
|
|
{
|
|
|
|
|
server_name {{domain}};
|
|
|
|
|
|
2025-01-26 13:25:39 +01:00
|
|
|
{% if oauth2_proxy_active | bool %}
|
2025-01-26 15:15:23 +01:00
|
|
|
# Include OAuth2 Proxy
|
|
|
|
|
# Raise the maximal header size.
|
|
|
|
|
# Keycloak uses huge headers for authentification
|
|
|
|
|
proxy_buffer_size 16k;
|
|
|
|
|
proxy_buffers 8 16k;
|
|
|
|
|
proxy_busy_buffers_size 16k;
|
|
|
|
|
large_client_header_buffers 4 16k;
|
|
|
|
|
|
|
|
|
|
# OAuth2-Proxy-Endpoint
|
2025-01-26 13:25:39 +01:00
|
|
|
location /oauth2/ {
|
2025-01-30 15:04:23 +01:00
|
|
|
proxy_pass http://127.0.0.1:{{ports.localhost.oauth2_proxy_ports[application_id]}};
|
2025-01-26 13:25:39 +01:00
|
|
|
proxy_set_header Host $host;
|
|
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
|
}
|
|
|
|
|
{% endif %}
|
|
|
|
|
|
2025-02-07 13:39:46 +01:00
|
|
|
{% include 'roles/nginx-global/templates/global.includes.conf.j2'%}
|
|
|
|
|
|
2023-12-07 18:54:47 +01:00
|
|
|
{% if nginx_docker_reverse_proxy_extra_configuration is defined %}
|
2025-01-26 15:15:23 +01:00
|
|
|
# Additional Domain Specific Configuration
|
2023-12-07 18:54:47 +01:00
|
|
|
{{nginx_docker_reverse_proxy_extra_configuration}}
|
2020-12-24 14:27:31 +01:00
|
|
|
{% endif %}
|
|
|
|
|
|
2023-09-02 13:13:28 +02:00
|
|
|
{% include 'roles/letsencrypt/templates/ssl_header.j2' %}
|
2020-12-24 14:27:31 +01:00
|
|
|
|
|
|
|
|
{% include 'proxy_pass.conf.j2' %}
|
|
|
|
|
|
|
|
|
|
}
|
