Set default buffer level for proxy basic conf, which are necessary for OIDC login

2025-08-30 23:38:13 +02:00 · 2025-08-20 15:56:32 +02:00
parent fa46523433
commit ad7e61e8b1
5 changed files with 17 additions and 19 deletions
--- a/roles/web-app-oauth2-proxy/templates/container.yml.j2
+++ b/roles/web-app-oauth2-proxy/templates/container.yml.j2
@@ -5,7 +5,7 @@
    command: --config /oauth2-proxy.cfg
    hostname: oauth2-proxy
    ports:
-      - {{ports.localhost.oauth2_proxy[application_id]}}:4180/tcp
+      - {{ ports.localhost.oauth2_proxy[application_id] }}:4180/tcp
    volumes:
      - "{{ docker_compose.directories.volumes }}{{applications | get_app_conf('web-app-oauth2-proxy','configuration_file')}}:/oauth2-proxy.cfg"
 {% endif %}
--- a/roles/web-app-oauth2-proxy/templates/endpoint.conf.j2
+++ b/roles/web-app-oauth2-proxy/templates/endpoint.conf.j2
@@ -1,16 +1,8 @@
-  {# Include OAuth2 Proxy #}
-  {# Raise the maximal header size. #}
-  {# Keycloak uses huge headers for authentification #}
-  proxy_buffer_size 16k;
-  proxy_buffers 8 16k;
-  proxy_busy_buffers_size 16k;
-  large_client_header_buffers 4 16k;
-
-  # OAuth2-Proxy-Endpoint
-  location /oauth2/ {
-      proxy_pass http://127.0.0.1:{{ports.localhost.oauth2_proxy[application_id]}};
-      proxy_set_header Host $host;
-      proxy_set_header X-Real-IP $remote_addr;
-      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-      proxy_set_header X-Forwarded-Proto $scheme;
-  }
+# OAuth2-Proxy-Endpoint
+location /oauth2/ {
+    proxy_pass http://127.0.0.1:{{ ports.localhost.oauth2_proxy[application_id] }};
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+}