computer-playbook/roles/sys-svc-proxy/templates/location/html.conf.j2

{% set location = location | default("/")%}
location {{location}}
{
  {% if oauth2_proxy_enabled | default(false) | bool %}
    {% include 'roles/web-app-oauth2-proxy/templates/following_directives.conf.j2'%}
  {% endif %}

  {% include 'roles/sys-svc-proxy/templates/headers/content_security_policy.conf.j2' %}

  {% include 'roles/sys-svc-proxy/templates/headers/access_control_allow.conf.j2' %}

  # Client Limits for HTML
  client_max_body_size {{ webserver_client_max_body_size | default('100m') }};

  {% set _loc = location|trim %}
  proxy_pass http://127.0.0.1:{{ http_port }}{{ (_loc|regex_replace('^(?:=|\\^~)\\s*','')) if not (_loc is match('^(@|~)')) else '' }};

  # Proxyconfiguration for Upload
  proxy_set_header Host $host;
  proxy_set_header Authorization $http_authorization;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Forwarded-Proto $scheme;
  proxy_set_header X-Forwarded-Port {{ WEB_PORT }};
  proxy_set_header X-Forwarded-Ssl on;
  proxy_pass_request_headers on;

  # WebSocket specific header
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";

  # Timeouts
  proxy_connect_timeout     5s;
  proxy_send_timeout        900s;
  proxy_read_timeout        900s;
  send_timeout              900s;
  
  {% set proxy_lua_enabled = proxy_lua_enabled | default(true) | bool %}
  # Buffering needs to be activ, so that lua can do str replaces
  proxy_buffering           {{ 'on' if proxy_lua_enabled else 'off' }}; 
  proxy_request_buffering   {{ 'on' if proxy_lua_enabled else 'off' }};

  {% if proxy_lua_enabled %}
  proxy_set_header Accept-Encoding "";
  {% include 'roles/sys-front-inj-all/templates/location.lua.j2'%}
  {% endif %}
}