mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-02-22 20:39:40 +01:00
39 lines
1.1 KiB
Django/Jinja
39 lines
1.1 KiB
Django/Jinja
server
|
|
{
|
|
server_name {{domain}};
|
|
|
|
{% if oauth2_proxy_active | bool %}
|
|
# Include OAuth2 Proxy
|
|
# Raise the maximal header size.
|
|
# Keycloak uses huge headers for authentification
|
|
proxy_buffer_size 16k;
|
|
proxy_buffers 8 16k;
|
|
proxy_busy_buffers_size 16k;
|
|
large_client_header_buffers 4 16k;
|
|
|
|
# OAuth2-Proxy-Endpoint
|
|
location /oauth2/ {
|
|
proxy_pass http://127.0.0.1:{{ports.localhost.oauth2_proxy_ports[application_id]}};
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
{% endif %}
|
|
|
|
{% if nginx_matomo_tracking | bool %}
|
|
# Include Matomo Tracking Code
|
|
{% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %}
|
|
{% endif %}
|
|
|
|
{% if nginx_docker_reverse_proxy_extra_configuration is defined %}
|
|
# Additional Domain Specific Configuration
|
|
{{nginx_docker_reverse_proxy_extra_configuration}}
|
|
{% endif %}
|
|
|
|
{% include 'roles/letsencrypt/templates/ssl_header.j2' %}
|
|
|
|
{% include 'proxy_pass.conf.j2' %}
|
|
|
|
}
|