mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-02-23 12:51:54 +01:00
36 lines
1020 B
Django/Jinja
36 lines
1020 B
Django/Jinja
server
|
|
{
|
|
server_name {{domain}};
|
|
|
|
{% if oauth2_proxy_active | bool %}
|
|
# Include OAuth2 Proxy
|
|
# Raise the maximal header size.
|
|
# Keycloak uses huge headers for authentification
|
|
proxy_buffer_size 16k;
|
|
proxy_buffers 8 16k;
|
|
proxy_busy_buffers_size 16k;
|
|
large_client_header_buffers 4 16k;
|
|
|
|
# OAuth2-Proxy-Endpoint
|
|
location /oauth2/ {
|
|
proxy_pass http://127.0.0.1:{{ports.localhost.oauth2_proxy[application_id]}};
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
{% endif %}
|
|
|
|
{% include 'roles/nginx-modifier-all/templates/global.includes.conf.j2'%}
|
|
|
|
{% if nginx_docker_reverse_proxy_extra_configuration is defined %}
|
|
# Additional Domain Specific Configuration
|
|
{{nginx_docker_reverse_proxy_extra_configuration}}
|
|
{% endif %}
|
|
|
|
{% include 'roles/letsencrypt/templates/ssl_header.j2' %}
|
|
|
|
{% include 'proxy_pass.conf.j2' %}
|
|
|
|
}
|