-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathserver.conf
52 lines (44 loc) · 1.56 KB
/
server.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
# You can run this configuration with Docker:
#
# docker run --rm -p 8080:8080 \
# -v $PWD/server.conf:/etc/nginx/conf.d/server.conf:ro \
# nginx:latest
#
# In the below example, port 8081 is nginx-auth, and port 8082 is a tiny
# example application we're protecting.
server {
listen 8080;
listen [::]:8080;
server_name localhost;
auth_request @authcheck;
error_page 403 = @error403;
# Your regular application goes here.
location / {
proxy_pass http://host.docker.internal:8082;
# Optional: send the logged in email to the application in a header.
auth_request_set $portier_email $upstream_http_x_portier_email;
proxy_set_header X-Portier-Email $portier_email;
}
# The nginx-auth server adds a couple of routes. This path can be customized,
# as long as the `-url` argument matches. In this example, you'd use:
# nginx-auth -url http://localhost:8080/_portier
location /_portier {
proxy_pass http://host.docker.internal:8081;
auth_request off;
}
# Named location called by auth_request to perform the subrequest.
location = @authcheck {
proxy_pass http://host.docker.internal:8081/check;
# The auth check doesn't care about any request body, so strip it.
proxy_pass_request_body off;
proxy_set_header Content-Length "";
}
# Named location called when the auth check returns 403.
#
# This redirects to nginx-auth to render a login form. You can change its
# template and recompile, or change this location to serve your own login
# page that has a form that posts to `/_portier`.
location @error403 {
return 303 /_portier;
}
}