diff --git a/volumes/conf.d/code.zinomedia.de.conf b/volumes/conf.d/code.zinomedia.de.conf index 78616cb..c8dffb8 100644 --- a/volumes/conf.d/code.zinomedia.de.conf +++ b/volumes/conf.d/code.zinomedia.de.conf @@ -27,32 +27,31 @@ server { auth_request /validate; location = /validate { - proxy_pass https://validate.vouch.armos.zinomedia.de; + #proxy_pass https://validate.vouch.armos.zinomedia.de; # forward the /validate request to Vouch Proxy #proxy_pass http://127.0.0.1:9090/validate; # forward the /validate request to Vouch Proxy #proxy_pass http://vouch:9090/validate; + resolver 127.0.0.11; + set $upstream "http://vouch:9090"; + proxy_pass $upstream; # be sure to pass the original host header - #proxy_set_header Host $http_host; + proxy_set_header Host $http_host; # Vouch Proxy only acts on the request headers - #proxy_pass_request_body off; - #proxy_set_header Content-Length ""; + proxy_pass_request_body off; + proxy_set_header Content-Length ""; # optionally add X-Vouch-User as returned by Vouch Proxy along with the request - #auth_request_set $auth_resp_x_vouch_user $upstream_http_x_vouch_user; + auth_request_set $auth_resp_x_vouch_user $upstream_http_x_vouch_user; # these return values are used by the @error401 call - #auth_request_set $auth_resp_jwt $upstream_http_x_vouch_jwt; - #auth_request_set $auth_resp_err $upstream_http_x_vouch_err; - #auth_request_set $auth_resp_failcount $upstream_http_x_vouch_failcount; - - #resolver 127.0.0.11; - #set $upstream 'http://vouch:9090/validate'; - #proxy_pass $upstream; + auth_request_set $auth_resp_jwt $upstream_http_x_vouch_jwt; + auth_request_set $auth_resp_err $upstream_http_x_vouch_err; + auth_request_set $auth_resp_failcount $upstream_http_x_vouch_failcount; } # if validate returns `401 not authorized` then forward the request to the error401block