From e97a9f309e257e46b514b86eb9e70a81174b8772 Mon Sep 17 00:00:00 2001 From: zino Date: Tue, 5 Dec 2023 18:54:25 +0100 Subject: [PATCH] m --- volumes/conf.d/code.zinomedia.de.conf | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/volumes/conf.d/code.zinomedia.de.conf b/volumes/conf.d/code.zinomedia.de.conf index 31aaeee..3db3c4c 100644 --- a/volumes/conf.d/code.zinomedia.de.conf +++ b/volumes/conf.d/code.zinomedia.de.conf @@ -22,20 +22,22 @@ server { add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:;" always; - # send all requests to the `/validate` endpoint for authorization - auth_request /validate; + include "snippets/enable-vouch.conf"; - location = /validate { - proxy_pass https://validate.vouch.armos.zinomedia.de; - } + # # send all requests to the `/validate` endpoint for authorization + # auth_request /validate; - # if validate returns `401 not authorized` then forward the request to the error401block - error_page 401 = @error401; + # location = /validate { + # proxy_pass https://validate.vouch.armos.zinomedia.de; + # } - location @error401 { - # redirect to Vouch Proxy for login - return 302 https://vouch.armos.zinomedia.de/login?url=$scheme://$http_host$request_uri&vouch-failcount=$auth_resp_failcount&X-Vouch-Token=$auth_resp_jwt&error=$auth_resp_err; - } + # # if validate returns `401 not authorized` then forward the request to the error401block + # error_page 401 = @error401; + + # location @error401 { + # # redirect to Vouch Proxy for login + # return 302 https://vouch.armos.zinomedia.de/login?url=$scheme://$http_host$request_uri&vouch-failcount=$auth_resp_failcount&X-Vouch-Token=$auth_resp_jwt&error=$auth_resp_err; + # } location / { resolver 127.0.0.11;