m
This commit is contained in:
zino
@@ -22,22 +22,7 @@ server {
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:;" always;
|
||||
|
||||
include "snippets/enable-vouch.conf";
|
||||
|
||||
# # send all requests to the `/validate` endpoint for authorization
|
||||
# auth_request /validate;
|
||||
|
||||
# location = /validate {
|
||||
# proxy_pass https://validate.vouch.armos.zinomedia.de;
|
||||
# }
|
||||
|
||||
# # if validate returns `401 not authorized` then forward the request to the error401block
|
||||
# error_page 401 = @error401;
|
||||
|
||||
# location @error401 {
|
||||
# # redirect to Vouch Proxy for login
|
||||
# return 302 https://vouch.armos.zinomedia.de/login?url=$scheme://$http_host$request_uri&vouch-failcount=$auth_resp_failcount&X-Vouch-Token=$auth_resp_jwt&error=$auth_resp_err;
|
||||
# }
|
||||
#include "snippets/enable-vouch.conf";
|
||||
|
||||
location / {
|
||||
resolver 127.0.0.11;
|
||||
@@ -45,14 +30,14 @@ server {
|
||||
|
||||
proxy_pass http://$upstream;
|
||||
proxy_http_version 1.1;
|
||||
#proxy_set_header Host $host;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Accept-Encoding gzip;
|
||||
proxy_set_header Connection upgrade;
|
||||
proxy_headers_hash_max_size 512;
|
||||
proxy_headers_hash_bucket_size 128;
|
||||
proxy_read_timeout 3600;
|
||||
proxy_set_header Host $http_host; # vouch: be sure to pass the original host header
|
||||
#proxy_set_header Host $http_host; # vouch: be sure to pass the original host header
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user