m

volumes/conf.d/code.zinomedia.de.conf

@@ -1,3 +1,7 @@
+upstream vouch_proxy {
+    server vouch:9090;
+}
+
 server {
     listen 443 ssl;
     #listen [::]:443 ssl;
@@ -22,10 +26,6 @@ server {
     # send all requests to the `/validate` endpoint for authorization
     auth_request /validate;
 
-    resolver 127.0.0.11 valid=60s ipv6=off;
-    resolver_timeout 10s;
-    set $upstream "vouch:9090";
-
     location = /validate {
         # forward the /validate request to Vouch Proxy
         #proxy_pass http://127.0.0.1:9090/validate;
@@ -33,6 +33,9 @@ server {
         # forward the /validate request to Vouch Proxy
         #proxy_pass http://vouch:9090/validate;
 
+        
+        
+
         # be sure to pass the original host header
         proxy_set_header Host $http_host;
 
@@ -47,8 +50,13 @@ server {
         auth_request_set $auth_resp_jwt $upstream_http_x_vouch_jwt;
         auth_request_set $auth_resp_err $upstream_http_x_vouch_err;
         auth_request_set $auth_resp_failcount $upstream_http_x_vouch_failcount;
+        
+        #resolver 127.0.0.11 valid=60s ipv6=off;
+        #resolver_timeout 10s;
+        #set $upstream "http://vouch:9090/validate";
+        #proxy_pass $upstream;
 
-        proxy_pass http://$upstream/validate;
+        proxy_pass http://vouch_proxy/validate;
     }
 
     # if validate returns `401 not authorized` then forward the request to the error401block