Protei/PromucFlow_constructor
2
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Fix X-Forwarded-Host with multiple rev-proxies (#16951)

Browse Source
This commit is contained in:
Shrikant Sharat Kandula 2022-10-14 06:30:27 +05:30 committed by GitHub
parent 282f1ff5a6
commit d6b4cb5f19
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 32 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
deploy/docker/templates/nginx/nginx-app-http.conf.template.sh
View File

@ -13,6 +13,12 @@ map \$http_x_forwarded_proto \$origin_scheme {
default \$http_x_forwarded_proto;
'' \$scheme;
}
map \$http_x_forwarded_host \$origin_host {
default \$http_x_forwarded_host;
'' \$host;
}
# redirect log to stdout for supervisor to capture
access_log /dev/stdout;
@ -48,11 +54,11 @@ server {
proxy_max_temp_file_size 0;
proxy_redirect off;
proxy_set_header Host \$http_host/supervisor/;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme;
proxy_set_header X-Forwarded-Host \$http_host;
proxy_set_header Connection "";
proxy_set_header Host \$http_host/supervisor/;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$origin_scheme;
proxy_set_header X-Forwarded-Host \$origin_host;
proxy_set_header Connection "";
proxy_pass http://localhost:9001/;
@ -61,7 +67,7 @@ server {
}
proxy_set_header X-Forwarded-Proto \$origin_scheme;
proxy_set_header X-Forwarded-Host \$host;
proxy_set_header X-Forwarded-Host \$origin_host;
location / {
try_files \$uri /index.html =404;

34
deploy/docker/templates/nginx/nginx-app-https.conf.template.sh
View File

@ -19,6 +19,12 @@ map \$http_x_forwarded_proto \$origin_scheme {
default \$http_x_forwarded_proto;
'' \$scheme;
}
map \$http_x_forwarded_host \$origin_host {
default \$http_x_forwarded_host;
'' \$host;
}
# redirect log to stdout for supervisor to capture
access_log /dev/stdout;
@ -47,23 +53,23 @@ server {
}
location /supervisor/ {
proxy_http_version 1.1;
proxy_buffering off;
proxy_max_temp_file_size 0;
proxy_redirect off;
proxy_set_header Host \$http_host/supervisor/;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$origin_scheme;
proxy_set_header X-Forwarded-Host \$http_host;
proxy_set_header Connection "";
proxy_pass http://localhost:9001/;
auth_basic "Protected";
auth_basic_user_file /etc/nginx/passwords;
proxy_http_version 1.1;
proxy_buffering off;
proxy_max_temp_file_size 0;
proxy_redirect off;
proxy_set_header Host \$http_host/supervisor/;
proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$origin_scheme;
proxy_set_header X-Forwarded-Host \$origin_host;
proxy_set_header Connection "";
proxy_pass http://localhost:9001/;
auth_basic "Protected";
auth_basic_user_file /etc/nginx/passwords;
}
proxy_set_header X-Forwarded-Proto \$origin_scheme;
proxy_set_header X-Forwarded-Host \$host;
proxy_set_header X-Forwarded-Host \$origin_host;
client_max_body_size 100m;