Protei/PromucFlow_constructor
2
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

Fix X-Forwarded-Host with multiple rev-proxies (#16951)

Browse Source
This commit is contained in:
Shrikant Sharat Kandula 2022-10-14 06:30:27 +05:30 committed by GitHub
parent 282f1ff5a6
commit d6b4cb5f19
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 32 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
deploy/docker/templates/nginx/nginx-app-http.conf.template.sh
View File

@ -13,6 +13,12 @@ map \$http_x_forwarded_proto \$origin_scheme {
default \$http_x_forwarded_proto; default \$http_x_forwarded_proto;
'' \$scheme; '' \$scheme;
} }
map \$http_x_forwarded_host \$origin_host {
default \$http_x_forwarded_host;
'' \$host;
}
# redirect log to stdout for supervisor to capture # redirect log to stdout for supervisor to capture
access_log /dev/stdout; access_log /dev/stdout;
@ -48,11 +54,11 @@ server {
proxy_max_temp_file_size 0; proxy_max_temp_file_size 0;
proxy_redirect off; proxy_redirect off;
proxy_set_header Host \$http_host/supervisor/; proxy_set_header Host \$http_host/supervisor/;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$scheme; proxy_set_header X-Forwarded-Proto \$origin_scheme;
proxy_set_header X-Forwarded-Host \$http_host; proxy_set_header X-Forwarded-Host \$origin_host;
proxy_set_header Connection ""; proxy_set_header Connection "";
proxy_pass http://localhost:9001/; proxy_pass http://localhost:9001/;
@ -61,7 +67,7 @@ server {
} }
proxy_set_header X-Forwarded-Proto \$origin_scheme; proxy_set_header X-Forwarded-Proto \$origin_scheme;
proxy_set_header X-Forwarded-Host \$host; proxy_set_header X-Forwarded-Host \$origin_host;
location / { location / {
try_files \$uri /index.html =404; try_files \$uri /index.html =404;

34
deploy/docker/templates/nginx/nginx-app-https.conf.template.sh
View File

@ -19,6 +19,12 @@ map \$http_x_forwarded_proto \$origin_scheme {
default \$http_x_forwarded_proto; default \$http_x_forwarded_proto;
'' \$scheme; '' \$scheme;
} }
map \$http_x_forwarded_host \$origin_host {
default \$http_x_forwarded_host;
'' \$host;
}
# redirect log to stdout for supervisor to capture # redirect log to stdout for supervisor to capture
access_log /dev/stdout; access_log /dev/stdout;
@ -47,23 +53,23 @@ server {
} }
location /supervisor/ { location /supervisor/ {
proxy_http_version 1.1; proxy_http_version 1.1;
proxy_buffering off; proxy_buffering off;
proxy_max_temp_file_size 0; proxy_max_temp_file_size 0;
proxy_redirect off; proxy_redirect off;
proxy_set_header Host \$http_host/supervisor/; proxy_set_header Host \$http_host/supervisor/;
proxy_set_header X-Real-IP \$remote_addr; proxy_set_header X-Real-IP \$remote_addr;
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto \$origin_scheme; proxy_set_header X-Forwarded-Proto \$origin_scheme;
proxy_set_header X-Forwarded-Host \$http_host; proxy_set_header X-Forwarded-Host \$origin_host;
proxy_set_header Connection ""; proxy_set_header Connection "";
proxy_pass http://localhost:9001/; proxy_pass http://localhost:9001/;
auth_basic "Protected"; auth_basic "Protected";
auth_basic_user_file /etc/nginx/passwords; auth_basic_user_file /etc/nginx/passwords;
} }
proxy_set_header X-Forwarded-Proto \$origin_scheme; proxy_set_header X-Forwarded-Proto \$origin_scheme;
proxy_set_header X-Forwarded-Host \$host; proxy_set_header X-Forwarded-Host \$origin_host;
client_max_body_size 100m; client_max_body_size 100m;