InfraScience
/
ansible-role-inception
24
0
Fork 0
Code Issues Pull Requests Releases Activity

Additional authz

This commit is contained in:
Andrea Dell'Amico 2021-11-04 13:15:05 +01:00
parent 3c2099d7f7
commit d2845c77a8
Signed by: andrea.dellamico
GPG Key ID: 147ABE6CEB9E20FF
1 changed files with 36 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
templates/nginx.default.conf.j2
View File

@ -150,6 +150,24 @@ server {
proxy_pass http://_inception-server;
}
location ~ /de\.tudarmstadt\.ukp\.inception.* {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
# Required for new HTTP-based CLI
proxy_request_buffering off;
proxy_buffering off; # Required for HTTP-based CLI to work over SSL
proxy_set_header Connection ""; # Clear for keepalive
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Original-URI $request_uri;
proxy_set_header Authorization "Bearer $auth_token";
proxy_set_header remote_user "$remote_user";
proxy_pass http://_inception-server;
}
location /p/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
@ -186,6 +204,24 @@ server {
proxy_pass http://_inception-server;
}
location /admin/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
# Required for new HTTP-based CLI
proxy_request_buffering off;
proxy_buffering off; # Required for HTTP-based CLI to work over SSL
proxy_set_header Connection ""; # Clear for keepalive
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Original-URI $request_uri;
proxy_set_header Authorization "Bearer $auth_token";
proxy_set_header remote_user "$remote_user";
proxy_pass http://_inception-server;
}
location /favicon.ico {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
@ -259,7 +295,6 @@ server {
}
location / {
proxy_set_header remote_user "$remote_user";
js_content pep.enforce;
}