50 lines
1.9 KiB
YAML
50 lines
1.9 KiB
YAML
---
|
|
nginx_set_frame_origin: True
|
|
nginx_x_frame_options: ''
|
|
nginx_virthosts:
|
|
- virthost_name: 'shinyproxy-test.d4science.org'
|
|
server_name: 'shinyproxy-test.d4science.org'
|
|
upstream_backends:
|
|
- name: shinyproxy_test
|
|
servers:
|
|
- '{{ docker_garr_swarm1_ip }}:8080'
|
|
- '{{ docker_garr_swarm2_ip }}:8080'
|
|
- '{{ docker_garr_swarm3_ip }}:8080'
|
|
ssl_enabled: True
|
|
ssl_only: True
|
|
ssl_letsencrypt_certs: '{{ nginx_letsencrypt_managed }}'
|
|
root: '{{ nginx_webroot }}'
|
|
server_tokens: 'off'
|
|
proxy_standard_setup: True
|
|
include_global_proxy_conf: True
|
|
websockets: True
|
|
locations:
|
|
- location: /
|
|
other_opts:
|
|
- 'js_content pep.enforce'
|
|
- location: /jwt_verify_request
|
|
target: 'https://{{ keycloak_auth_server }}/auth/realms/d4science/protocol/openid-connect/token/introspect'
|
|
other_opts:
|
|
- 'internal'
|
|
- 'proxy_method POST'
|
|
- 'gunzip on'
|
|
- 'proxy_set_header Authorization {{ keycloak_auth_credentials_prod }}'
|
|
- 'proxy_set_header Content-Type "application/x-www-form-urlencoded"'
|
|
- 'proxy_cache'
|
|
- 'proxy_cache_key $source_auth'
|
|
- 'proxy_cache_lock on'
|
|
- 'proxy_cache_valid 200 10s'
|
|
- 'proxy_ignore_headers Cache-Control Expires Set-Cookie'
|
|
- location: /_backend
|
|
- 'internal'
|
|
- 'resolver 146.48.122.10'
|
|
- 'proxy_set_header Authorization "$auth_token"'
|
|
target: 'http://shinyproxy_test$request_uri'
|
|
- location: /_accounting
|
|
target: 'https://accounting-service.d4science.org/accounting-service/record'
|
|
other_opts:
|
|
- 'internal'
|
|
- 'proxy_method POST'
|
|
- 'proxy_set_header Authorization "$auth_token"'
|
|
- 'proxy_set_header Content-Type "application/json"'
|