arvados/config/sso/nginx.conf

   1 # Copyright (C) The Arvados Authors. All rights reserved.
   2 #
   3 # SPDX-License-Identifier: Apache-2.0
   4
   5 server {
   6   listen 127.0.0.1:9000;
   7   server_name localhost-sso;
   8
   9   root /var/www/arvados-sso/current/public;
  10   index  index.html index.htm index.php;
  11
  12   passenger_enabled on;
  13   # If you're using RVM, uncomment the line below.
  14   passenger_ruby /usr/local/rvm/wrappers/default/ruby;
  15
  16   # `client_max_body_size` should match the corresponding setting in
  17   # the API server's Nginx configuration.
  18   client_max_body_size 128m;
  19 }
  20
  21 upstream sso {
  22   server     127.0.0.1:9000  fail_timeout=10s;
  23 }
  24
  25 proxy_http_version 1.1;
  26
  27 server {
  28   listen       0.0.0.0:3002 ssl;
  29   server_name  public-sso;
  30
  31   ssl on;
  32   ssl_certificate     /etc/ssl/certs/sso.pem;
  33   ssl_certificate_key /etc/ssl/private/sso.key;
  34
  35   index  index.html index.htm index.php;
  36   # `client_max_body_size` should match the corresponding setting in
  37   # the API server's Nginx configuration.
  38   client_max_body_size 128m;
  39
  40   location / {
  41     proxy_pass            http://sso;
  42     proxy_redirect        off;
  43     proxy_connect_timeout 90s;
  44     proxy_read_timeout    300s;
  45
  46     proxy_set_header      X-Forwarded-Proto https;
  47     proxy_set_header      Host $http_host;
  48     proxy_set_header      X-Real-IP $remote_addr;
  49     proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
  50   }
  51 }