1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: Apache-2.0
6 error_log "{{ERRORLOG}}" info; # Yes, must be specified here _and_ cmdline
11 '[$time_local] $server_name $status $body_bytes_sent $request_time $request_method "$scheme://$http_host$request_uri" $remote_addr:$remote_port '
12 '"$http_referer" "$http_user_agent"';
13 access_log "{{ACCESSLOG}}" customlog;
14 client_body_temp_path "{{TMPDIR}}";
15 upstream arv-git-http {
16 server localhost:{{GITPORT}};
19 listen *:{{GITSSLPORT}} ssl default_server;
20 server_name arv-git-http;
21 ssl_certificate "{{SSLCERT}}";
22 ssl_certificate_key "{{SSLKEY}}";
24 proxy_pass http://arv-git-http;
25 proxy_set_header Host $http_host;
26 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
27 proxy_set_header X-Forwarded-Proto https;
32 server localhost:{{KEEPPROXYPORT}};
35 listen *:{{KEEPPROXYSSLPORT}} ssl default_server;
36 server_name keepproxy;
37 ssl_certificate "{{SSLCERT}}";
38 ssl_certificate_key "{{SSLKEY}}";
40 proxy_pass http://keepproxy;
41 proxy_set_header Host $http_host;
42 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
43 proxy_set_header X-Forwarded-Proto https;
48 server localhost:{{KEEPWEBPORT}};
51 listen *:{{KEEPWEBSSLPORT}} ssl default_server;
53 ssl_certificate "{{SSLCERT}}";
54 ssl_certificate_key "{{SSLKEY}}";
56 proxy_pass http://keep-web;
57 proxy_set_header Host $http_host;
58 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
59 proxy_set_header X-Forwarded-Proto https;
64 listen *:{{KEEPWEBDLSSLPORT}} ssl default_server;
65 server_name keep-web-dl ~.*;
66 ssl_certificate "{{SSLCERT}}";
67 ssl_certificate_key "{{SSLKEY}}";
69 proxy_pass http://keep-web;
70 proxy_set_header Host download:{{KEEPWEBPORT}};
71 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
72 proxy_set_header X-Forwarded-Proto https;
73 proxy_redirect https://download:{{KEEPWEBPORT}}/ https://$host:{{KEEPWEBDLSSLPORT}}/;
77 server localhost:{{WSPORT}};
80 listen *:{{WSSPORT}} ssl default_server;
81 server_name websocket;
82 ssl_certificate "{{SSLCERT}}";
83 ssl_certificate_key "{{SSLKEY}}";
86 proxy_set_header Upgrade $http_upgrade;
87 proxy_set_header Connection "upgrade";
88 proxy_set_header Host $http_host;
89 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
90 proxy_set_header X-Forwarded-Proto https;
95 server localhost:{{CONTROLLERPORT}};
98 listen *:{{CONTROLLERSSLPORT}} ssl default_server;
99 server_name controller;
100 ssl_certificate "{{SSLCERT}}";
101 ssl_certificate_key "{{SSLKEY}}";
103 proxy_pass http://controller;
104 proxy_set_header Host $http_host;
105 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
106 proxy_set_header X-Forwarded-Proto https;