1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: Apache-2.0
6 error_log stderr info; # Yes, must be specified here _and_ cmdline
10 access_log {{ACCESSLOG}} combined;
11 upstream arv-git-http {
12 server localhost:{{GITPORT}};
15 listen *:{{GITSSLPORT}} ssl default_server;
17 ssl_certificate {{SSLCERT}};
18 ssl_certificate_key {{SSLKEY}};
20 proxy_pass http://arv-git-http;
24 server localhost:{{KEEPPROXYPORT}};
27 listen *:{{KEEPPROXYSSLPORT}} ssl default_server;
29 ssl_certificate {{SSLCERT}};
30 ssl_certificate_key {{SSLKEY}};
32 proxy_pass http://keepproxy;
36 server localhost:{{KEEPWEBPORT}};
39 listen *:{{KEEPWEBSSLPORT}} ssl default_server;
40 server_name ~^(?<request_host>.*)$;
41 ssl_certificate {{SSLCERT}};
42 ssl_certificate_key {{SSLKEY}};
44 proxy_pass http://keep-web;
45 proxy_set_header Host $request_host:{{KEEPWEBPORT}};
46 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
50 listen *:{{KEEPWEBDLSSLPORT}} ssl default_server;
52 ssl_certificate {{SSLCERT}};
53 ssl_certificate_key {{SSLKEY}};
55 proxy_pass http://keep-web;
56 proxy_set_header Host download:{{KEEPWEBPORT}};
57 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
58 proxy_redirect //download:{{KEEPWEBPORT}}/ https://$host:{{KEEPWEBDLSSLPORT}}/;
62 server localhost:{{WSPORT}};
65 listen *:{{WSSPORT}} ssl default_server;
66 server_name ~^(?<request_host>.*)$;
67 ssl_certificate {{SSLCERT}};
68 ssl_certificate_key {{SSLKEY}};
71 proxy_set_header Upgrade $http_upgrade;
72 proxy_set_header Connection "upgrade";
73 proxy_set_header Host $request_host:{{WSPORT}};
74 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
projects / arvados.git / blob