1 # Copyright (C) The Arvados Authors. All rights reserved.
3 # SPDX-License-Identifier: Apache-2.0
6 error_log "{{ERRORLOG}}" info; # Yes, must be specified here _and_ cmdline
10 access_log "{{ACCESSLOG}}" combined;
11 client_body_temp_path "{{TMPDIR}}";
12 upstream arv-git-http {
13 server localhost:{{GITPORT}};
16 listen *:{{GITSSLPORT}} ssl default_server;
18 ssl_certificate "{{SSLCERT}}";
19 ssl_certificate_key "{{SSLKEY}}";
21 proxy_pass http://arv-git-http;
25 server localhost:{{KEEPPROXYPORT}};
28 listen *:{{KEEPPROXYSSLPORT}} ssl default_server;
30 ssl_certificate "{{SSLCERT}}";
31 ssl_certificate_key "{{SSLKEY}}";
33 proxy_pass http://keepproxy;
37 server localhost:{{KEEPWEBPORT}};
40 listen *:{{KEEPWEBSSLPORT}} ssl default_server;
41 server_name ~^(?<request_host>.*)$;
42 ssl_certificate "{{SSLCERT}}";
43 ssl_certificate_key "{{SSLKEY}}";
45 proxy_pass http://keep-web;
46 proxy_set_header Host $request_host:{{KEEPWEBPORT}};
47 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
51 listen *:{{KEEPWEBDLSSLPORT}} ssl default_server;
53 ssl_certificate "{{SSLCERT}}";
54 ssl_certificate_key "{{SSLKEY}}";
56 proxy_pass http://keep-web;
57 proxy_set_header Host download:{{KEEPWEBPORT}};
58 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
59 proxy_redirect //download:{{KEEPWEBPORT}}/ https://$host:{{KEEPWEBDLSSLPORT}}/;
63 server localhost:{{WSPORT}};
66 listen *:{{WSSPORT}} ssl default_server;
67 server_name ~^(?<request_host>.*)$;
68 ssl_certificate "{{SSLCERT}}";
69 ssl_certificate_key "{{SSLKEY}}";
72 proxy_set_header Upgrade $http_upgrade;
73 proxy_set_header Connection "upgrade";
74 proxy_set_header Host $request_host:{{WSPORT}};
75 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
79 server localhost:{{CONTROLLERPORT}};
82 listen *:{{CONTROLLERSSLPORT}} ssl default_server;
84 ssl_certificate "{{SSLCERT}}";
85 ssl_certificate_key "{{SSLKEY}}";
87 proxy_pass http://controller;
88 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
projects / arvados.git / blob