projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch '7173-jessie' refs #7173
[arvados.git] / doc / install / install-keepproxy.html.textile.liquid
diff --git a/doc/install/install-keepproxy.html.textile.liquid b/doc/install/install-keepproxy.html.textile.liquid
index 07e43a8d733fc5b4f38be7bb54f8f2f5258837a4..6a531a37848d2c2eaa5af34e20fb63c32351f4bf 100644 (file)
--- a/doc/install/install-keepproxy.html.textile.liquid
+++ b/doc/install/install-keepproxy.html.textile.liquid
@@ -73,31 +73,26 @@ This is best achieved by putting a reverse proxy with SSL support in front of Ke
 
 <notextile><pre>
 upstream keepproxy {
-  server     127.0.0.1:25107  fail_timeout=10s;
+  server                127.0.0.1:<span class="userinput">25107</span>;
 }
 
 server {
-  listen       <span class="userinput">[your public IP address]</span>:443 ssl;
-  server_name  <span class="userinput">keep.@uuid_prefix@.your.domain</span>
+  listen                <span class="userinput">[your public IP address]</span>:443 ssl;
+  server_name           keep.<span class="userinput">uuid_prefix</span>.your.domain
 
-  ssl on;
-  ssl_certificate           /etc/nginx/keep.example.com-ssl.crt;
-  ssl_certificate_key       /etc/nginx/keep.example.com-ssl.key;
+  proxy_connect_timeout 90s;
+  proxy_read_timeout    300s;
+  proxy_set_header      X-Real-IP $remote_addr;
+
+  ssl                   on;
+  ssl_certificate       /etc/nginx/keep.<span class="userinput">uuid_prefix</span>.your.domain-ssl.crt;
+  ssl_certificate_key   /etc/nginx/keep.<span class="userinput">uuid_prefix</span>.your.domain-ssl.key;
 
   # Clients need to be able to upload blocks of data up to 64MiB in size.
-  client_max_body_size 64m;
+  client_max_body_size  64m;
 
   location / {
-    proxy_pass            http://keepproxy;
-    proxy_redirect        off;
-    proxy_connect_timeout 90;
-    proxy_read_timeout    300;
-
-    proxy_set_header      X-Forwarded-Proto https;
-    proxy_set_header      Host $http_host;
-    proxy_set_header      X-External-Client $external_client;
-    proxy_set_header      X-Real-IP $remote_addr;
-    proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_pass          http://keepproxy;
   }
 }
 </pre></notextile>
@@ -109,11 +104,11 @@ h3. Tell the API server about the Keepproxy server
 The API server needs to be informed about the presence of your Keepproxy server. Please execute the following commands on your <strong>shell server</strong>.
 
 <notextile>
-<pre><code>~$ <span class="userinput">prefix=`arv --format=uuid user current | cut -d- -f1`</span>
-~$ <span class="userinput">echo "Site prefix is '$prefix'"</span>
+<pre><code>~$ <span class="userinput">uuid_prefix=`arv --format=uuid user current | cut -d- -f1`</span>
+~$ <span class="userinput">echo "Site prefix is '$uuid_prefix'"</span>
 ~$ <span class="userinput">read -rd $'\000' keepservice &lt;&lt;EOF; arv keep_service create --keep-service "$keepservice"</span>
 <span class="userinput">{
- "service_host":"<strong>keep.$prefix.your.domain</strong>",
+ "service_host":"<strong>keep.$uuid_prefix.your.domain</strong>",
  "service_port":443,
  "service_ssl_flag":true,
  "service_type":"proxy"