system/nginx/03/keycloak.conf
Georg 4048b8c556
Initial nginx run 03/05
Signed-off-by: Georg <georg@lysergic.dev>
2021-08-30 20:57:05 +02:00

44 lines
1.6 KiB
Plaintext

##
## PRODUCTION CONFIG
## Keycloak Frontend Load Balancer
## Instance: selene
##
proxy_cache_path /tmp/NGINX_cache/ keys_zone=backcache:10m;
upstream jboss {
ip_hash;
server 192.168.0.110:8843;
server 192.168.0.115:8843;
server 192.168.0.120:8843;
}
server {
listen 202.61.255.100:443 ssl http2;
listen [2a03:4000:55:d1d::]:443 ssl http2;
server_name sso.casa;
ssl_certificate /etc/ssl/libertacasa.net/fullchain.pem;
ssl_certificate_key /etc/ssl/libertacasa.net/private/privkey.pem;
ssl_session_cache shared:SSL:1m;
ssl_prefer_server_ciphers on;
#location = / {
# return 302 /auth/;
#}
location / {
proxy_pass https://jboss;
proxy_cache backcache;
proxy_ssl_verify off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
proxy_buffer_size 256k;
proxy_buffers 4 512k;
proxy_busy_buffers_size 512k;
}