system/nginx/01/keycloak.conf
Georg 89f7cffd73
Initial nginx run 01/05
Signed-off-by: Georg <georg@lysergic.dev>
2021-08-30 20:38:56 +02:00

80 lines
3.1 KiB
Plaintext

server {
listen 127.0.0.1:443 ssl http2;
server_name wildfly-keycloak-prod-theia.two.secure.squirrelcube.xyz;
ssl_certificate /etc/ssl/tp/fullchain.pem;
ssl_certificate_key /etc/ssl/tp/private/privkey.pem;
location / {
proxy_pass http://127.0.0.5:10090;
proxy_set_header Host $host:10090;
proxy_set_header Origin http://$host:10090;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_request_headers on;
}
}
server {
listen 127.0.0.1:443 ssl http2;
server_name keycloak-prod-theia.two.secure.squirrelcube.xyz;
ssl_certificate /etc/ssl/tp/fullchain.pem;
ssl_certificate_key /etc/ssl/tp/private/privkey.pem;
location / {
proxy_pass http://192.168.0.110:8180;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
##
## PRODUCTION CONFIG
## Keycloak Frontend Load Balancer
## Instance: theia
##
proxy_cache_path /tmp/NGINX_cache/ keys_zone=backcache:10m;
upstream jboss {
ip_hash;
server 192.168.0.110:8843;
server 192.168.0.115:8843;
server 192.168.0.120:8843;
}
server {
listen 81.16.19.64:443 ssl http2;
listen [2a03:4000:47:58a::]:443 ssl http2;
server_name sso.casa;
ssl_certificate /etc/ssl/lego/certificates/libertacasa.net.crt;
ssl_certificate_key /etc/ssl/lego/certificates/libertacasa.net.key;
ssl_session_cache shared:SSL:1m;
ssl_prefer_server_ciphers on;
#location = / {
# return 302 /auth/;
#}
location / {
proxy_pass https://jboss;
proxy_cache backcache;
proxy_ssl_verify off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
proxy_buffer_size 256k;
proxy_buffers 4 512k;
proxy_busy_buffers_size 512k;
}