fifth-domain/server-tools/lake-lamp-authz/guanghu-authz.nginx.conf

15 lines
557 B
Plaintext

# Public approval surface. The service itself remains on JD loopback and this
# route is reached through a permitopen-restricted SSH tunnel.
location /authz/ {
proxy_pass http://127.0.0.1:19221/;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Prefix /authz;
proxy_connect_timeout 5s;
proxy_read_timeout 30s;
client_max_body_size 64k;
}