Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- server {
- listen 80;
- server_name localhost;
- root /usr/share/nginx/html;
- # referece healthcheck file in nginx container /usr/share/nginx/html folder
- location = /healthcheck {
- }
- location /auth {
- proxy_pass http://localhost:9090/auth$is_args$args;
- proxy_redirect off;
- }
- location /loginToIdp {
- proxy_pass http://localhost:9090/login;
- }
- location /SFDCChangePassword {
- return 302 https://dev-miscg.cs20.force.com/miptest/MIP_ForgotPassword;
- }
- location ~* /loggedIn {
- rewrite (.*)/loggedIn https://dev.iv.example.com/$1 permanent;
- }
- location = /validate {
- internal;
- # forward the /validate request to Vouch Proxy
- proxy_pass http://localhost:9090;
- # be sure to pass the original host header
- proxy_set_header Host dev.iv.example.com;
- # Vouch Proxy only acts on the request headers
- proxy_pass_request_body off;
- proxy_set_header Content-Length "";
- # optionally add X-Vouch-User as returned by Vouch Proxy along with the request
- auth_request_set $auth_resp_x_vouch_user $upstream_http_x_vouch_user;
- # these return values are used by the @error401 call
- auth_request_set $auth_resp_jwt $upstream_http_x_vouch_jwt;
- auth_request_set $auth_resp_err $upstream_http_x_vouch_err;
- auth_request_set $auth_resp_failcount $upstream_http_x_vouch_failcount;
- }
- # if validate returns `401 not authorized` then forward the request to the error401block
- error_page 401 = @error401;
- location @error401 {
- # redirect to Vouch Proxy for login
- return 302 http://dev.iv.example.com/loginToIdp?url=https://dev.iv.example.com$request_uri/loggedIn&vouch-failcount=$auth_resp_failcount&X-Vouch-Token=$auth_resp_jwt&error=$auth_resp_err;
- }
- location ~/api/spg/administration/(.*) {
- # return 301 http://apidns:8084/administration/$1;
- proxy_http_version 1.1;
- auth_request /validate;
- proxy_pass http://apidns:8084/administration/$1?$query_string;
- proxy_redirect off;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- location ~/api/research/document/(.*) {
- proxy_http_version 1.1;
- auth_request /validate;
- proxy_pass http://apidns:8081/api/mdc/pdf?docId=$1&alt=pdf;
- proxy_redirect off;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- location ~/api/search/(.*) {
- proxy_http_version 1.1;
- auth_request /validate;
- proxy_pass http://apidns:8081/api/mdc/research?$query_string;
- proxy_redirect off;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- location ~/api/profile/(.*) {
- proxy_http_version 1.1;
- auth_request /validate;
- proxy_pass http://apidns:8081/api/sfdc/employee?$query_string;
- proxy_redirect off;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- location ~/api/team/(.*) {
- proxy_http_version 1.1;
- auth_request /validate;
- proxy_pass http://apidns:8081/api/sfdc/team?$query_string;
- proxy_redirect off;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- location / {
- auth_request /validate;
- proxy_pass http://internal-iport-qa3-dotcms-elb-1111111.us-east-1.elb.amazonaws.com/;
- proxy_set_header X-Vouch-User $auth_resp_x_vouch_user;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- }
- # redirect server error pages to the static page /50x.html
- error_page 500 502 503 504 /error;
- location = /50x.html {
- root /usr/share/nginx/html;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement