diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2023-11-13 18:31:17 +0100 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2023-11-13 18:31:17 +0100 |
| commit | 937d3c3fa6290084346a8aa798166c912736fc81 (patch) | |
| tree | 93727236b0bb89d0e1b24d32bf2b507677b199d2 /roles/nginx/auth/whawty-sso/base/templates/nginx.snippet.j2 | |
| parent | upgraded a number of hosts to bookworm (diff) | |
add role nginx/auth/whawty-sso
Diffstat (limited to 'roles/nginx/auth/whawty-sso/base/templates/nginx.snippet.j2')
| -rw-r--r-- | roles/nginx/auth/whawty-sso/base/templates/nginx.snippet.j2 | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/roles/nginx/auth/whawty-sso/base/templates/nginx.snippet.j2 b/roles/nginx/auth/whawty-sso/base/templates/nginx.snippet.j2 new file mode 100644 index 00000000..f8f67c45 --- /dev/null +++ b/roles/nginx/auth/whawty-sso/base/templates/nginx.snippet.j2 @@ -0,0 +1,19 @@ +auth_request /auth; +error_page 401 = @error401; + +location /auth { + internal; + + proxy_pass 127.0.0.1:{{ item.value.port }}/auth; + proxy_pass_request_body off; + proxy_set_header Content-Length ""; + proxy_set_header X-Origin-URI $request_uri; + proxy_set_header X-Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; +} + +location @error401 { + return 302 {{ item.value.login_url }}?redir=$scheme://$http_host$request_uri; +} |