diff options
Diffstat (limited to 'roles/nginx/auth/sso/base/templates/nginx.snippet.j2')
| -rw-r--r-- | roles/nginx/auth/sso/base/templates/nginx.snippet.j2 | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/roles/nginx/auth/sso/base/templates/nginx.snippet.j2 b/roles/nginx/auth/sso/base/templates/nginx.snippet.j2 new file mode 100644 index 00000000..f8558d59 --- /dev/null +++ b/roles/nginx/auth/sso/base/templates/nginx.snippet.j2 @@ -0,0 +1,23 @@ +auth_request /sso-auth; +error_page 401 = @error401; + +location /sso-auth { + internal; + + proxy_pass {{ item.value.auth_url | default(item.value.base_url + '/auth') }}; + proxy_pass_request_body off; + proxy_set_header Content-Length ""; + proxy_set_header X-Origin-URI $request_uri; + proxy_set_header X-Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; +} + +location /sso-logout { + return 302 {{ item.value.base_url }}/logout?go=$scheme://$http_host/; +} + +location @error401 { + return 302 {{ item.value.base_url }}/login?go=$scheme://$http_host$request_uri; +} |