auth_request /whawty-sso-auth; error_page 401 = @error401; location /whawty-sso-auth { internal; proxy_pass http://127.0.0.1:{{ item.value.port }}/auth; proxy_pass_request_body off; proxy_set_header Content-Length ""; proxy_set_header X-Origin-URI $request_uri; proxy_set_header X-Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location @error401 { return 303 {{ item.value.login_url }}?redir=$scheme://$http_host$request_uri; }