Skip to content
Snippets Groups Projects
Commit 561932b7 authored by Jeffrey Phillips Freeman's avatar Jeffrey Phillips Freeman :boom:
Browse files

Changed settings so the client ip is passed through the proxy.

parent dfaf75cb
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
swarm-proxy-letsencrypt/app/letsencrypt_service
+ 6
1
View file @ 561932b7
...@@ -331,7 +331,7 @@ function update_certs { ...@@ -331,7 +331,7 @@ function update_certs {
server { server {
server_name ${LE_HOST}; server_name ${LE_HOST};
listen 444 ssl http2 ; listen 444 ssl http2 proxy_protocol;
ssl_session_timeout 5m; ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m; ssl_session_cache shared:SSL:50m;
ssl_session_tickets off; ssl_session_tickets off;
...@@ -351,6 +351,11 @@ server { ...@@ -351,6 +351,11 @@ server {
include /etc/nginx/loc.d/${LE_HOST}-all-*; include /etc/nginx/loc.d/${LE_HOST}-all-*;
include /etc/nginx/loc.d/default*; include /etc/nginx/loc.d/default*;
proxy_set_header Host \$host;
proxy_set_header X-Real-IP \$proxy_protocol_addr;
proxy_set_header X-Forwarded-For \$proxy_protocol_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_pass http://${LE_HOST}_upstream; proxy_pass http://${LE_HOST}_upstream;
} }
} }
......
swarm-proxy/https-routing.conf.tmpl
+ 2
1
View file @ 561932b7
...@@ -15,10 +15,11 @@ stream { ...@@ -15,10 +15,11 @@ stream {
server 127.0.0.1:444; server 127.0.0.1:444;
} }
proxy_protocol on;
server { server {
listen 443; listen 443;
proxy_pass $name; proxy_pass $name;
ssl_preread on; ssl_preread on;
} }
} }
swarm-proxy/swarm-proxy.conf.tmpl
+ 6
0
View file @ 561932b7
...@@ -14,6 +14,12 @@ server { ...@@ -14,6 +14,12 @@ server {
include /etc/nginx/loc.d/${LE_HOST}-http-*; include /etc/nginx/loc.d/${LE_HOST}-http-*;
include /etc/nginx/loc.d/${LE_HOST}-all-*; include /etc/nginx/loc.d/${LE_HOST}-all-*;
include /etc/nginx/loc.d/default*; include /etc/nginx/loc.d/default*;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
proxy_pass http://${HOST}_upstream; proxy_pass http://${HOST}_upstream;
} }
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment