6
0
mirror of https://github.com/ChristianLight/tutor.git synced 2024-12-13 22:48:20 +00:00
tutor/plugins/notes/tutornotes/patches/nginx-extra
Régis Behmo c431fb81ff Fix insecure asset loading with web proxy enabled
This issue is well described in this post:
https://discuss.overhang.io/t/reverse-proxy-and-mixed-content-issue/86

When WEB_PROXY=True and ACTIVATE_HTTPS=True the containerized nginx sets
an incorrect value for X-Forwarded-Proto.
2019-07-07 17:14:31 +08:00

37 lines
999 B
Plaintext

### Student notes service
upstream notes-backend {
server notes:8000 fail_timeout=0;
}
{% if ACTIVATE_HTTPS %}
server {
server_name {{ NOTES_HOST }};
listen 80;
return 301 https://$server_name$request_uri;
}
{% endif %}
server {
{% if ACTIVATE_HTTPS %}listen 443 {{ "" if WEB_PROXY else "ssl" }};{% else %}listen 80;{% endif %}
server_name notes.localhost {{ NOTES_HOST }};
{% if ACTIVATE_HTTPS and not WEB_PROXY %}
ssl_certificate /etc/letsencrypt/live/{{ NOTES_HOST }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ NOTES_HOST }}/privkey.pem;
{% endif %}
# Disables server version feedback on pages and in headers
server_tokens off;
location / {
{% if not WEB_PROXY %}
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-For $remote_addr;
{% endif %}
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://notes-backend;
}
}