37 lines
975 B
Plaintext
37 lines
975 B
Plaintext
server {
|
|
listen 80;
|
|
server_name localhost;
|
|
|
|
client_max_body_size 16M;
|
|
|
|
# serve static files
|
|
location /static/ {
|
|
alias /static/;
|
|
}
|
|
# serve media files
|
|
location /media/ {
|
|
alias /media/;
|
|
}
|
|
|
|
# Authelia endpoint for authentication requests
|
|
include /config/nginx/auth.conf;
|
|
|
|
# pass requests for dynamic content to gunicorn
|
|
location / {
|
|
proxy_set_header Host $host;
|
|
proxy_pass http://web_recipes:8080;
|
|
|
|
# Ensure Authelia is specifically required for this endpoint
|
|
# This line is important as it will return a 401 error if the user doesn't have access
|
|
include /config/nginx/authelia.conf;
|
|
|
|
auth_request_set $user $upstream_http_remote_user;
|
|
proxy_set_header REMOTE-USER $user;
|
|
}
|
|
|
|
# Required to allow user to logout of authentication from within Recipes
|
|
# Ensure the <auth_endpoint> below is changed to actual the authentication url
|
|
location /accounts/logout/ {
|
|
return 301 http://<auth_endpoint>/logout
|
|
}
|
|
} |