avm/hassio-addons
1
0
Fork 0
mirror of https://github.com/alexbelgium/hassio-addons.git synced 2026-01-11 18:31:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update ingress.conf

Browse Source
This commit is contained in:
Alexandre
2022-06-30 12:11:22 +02:00
committed by GitHub
parent 6f61cc8c35
commit b54cb201b4
1 changed files with 46 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

86
tandoor_recipes/rootfs/etc/nginx/servers/ingress.conf
View File

@@ -9,57 +9,63 @@ server
location /
{
# Security
allow 172.30.32.2;
deny all;
######################
allow 172.30.32.2;
deny all;
# Base
proxy_bind $server_addr;
proxy_pass http://127.0.0.1:8080;
proxy_set_header Connection "Upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
######################
proxy_bind $server_addr;
proxy_pass http://127.0.0.1:8080;
proxy_set_header Connection "Upgrade";
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Allow ingress subpath
proxy_set_header X-Script-Name %%ingress_entry%%; # IMPORTANT: path has NO trailing slash
proxy_cookie_path / %%ingress_entry%%/;
# Allow subpath
######################
proxy_set_header X-Script-Name %%ingress_entry%%; # IMPORTANT: path has NO trailing slash
proxy_cookie_path / %%ingress_entry%%/;
# Allow iframe
proxy_hide_header X-Frame-Options;
add_header Access-Control-Allow-Origin *;
proxy_set_header Accept-Encoding "";
######################
proxy_hide_header X-Frame-Options;
add_header Access-Control-Allow-Origin *;
proxy_set_header Accept-Encoding "";
# Avoid mixed contents
if ($http_referer ~* "^(http[s]?)://([^:]+):(\d*)(/.*)$")
{
set $x_scheme $1;
set $x_host $2;
set $x_port ":$3";
}
if ($http_referer ~* "^(http[s]?)://([^:]+)(/.*)$")
{
set $x_scheme $1;
set $x_host $2;
set $x_port "";
}
proxy_set_header X-Scheme $x_scheme;
proxy_redirect http://$host/ $x_scheme://$x_host$x_port/;
proxy_redirect $x_scheme://$host/ $x_scheme://$x_host$x_port/;
######################
if ($http_referer ~* "^(http[s]?)://([^:]+):(\d*)(/.*)$")
{
set $x_scheme $1;
set $x_host $2;
set $x_port ":$3";
}
if ($http_referer ~* "^(http[s]?)://([^:]+)(/.*)$")
{
set $x_scheme $1;
set $x_host $2;
set $x_port "";
}
proxy_set_header X-Scheme $x_scheme;
proxy_redirect http://$host/ $x_scheme://$x_host$x_port/;
proxy_redirect $x_scheme://$host/ $x_scheme://$x_host$x_port/;
# Rewrite url
sub_filter_once off;
sub_filter_types *;
sub_filter "/static" "%%ingress_entry%%/static";
sub_filter "/media" "%%ingress_entry%%/media";
#sub_filter "/view" "%%ingress_entry%%/view";
#sub_filter "/search" "%%ingress_entry%%/search";
#sub_filter "/edit/" "%%ingress_entry%%/edit/";
######################
sub_filter_once off;
sub_filter_types *;
sub_filter "/static" "%%ingress_entry%%/static";
sub_filter "/media" "%%ingress_entry%%/media";
#sub_filter "/view" "%%ingress_entry%%/view";
#sub_filter "/search" "%%ingress_entry%%/search";
#sub_filter "/edit/" "%%ingress_entry%%/edit/";
# Tests
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-Host $server_name;
#proxy_set_header X-Forwarded-Proto $scheme;
######################
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-Host $server_name;
#proxy_set_header X-Forwarded-Proto $scheme;
}
}