Update ingress.conf

tandoor_recipes/rootfs/etc/nginx/servers/ingress.conf

@@ -9,57 +9,63 @@ server
   location /
   {
     # Security
-        allow                   172.30.32.2;
+    ######################
-        deny                    all;
+    allow 172.30.32.2;
+    deny all;
 
     # Base
-        proxy_bind              $server_addr;
+    ######################
-        proxy_pass              http://127.0.0.1:8080;
+    proxy_bind $server_addr;
-        proxy_set_header        Connection              "Upgrade";
+    proxy_pass http://127.0.0.1:8080;
-        proxy_set_header        Upgrade                 $http_upgrade;
+    proxy_set_header Connection "Upgrade";
-        proxy_set_header        Host                    $http_host;
+    proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header        X-Forwarded-For         $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 
-    # Allow ingress subpath
+    # Allow subpath
-        proxy_set_header        X-Script-Name           %%ingress_entry%%;  # IMPORTANT: path has NO trailing slash
+    ######################
-        proxy_cookie_path       /                       %%ingress_entry%%/;
+    proxy_set_header X-Script-Name %%ingress_entry%%; # IMPORTANT: path has NO trailing slash
+    proxy_cookie_path / %%ingress_entry%%/;
 
     # Allow iframe
-        proxy_hide_header       X-Frame-Options;
+    ######################
-        add_header              Access-Control-Allow-Origin *;
+    proxy_hide_header X-Frame-Options;
-        proxy_set_header        Accept-Encoding         "";
+    add_header Access-Control-Allow-Origin *;
+    proxy_set_header Accept-Encoding "";
 
     # Avoid mixed contents
-        if ($http_referer ~* "^(http[s]?)://([^:]+):(\d*)(/.*)$")
+    ######################
-        {
+    if ($http_referer ~* "^(http[s]?)://([^:]+):(\d*)(/.*)$")
-          set $x_scheme $1;
+    {
-          set $x_host $2;
+      set $x_scheme $1;
-          set $x_port ":$3";
+      set $x_host $2;
-        }
+      set $x_port ":$3";
-        if ($http_referer ~* "^(http[s]?)://([^:]+)(/.*)$")
+    }
-        {
+    if ($http_referer ~* "^(http[s]?)://([^:]+)(/.*)$")
-          set $x_scheme $1;
+    {
-          set $x_host $2;
+      set $x_scheme $1;
-          set $x_port "";
+      set $x_host $2;
-        }
+      set $x_port "";
-        proxy_set_header         X-Scheme                 $x_scheme;
+    }
-        proxy_redirect           http://$host/            $x_scheme://$x_host$x_port/;
+    proxy_set_header X-Scheme $x_scheme;
-        proxy_redirect           $x_scheme://$host/       $x_scheme://$x_host$x_port/;
+    proxy_redirect http://$host/ $x_scheme://$x_host$x_port/;
+    proxy_redirect $x_scheme://$host/ $x_scheme://$x_host$x_port/;
 
     # Rewrite url
-        sub_filter_once off;
+    ######################
-        sub_filter_types *;
+    sub_filter_once off;
-        sub_filter "/static" "%%ingress_entry%%/static";
+    sub_filter_types *;
-        sub_filter "/media" "%%ingress_entry%%/media";
+    sub_filter "/static" "%%ingress_entry%%/static";
-        #sub_filter "/view" "%%ingress_entry%%/view";
+    sub_filter "/media" "%%ingress_entry%%/media";
-        #sub_filter "/search" "%%ingress_entry%%/search";
+    #sub_filter "/view" "%%ingress_entry%%/view";
-        #sub_filter "/edit/" "%%ingress_entry%%/edit/";
+    #sub_filter "/search" "%%ingress_entry%%/search";
+    #sub_filter "/edit/" "%%ingress_entry%%/edit/";
 
     # Tests
-        #proxy_set_header X-Real-IP $remote_addr;
+    ######################
-        #proxy_set_header X-Forwarded-Host $server_name;
+    #proxy_set_header X-Real-IP $remote_addr;
-        #proxy_set_header X-Forwarded-Proto $scheme;
+    #proxy_set_header X-Forwarded-Host $server_name;
-
+    #proxy_set_header X-Forwarded-Proto $scheme;
   }
 
 }