3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-24 21:48:23 +02:00
Code Issues Projects Releases Packages Wiki Activity

nginx: fix docs (#1691)

Browse source 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
This commit is contained in:
bobby 2020-12-15 13:25:46 -08:00 committed by GitHub
parent 931c87d85c
commit d3c697d3e4
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 51 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

1
examples/nginx/config.yaml
View file

@ -19,3 +19,4 @@ policy:
allowed_domains:
- pomerium.com
- gmail.com
pass_identity_headers: true

4
examples/nginx/docker-compose.yaml
View file

@ -1,6 +1,10 @@
version: "3"
services:
nginx:
# to emulate nginx-ingress behavior, use openresty which comes with 'escaped_request_uri'
# pre-compiled. Also uncomment lines marked `uncomment to emulate nginx-ingress behavior`
# in the nginx `.conf` configuration files.
# image: openresty/openresty
image: nginx
restart: unless-stopped
ports:

11
examples/nginx/httpbin.conf
View file

@ -38,15 +38,22 @@ server {
# Pass the extracted client certificate to the auth provider
set $target http://pomerium/verify?uri=$scheme://$http_host$request_uri&rd=$pass_access_scheme://$http_host$escaped_request_uri;
set $target http://pomerium/verify?uri=$scheme://$http_host$request_uri;
# uncomment to emulate nginx-ingress behavior
# set $target http://pomerium/verify?uri=$scheme://$http_host$request_uri&rd=$pass_access_scheme://$http_host$escaped_request_uri;
proxy_pass $target;
}
location @authredirect {
internal;
add_header Set-Cookie $auth_cookie;
# uncomment to emulate nginx-ingress behavior
# return 302 https://fwdauth.localhost.pomerium.io/?uri=$scheme://$host$request_uri&rd=$pass_access_scheme://$http_host$escaped_request_uri;
return 302
https://fwdauth.localhost.pomerium.io/?uri=$scheme://$host$request_uri&rd=$pass_access_scheme://$http_host$escaped_request_uri;
https://fwdauth.localhost.pomerium.io/?uri=$scheme://$host$request_uri;
}
location / {

3
examples/nginx/proxy.conf
View file

@ -19,7 +19,8 @@ proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "";
set_escape_uri $escaped_request_uri $request_uri;
# uncomment to emulate nginx-ingress
# set_escape_uri $escaped_request_uri $request_uri;
# proxy_set_header X-Request-ID $req_id;
proxy_set_header X-Real-IP $remote_addr;