Browse Source

Update NGINX config

master
Joshua Rubingh 1 year ago
parent
commit
d03ace364b
  1. 7
      docker/project.env
  2. 9
      docker/project.example.env
  3. 3
      nginx/api.vhost.conf

7
docker/project.env

@ -135,6 +135,9 @@ VRW_API_EMAIL=vrw+no-reply@rug.nl @@ -135,6 +135,9 @@ VRW_API_EMAIL=vrw+no-reply@rug.nl
# The IP number of the Loadbalancer which may change the IP address based on X-Forwarded-For in NGINX
NGINX_REAL_IP_SOURCE_IP=127.0.0.1
# The secret file that is created by Kubernets which holds all the valid IP addresses to access the admin
# The config file that is created by Kubernets which holds all the valid IP addresses that is allowed to overwrite the IP address of the client. Mostly loadbalancers
# Leave emtpy to disable this security measure
NGINX_VALID_ADMIN_IP_LIST=
NGINX_REAL_IP_LIST=
# The config file that is created by Kubernets which holds all the valid IP addresses to access the admin
# Leave emtpy to disable this security measure
NGINX_VALID_ADMIN_IP_LIST=

9
docker/project.example.env

@ -77,4 +77,11 @@ VRW_API_USER=vrw @@ -77,4 +77,11 @@ VRW_API_USER=vrw
# The VRW password for the REST API
VRW_API_PASSWORD=securepassword
# The VRW email address for the REST API
VRW_API_EMAIL=vrw+no-reply@rug.nl
VRW_API_EMAIL=vrw+no-reply@rug.nl
# The config file that is created by Kubernets which holds all the valid IP addresses that is allowed to overwrite the IP address of the client. Mostly loadbalancers
# Leave emtpy to disable this security measure
NGINX_REAL_IP_LIST=
# The config file that is created by Kubernets which holds all the valid IP addresses to access the admin
# Leave emtpy to disable this security measure
NGINX_VALID_ADMIN_IP_LIST=

3
nginx/api.vhost.conf

@ -46,8 +46,7 @@ server { @@ -46,8 +46,7 @@ server {
# include snippets/snakeoil.conf;
# Get the real IP from the visitor through loadbalancers
set_real_ip_from ${NGINX_REAL_IP_SOURCE_IP};
real_ip_header X-Forwarded-For;
${NGINX_REAL_IP_LIST}
root /var/www/html;

Loading…
Cancel
Save