friendica-github/mods/sample-nginx-reverse-proxy.config
2022-12-26 21:18:05 +01:00

57 lines
1.4 KiB
Text

#
# Example of NGINX as reverse-proxy terminating an HTTPS connection.
#
# This is not a complete NGINX config.
#
# Please refer to NGINX docs
#
# Note provided by Gabe R.: if you are using nginx as proxy server for Apache2
# make sure your nginx config DOES NOT contain the following
# -----
# location ~ /.well-known {
# allow all;
# }
# -----
...
##
# by https://syshero.org/2018-04-13-nginx-unique-request-identifier/
# if X-Request-ID is set, NGINX will forward the same value to the next upstream
# if the header is not set, NGINX will generate a random request identifier and add it to the request.
#
# To guarantee backward compatibility, map to format the $request_id variable to a format that matches any old setups.
##
map $request_id $formatted_id {
"~*(?<p1>[0-9a-f]{8})(?<p2>[0-9a-f]{4})(?<p3>[0-9a-f]{4})(?<p4>[0-9a-f]{4})(?<p5>.*)$" "${p1}-${p2}-${p3}-${p4}-${p5}";
}
map $http_x_request_id $uuid {
default "${request_id}";
~* "${http_x_request_id}";
}
server {
...
# assuming Friendica runs on port 8080
location / {
if ( $scheme != https ) {
# Force Redirect to HTTPS
return 302 https://$host$uri;
}
proxy_pass http://localhost:8080;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Forwarded "for=$proxy_add_x_forwarded_for; proto=$scheme";
proxy_set_header X-Request-ID $uuid;
}
...
}