nginx.conf

error_log /var/log/nginx/error.log debug;
​
events { }
​
http {
    proxy_cache_path cache/  keys_zone=auth_cache:1m;
​
    # The application listens on port 9000 as implemented
    # in service.py.
    upstream backend {
      # docker service that was linked under name "demoservice" to us
      server demoservice:9000;
    }
​
    upstream authenticator {
      # docker service that was linked under name "authservice" to us
      server authservice:8000;
    }
​
    # listen on port 8081 for requests that require
    # authentication. Change the port number as appropriate.
    server {
        listen 8081;
​
        # Protected application
        location / {
            auth_request /auth-proxy;
            auth_request_set $userid $upstream_http_x_auth_user;
​
            if ($http_accept ~* "text/html" ) {
                error_page 401 403 =200 /login;
            }
​
            proxy_set_header X-Auth-User $userid;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_pass http://backend/;
        }
​
        location /login {
            proxy_pass http://authenticator/login;
            proxy_set_header X-Target $request_uri;
        }
​
        location = /auth-proxy {
            internal;
​
            proxy_pass http://authenticator/auth;
​
            proxy_pass_request_body off;
            proxy_set_header Content-Length "";
            proxy_set_header X-Dbg $cookie_AUTH;
​
            proxy_set_header X-Target $request_uri;
            proxy_cache auth_cache;
            proxy_cache_valid 200 204 1m;
            proxy_cache_key "$cookie_PHPSESSID";
        }
    }
}