Skip to content

Instantly share code, notes, and snippets.



Created Jan 23, 2019
What would you like to do?
Nginx config example of reverse proxy for LDAP and HTTP
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/log/nginx/;
events {
worker_connections 1024;
http {
log_format main '$remote_addr $http_iv_user $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"'
'$request_time $upstream_response_time $pipe';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
server {
# HTTPS terminates here
listen 443 ssl;
keepalive_timeout 240;
proxy_read_timeout 720;
client_max_body_size 30M;
client_header_buffer_size 32k;
large_client_header_buffers 32 256k;
ssl_certificate /etc/nginx/;
ssl_certificate_key /etc/nginx/;
location / {
proxy_pass http://localhost;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
stream {
server {
# LDAPS terminates here
listen 636 ssl;
proxy_pass localhost:389;
ssl_certificate /etc/nginx/;
ssl_certificate_key /etc/nginx/;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment