Skip to content

Instantly share code, notes, and snippets.

@jc1518 jc1518/nginx.conf
Created Jan 23, 2019

Embed
What would you like to do?
Nginx config example of reverse proxy for LDAP and HTTP
# http://nginx.org/en/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/log/nginx/nginx.pid;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr $http_iv_user $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"'
'$request_time $upstream_response_time $pipe';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
server {
# HTTPS terminates here
listen 443 ssl;
server_name site.mydomain.com;
keepalive_timeout 240;
proxy_read_timeout 720;
client_max_body_size 30M;
client_header_buffer_size 32k;
large_client_header_buffers 32 256k;
ssl_certificate /etc/nginx/site.mydomain.com.pem;
ssl_certificate_key /etc/nginx/site.mydomain.com.key;
location / {
proxy_pass http://localhost;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
}
stream {
server {
# LDAPS terminates here
listen 636 ssl;
proxy_pass localhost:389;
ssl_certificate /etc/nginx/ldap.mydomain.com.pem;
ssl_certificate_key /etc/nginx/ldap.mydomain.com.key;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.