Nginx config example of reverse proxy for LDAP and HTTP
# http://nginx.org/en/docs/ | |
user nginx; | |
worker_processes auto; | |
error_log /var/log/nginx/error.log warn; | |
pid /var/log/nginx/nginx.pid; | |
events { | |
worker_connections 1024; | |
} | |
http { | |
log_format main '$remote_addr $http_iv_user $remote_user [$time_local] "$request" ' | |
'$status $body_bytes_sent "$http_referer" ' | |
'"$http_user_agent" "$http_x_forwarded_for"' | |
'$request_time $upstream_response_time $pipe'; | |
access_log /var/log/nginx/access.log main; | |
sendfile on; | |
tcp_nopush on; | |
tcp_nodelay on; | |
keepalive_timeout 65; | |
types_hash_max_size 2048; | |
include /etc/nginx/mime.types; | |
default_type application/octet-stream; | |
server { | |
# HTTPS terminates here | |
listen 443 ssl; | |
server_name site.mydomain.com; | |
keepalive_timeout 240; | |
proxy_read_timeout 720; | |
client_max_body_size 30M; | |
client_header_buffer_size 32k; | |
large_client_header_buffers 32 256k; | |
ssl_certificate /etc/nginx/site.mydomain.com.pem; | |
ssl_certificate_key /etc/nginx/site.mydomain.com.key; | |
location / { | |
proxy_pass http://localhost; | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
} | |
error_page 500 502 503 504 /50x.html; | |
location = /50x.html { | |
root /usr/share/nginx/html; | |
} | |
} | |
} | |
stream { | |
server { | |
# LDAPS terminates here | |
listen 636 ssl; | |
proxy_pass localhost:389; | |
ssl_certificate /etc/nginx/ldap.mydomain.com.pem; | |
ssl_certificate_key /etc/nginx/ldap.mydomain.com.key; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment