Skip to content

Instantly share code, notes, and snippets.

@mingtsay
Last active April 14, 2018 09:23
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save mingtsay/efcb5c72ad20692ba64506f21806dece to your computer and use it in GitHub Desktop.
server {
include listen_both;
server_name gov-proxy.rmstudio.tw;
ssl_certificate /root/.acme.sh/gov-proxy.rmstudio.tw_ecc/fullchain.cer;
ssl_certificate_key /root/.acme.sh/gov-proxy.rmstudio.tw_ecc/gov-proxy.rmstudio.tw.key;
underscores_in_headers on;
location ~ ^/(?<gov_host>(.+?\.)?gov\.tw)(?<gov_query>(/.*)?)$ {
proxy_set_header Host $gov_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass_request_headers on;
proxy_ssl_trusted_certificate /etc/nginx/GRCA2.crt;
proxy_pass https://$gov_host$gov_query;
more_set_headers 'Access-Control-Allow-Origin: *';
etag on;
break;
}
location / {
if ($http_referer ~ ^https://gov-proxy\.rmstudio\.tw/(?<gov_host>(.+?\.)?gov\.tw)/?) {
return 302 $scheme://$host/$gov_host$request_uri;
}
return 403;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment