Skip to content

Instantly share code, notes, and snippets.

@onnimonni
Last active September 14, 2020 04:32
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
Star You must be signed in to star a gist
Embed
What would you like to do?
How to regex from nginx variable with map directive
##
# I wanted to use same ssl client certificate CA in nginx for multple client certs
# but restrict the users outside our organisation accessing everything.
# Because I can decide what to put into the emailAddress I can force verify everything and only pass the proper users.
##
##
# This way you can restrict users only with email addresses from @koodimonni.fi
# Put this into http context in nginx configs
##
map $ssl_client_s_dn $koodimonni_user {
default "false";
~emailAddress=.*@koodimonni.fi "true";
}
##
# Use the result in if
##
if ($koodimonni_user = "true") {
proxy_pass some_super_secure_server;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment