Last active
September 14, 2020 04:32
-
-
Save onnimonni/802118148b4eb7c2a135 to your computer and use it in GitHub Desktop.
How to regex from nginx variable with map directive
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## | |
| # I wanted to use same ssl client certificate CA in nginx for multple client certs | |
| # but restrict the users outside our organisation accessing everything. | |
| # Because I can decide what to put into the emailAddress I can force verify everything and only pass the proper users. | |
| ## | |
| ## | |
| # This way you can restrict users only with email addresses from @koodimonni.fi | |
| # Put this into http context in nginx configs | |
| ## | |
| map $ssl_client_s_dn $koodimonni_user { | |
| default "false"; | |
| ~emailAddress=.*@koodimonni.fi "true"; | |
| } | |
| ## | |
| # Use the result in if | |
| ## | |
| if ($koodimonni_user = "true") { | |
| proxy_pass some_super_secure_server; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment