# Generate password with eg.
#
#     $ printf "john:$(openssl passwd -crypt s3cr3t)\n" > passwords
#
# Run:
#
#     $ nginx -p $PWD/nginx/ -c $PWD/nginx_http_auth_deny_path.conf
#

events {
  worker_connections  1024;
}

http {

  upstream elasticsearch {
    server 127.0.0.1:9200;
  }

  server {
    listen 8080;

    auth_basic "Protected Elasticsearch";
    auth_basic_user_file passwords;

    location / {
      if ($request_filename ~ _shutdown) {
        return 403;
        break;
      }

      proxy_pass http://elasticsearch;
      proxy_redirect off;
    }
  }

}