You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
98 lines
3.1 KiB
Nginx Configuration File
98 lines
3.1 KiB
Nginx Configuration File
worker_processes auto;
|
|
worker_cpu_affinity auto;
|
|
|
|
#pid /var/run/nginx.pid;
|
|
error_log /dev/stderr warn;
|
|
|
|
events {
|
|
worker_connections 1024;
|
|
}
|
|
|
|
http {
|
|
# rewrite_log on;
|
|
include mime.types;
|
|
default_type application/json;
|
|
access_log /dev/stdout;
|
|
sendfile on;
|
|
# tcp_nopush on;
|
|
keepalive_timeout 3;
|
|
# tcp_nodelay on;
|
|
gzip on;
|
|
|
|
proxy_cache_path ./cache/ keys_zone=auth_cache:5m;
|
|
client_max_body_size 1M;
|
|
|
|
server {
|
|
listen 8080 default_server;
|
|
server_name _;
|
|
|
|
absolute_redirect off;
|
|
|
|
location / {
|
|
root /var/www/html;
|
|
index index.html;
|
|
|
|
try_files $uri $uri/ /index.html;
|
|
}
|
|
|
|
location = /ldap-auth {
|
|
internal;
|
|
proxy_pass_request_body off;
|
|
client_max_body_size 0; # has to be set even tho the body is not passed
|
|
proxy_set_header Content-Length "";
|
|
#proxy_cache auth_cache;
|
|
#proxy_cache_valid 200 5m;
|
|
#proxy_cache_key $scheme$proxy_host$request_uri$remote_user;
|
|
proxy_pass http://nginx-ldap-auth:8888;
|
|
proxy_set_header X-Ldap-URL "ldap://ldap/";
|
|
proxy_set_header X-Ldap-Template "(uid=%(username)s)";
|
|
proxy_set_header X-Ldap-BaseDN "ou=users,dc=example,dc=com";
|
|
#proxy_set_header X-Ldap-BindDN "cn=test,dc=example,dc=com";
|
|
#proxy_set_header X-Ldap-BindPass "test";
|
|
}
|
|
|
|
#location ~ ^/api/dav/files/(?<userpath>(\w+))(|(?<filename>/.*))$ {
|
|
location ~ ^/api/dav/files(?<filename>.*)$ {
|
|
|
|
if ( $request_method = OPTIONS ) {
|
|
add_header "Access-Control-Allow-Origin" *;
|
|
add_header "Access-Control-Allow-Methods" *;
|
|
add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
|
|
}
|
|
|
|
if ($remote_user = "") {
|
|
add_header "WWW-Authenticate" "Basic realm=\"Restricted\"";
|
|
return 401;
|
|
}
|
|
|
|
proxy_set_header X-Auth "nginxauth";
|
|
proxy_set_header Cookie nginxauth=$cookie_nginxauth;
|
|
proxy_set_header Authorization $http_authorization;
|
|
|
|
auth_request /ldap-auth;
|
|
auth_request_set $new_cookie $sent_http_set_cookie;
|
|
|
|
add_header "Set-Cookie" $new_cookie;
|
|
add_header "X-Auth" $sent_http_set_cookie;
|
|
auth_basic "Restricted";
|
|
#auth_basic_user_file /opt/nginx/htpasswd;
|
|
satisfy any;
|
|
|
|
alias /media/$remote_user$filename;
|
|
|
|
client_max_body_size 120G;
|
|
client_body_temp_path /tmp/nginx/client-body;
|
|
create_full_put_path on;
|
|
autoindex on;
|
|
autoindex_exact_size off;
|
|
autoindex_localtime on;
|
|
autoindex_format html;
|
|
charset utf-8;
|
|
|
|
dav_methods PUT DELETE MKCOL COPY MOVE;
|
|
dav_ext_methods PROPFIND OPTIONS;
|
|
dav_access user:rw group:rw all:rw;
|
|
}
|
|
}
|
|
}
|