57 lines
1.4 KiB
Text
57 lines
1.4 KiB
Text
#
|
|
# Example of NGINX as reverse-proxy terminating an HTTPS connection.
|
|
#
|
|
# This is not a complete NGINX config.
|
|
#
|
|
# Please refer to NGINX docs
|
|
#
|
|
|
|
# Note provided by Gabe R.: if you are using nginx as proxy server for Apache2
|
|
# make sure your nginx config DOES NOT contain the following
|
|
# -----
|
|
# location ~ /.well-known {
|
|
# allow all;
|
|
# }
|
|
# -----
|
|
...
|
|
|
|
|
|
##
|
|
# by https://syshero.org/2018-04-13-nginx-unique-request-identifier/
|
|
# if X-Request-ID is set, NGINX will forward the same value to the next upstream
|
|
# if the header is not set, NGINX will generate a random request identifier and add it to the request.
|
|
#
|
|
# To guarantee backward compatibility, map to format the $request_id variable to a format that matches any old setups.
|
|
##
|
|
|
|
map $request_id $formatted_id {
|
|
"~*(?<p1>[0-9a-f]{8})(?<p2>[0-9a-f]{4})(?<p3>[0-9a-f]{4})(?<p4>[0-9a-f]{4})(?<p5>.*)$" "${p1}-${p2}-${p3}-${p4}-${p5}";
|
|
}
|
|
|
|
map $http_x_request_id $uuid {
|
|
default "${request_id}";
|
|
~* "${http_x_request_id}";
|
|
}
|
|
|
|
|
|
server {
|
|
|
|
...
|
|
|
|
# assuming Friendica runs on port 8080
|
|
location / {
|
|
if ( $scheme != https ) {
|
|
# Force Redirect to HTTPS
|
|
return 302 https://$host$uri;
|
|
}
|
|
proxy_pass http://localhost:8080;
|
|
proxy_redirect off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header Forwarded "for=$proxy_add_x_forwarded_for; proto=$scheme";
|
|
proxy_set_header X-Request-ID $uuid;
|
|
}
|
|
|
|
...
|
|
|
|
}
|