1
0
stack-orchestrator/config/keycloak/nginx/keycloak_proxy.conf
Thomas E Lackey df0bf549a2
Keycloak + nginx reverse proxy (#63)
* Example Keycloak config.

* Proxy for geth, ipld-eth-server, and lighthouse.

* Add metrics.
2022-12-14 12:59:40 -06:00

70 lines
1.8 KiB
Plaintext

server {
listen 80;
listen [::]:80;
server_name localhost;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
### geth
location ~ ^/eth/?([^/]*)$ {
set $apiKey $1;
if ($apiKey = '') {
set $apiKey $http_X_API_KEY;
}
auth_request /auth;
proxy_buffering off;
rewrite /.*$ / break;
proxy_pass http://fixturenet-eth-geth-1:8545;
}
### ipld-eth-server
# location ~ ^/ipld/eth/([^/]*)$ {
# set $apiKey $1;
# if ($apiKey = '') {
# set $apiKey $http_X_API_KEY;
# }
# auth_request /auth;
# proxy_buffering off;
# rewrite /.*$ / break;
# proxy_pass http://ipld-eth-server:8081;
# }
#
# location ~ ^/ipld/gql/([^/]*)$ {
# set $apiKey $1;
# if ($apiKey = '') {
# set $apiKey $http_X_API_KEY;
# }
# auth_request /auth;
# proxy_buffering off;
# rewrite /.*$ / break;
# proxy_pass http://ipld-eth-server:8082;
# }
#
### lighthouse
# location /beacon/ {
# set $apiKey $http_X_API_KEY;
# auth_request /auth;
# proxy_buffering off;
# proxy_pass http://fixturenet-eth-lighthouse-1:8001/;
# }
location = /auth {
internal;
proxy_buffering off;
resolver 127.0.0.11 ipv6=off;
proxy_pass http://keycloak:8080/auth/realms/cerc/check?apiKey=$apiKey;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
proxy_set_header X-Original-Remote-Addr $remote_addr;
proxy_set_header X-Original-Host $host;
}
# location = /basic_status {
# stub_status;
# }
}