-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathnginx.conf.template
More file actions
62 lines (53 loc) · 1.88 KB
/
nginx.conf.template
File metadata and controls
62 lines (53 loc) · 1.88 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
worker_processes auto;
daemon off;
pid $NGINX_PID_PATH;
error_log $NGINX_ERROR_LOG_PATH;
# Run worker processes as root so that they can access root-owned Unix domain sockets.
user root;
events {
worker_connections 1024;
}
http {
access_log $NGINX_ACCESS_LOG_PATH;
default_type application/octet-stream;
sendfile on;
# See https://nginx.org/en/docs/http/websocket.html.
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 3000;
server_name localhost;
# Dynamic per-user routes (written by main server)
include $NGINX_CONF_DIR/user-routes/*.conf;
# Block unmatched /_vs/* — only allow user routes installed above
location /_vs/ {
return 404;
}
# Target of `auth_request` in VSCode user routes.
# See https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-subrequest-authentication/.
# Mostly identical to the blanket forwarding route below,
# but importantly skips Upgrade/Connection headers:
# WebSocket connections to VSCode are broken if we forward these.
location /api/auth-vsc/ {
# Can only be reached by internal requests
internal;
proxy_pass http://127.0.0.1:3002;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
}
# Everything else -> main server
location / {
proxy_pass http://127.0.0.1:3002;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
# Allow WebSocket connections for Next.js HMR
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_buffering off;
}
}
}