kallithea Changeset - 2c82dd8ba318

Changeset - 2c82dd8ba318

Parent rev.

Child rev.

[Not reviewed]

default

0 1 0

Marcin Kuzminski - 12 years ago 2013-07-01 15:39:01
marcin@python-works.com

Added two headers into example nginx proxy conf that allows container auth
to work properly

1 file changed with 3 insertions and 0 deletions:

docs/setup.rst

0 comments (0 inline, 0 general)

docs/setup.rst

➞

Show inline comments

@@ @@ -545,96 +545,99 @@ Sample config for nginx using proxy:: @@
        ssl_certificate     gist.rhodecode.myserver.com.crt;
        ssl_certificate_key gist.rhodecode.myserver.com.key;
        ssl_session_timeout 5m;
        ssl_protocols SSLv3 TLSv1;
        ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
        ssl_prefer_server_ciphers on;
        rewrite ^/(.+)$ https://rhodecode.myserver.com/_admin/gists/$1;
        rewrite (.*)    https://rhodecode.myserver.com/_admin/gists;
+    }
     server {
        listen          443;
        server_name     rhodecode.myserver.com;
        access_log      /var/log/nginx/rhodecode.access.log;
        error_log       /var/log/nginx/rhodecode.error.log;
        ssl on;
        ssl_certificate     rhodecode.myserver.com.crt;
        ssl_certificate_key rhodecode.myserver.com.key;
        ssl_session_timeout 5m;
        ssl_protocols SSLv3 TLSv1;
        ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
        ssl_prefer_server_ciphers on;
        ## uncomment root directive if you want to serve static files by nginx
        ## requires static_files = false in .ini file
        #root /path/to/installation/rhodecode/public;
        include         /etc/nginx/proxy.conf;
        location / {
             try_files $uri @rhode;
+       }
        location @rhode {
             proxy_pass      http://rc;
+       }
+    }
 Here's the proxy.conf. It's tuned so it will not timeout on long
 pushes or large pushes::
     proxy_redirect              off;
     proxy_set_header            Host $host;
     ## needed for container auth
     #proxy_set_header            REMOTE_USER $remote_user;
     #proxy_set_header            X-Forwarded-User $remote_user;
     proxy_set_header            X-Url-Scheme $scheme;
     proxy_set_header            X-Host $http_host;
     proxy_set_header            X-Real-IP $remote_addr;
     proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;
     proxy_set_header            Proxy-host $proxy_host;
     proxy_buffering             off;
     proxy_connect_timeout       7200;
     proxy_send_timeout          7200;
     proxy_read_timeout          7200;
     proxy_buffers               8 32k;
     client_max_body_size        1024m;
     client_body_buffer_size     128k;
     large_client_header_buffers 8 64k;
 Apache virtual host reverse proxy example
 -----------------------------------------
 Here is a sample configuration file for apache using proxy::
     <VirtualHost *:80>
             ServerName hg.myserver.com
             ServerAlias hg.myserver.com
             <Proxy *>
               Order allow,deny
               Allow from all
             </Proxy>
             #important !
             #Directive to properly generate url (clone url) for pylons
             ProxyPreserveHost On
             #rhodecode instance
             ProxyPass / http://127.0.0.1:5000/
             ProxyPassReverse / http://127.0.0.1:5000/
             #to enable https use line below
             #SetEnvIf X-Url-Scheme https HTTPS=1
     </VirtualHost>
 Additional tutorial
 http://wiki.pylonshq.com/display/pylonscookbook/Apache+as+a+reverse+proxy+for+Pylons
 Apache as subdirectory

0 comments (0 inline, 0 general)