| ktimoney | b3aef7b | 2021-09-13 08:27:58 +0100 | [diff] [blame] | 1 | server { |
| 2 | |
| 3 | listen 2443 default ssl; |
| 4 | ssl_protocols TLSv1.2; |
| 5 | {{ if .Values.global.aafEnabled }} |
| 6 | ssl_certificate {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_pem}}; |
| 7 | ssl_certificate_key {{.Values.certInitializer.credsPath}}/{{.Values.certInitializer.clamp_key}}; |
| 8 | {{ else }} |
| 9 | ssl_certificate /etc/ssl/clamp.pem; |
| 10 | ssl_certificate_key /etc/ssl/clamp.key; |
| 11 | {{ end }} |
| 12 | |
| 13 | ssl_verify_client optional_no_ca; |
| 14 | absolute_redirect off; |
| 15 | |
| 16 | location / { |
| 17 | root /usr/share/nginx/html; |
| 18 | index index.html index.htm; |
| 19 | try_files $uri $uri/ =404; |
| 20 | } |
| 21 | |
| 22 | location /clamp/restservices/clds/ { |
| 23 | proxy_pass https://policy-clamp-be:8443/restservices/clds/; |
| 24 | proxy_set_header X-SSL-Cert $ssl_client_escaped_cert; |
| 25 | } |
| 26 | |
| 27 | location = /50x.html { |
| 28 | root /var/lib/nginx/html; |
| 29 | } |
| 30 | error_page 500 502 503 504 /50x.html; |
| 31 | error_log /var/log/nginx/error.log warn; |
| 32 | } |