worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity
LemonLDAP::NG Web SSO
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
15648 Commits
113 Branches
129 Tags
148 MiB
 
 
 
 
 
Tag: Branch: Tree: 0ccd0f3a51
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0ccd0f3a51'
${ noResults }
lemonldap-ng/_example/etc/handler-nginx.conf

64 lines
2.1 KiB
Raw Blame History

#=======================================================================
# Nginx configuration for LemonLDAP::NG Handler
#=======================================================================
# This file implements the reload virtualhost that permits to reload
# configuration without restarting server.
# You need then to declare this vhost in reloadUrls (in the manager
# interface if this server doesn't host the manager itself):
#
# KEY : VALUE
# host-or-IP:port : http://reload.example.com/reload
#
# IMPORTANT:
# To protect applications, see test-nginx.conf template in example files
# Log format
include __CONFDIR__/nginx-lmlog.conf;
#access_log /var/log/nginx/access.log lm_combined;
# Error pages
error_page 403 http://auth.__DNSDOMAIN__/lmerror/403;
error_page 404 http://auth.__DNSDOMAIN__/lmerror/404;
error_page 500 http://auth.__DNSDOMAIN__/lmerror/500;
error_page 502 http://auth.__DNSDOMAIN__/lmerror/502;
error_page 503 http://auth.__DNSDOMAIN__/lmerror/503;
server {
listen __PORT__;
listen [::]:__PORT__;
server_name reload.__DNSDOMAIN__;
root /var/www/html;
# Uncomment this if you are running behind a reverse proxy and want
# LemonLDAP::NG to see the real IP address of the end user
# Adjust the settings to match the IP address of your reverse proxy
# and the header containing the original IP address
# As an alternative, you can use the PROXY protocol
#
#set_real_ip_from 127.0.0.1;
#real_ip_header X-Forwarded-For;
location = /reload {
allow 127.0.0.0/8;
allow ::1/128;
deny all;
# FastCGI configuration
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:__FASTCGISOCKDIR__/llng-fastcgi.sock;
fastcgi_param LLTYPE reload;
# Or with uWSGI
#include /etc/nginx/uwsgi_params;
#uwsgi_pass 127.0.0.1:5000;
#uwsgi_param LLTYPE reload;
}
# Client requests
location / {
# Define variables needed for lmlog
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmremote_custom $upstream_http_lm_remote_custom;
deny all;
}
}