CCCHH/ansible-infra
CCCHH/ansible-infra
18
0
Fork 0
Code Issues 5 Pull requests Wiki Activity

Use larger buf. size to fix 502s sometimes occur. when going through PVE

Browse source
This commit is contained in:
June 2023-05-26 03:25:22 +02:00 committed by julian
parent 55506a003a
commit ebfa591484
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
playbooks/files/configs/keycloak/nginx/id.ccchh.net.conf
View file

@ -23,6 +23,15 @@ server {
# HSTS (ngx_http_headers_module is required) (63072000 seconds) # HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always; add_header Strict-Transport-Security "max-age=63072000" always;
# To not have 502s sometimes when logging through PVE use bigger buffer_sizes.
# The error seemed to occur after logging in and out and in. Maybe related
# to Keycloak logout settings, but probably not.
# See:
# https://stackoverflow.com/questions/56126864/why-do-i-get-502-when-trying-to-authenticate
# https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffer_size
proxy_buffer_size 128k;
proxy_buffers 8 128k;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;