tepichord/evolved-npcs-infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
evolved-npcs-infra/hc-vault/nginx/conf/nginx.conf
vandomej 2547c73dc2 Creating VM initialization scripts
2025-09-29 21:51:02 -07:00

40 lines
No EOL
1.3 KiB
Nginx Configuration File
Raw Blame History

# nginx/conf/nginx.conf
events {
worker_connections 1024;
}
http {
server {
listen 443 ssl;
server_name macbook-pro.tailscale-name.ts.net;
ssl_certificate /etc/ssl/tailscale-cert.crt;
ssl_certificate_key /etc/ssl/tailscale-key.key;
location / {
# FIXED: Use container hostname instead of localhost
proxy_pass https://vault:8200;
# Trust Vault's self-signed certificate
proxy_ssl_certificate /etc/vault-certs/vault.crt;
proxy_ssl_certificate_key /etc/vault-certs/vault.key;
proxy_ssl_verify off; # Since you're using mkcert cert
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Important for WebSocket connections (Vault UI)
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
# Optional: HTTP to HTTPS redirect
server {
listen 80;
server_name macbook-pro.tailscale-name.ts.net;
return 301 https://$server_name$request_uri;
}
}
Reference in a new issue View git blame Copy permalink