Merge pull request #3243 from quay/fix-old-ssl-handling
Forgot that we use proxy protocol for production, so we need a new block for v1.quay.io
This commit is contained in:
commit
49edf51a48
1 changed files with 20 additions and 1 deletions
|
@ -47,7 +47,7 @@ http {
|
|||
server {
|
||||
include server-base.conf;
|
||||
|
||||
server_name v1.quay.io;
|
||||
server_name v1-staging.quay.io;
|
||||
|
||||
ssl_certificate ../stack/ssl.old.cert;
|
||||
ssl_certificate_key ../stack/ssl.old.key;
|
||||
|
@ -81,6 +81,25 @@ http {
|
|||
access_log /dev/stdout lb_logs;
|
||||
}
|
||||
|
||||
server {
|
||||
server_name v1.quay.io;
|
||||
|
||||
ssl_certificate ../stack/ssl.old.cert;
|
||||
ssl_certificate_key ../stack/ssl.old.key;
|
||||
|
||||
include server-base.conf;
|
||||
|
||||
listen 8443 ssl proxy_protocol;
|
||||
ssl on;
|
||||
|
||||
# This header must be set only for HTTPS
|
||||
add_header Strict-Transport-Security "max-age=63072000; preload";
|
||||
|
||||
real_ip_header proxy_protocol;
|
||||
|
||||
access_log /dev/stdout lb_logs;
|
||||
}
|
||||
|
||||
server {
|
||||
include vhost-traffic-status.conf;
|
||||
|
||||
|
|
Reference in a new issue