Forgot that we use proxy protocol for production, so we need a new block for v1.quay.io

This commit is contained in:
Joseph Schorr 2018-09-06 13:59:21 -04:00
parent 7bc173ed62
commit d71201ac50

View file

@ -47,7 +47,7 @@ http {
server { server {
include server-base.conf; include server-base.conf;
server_name v1.quay.io; server_name v1-staging.quay.io;
ssl_certificate ../stack/ssl.old.cert; ssl_certificate ../stack/ssl.old.cert;
ssl_certificate_key ../stack/ssl.old.key; ssl_certificate_key ../stack/ssl.old.key;
@ -81,6 +81,25 @@ http {
access_log /dev/stdout lb_logs; access_log /dev/stdout lb_logs;
} }
server {
server_name v1.quay.io;
ssl_certificate ../stack/ssl.old.cert;
ssl_certificate_key ../stack/ssl.old.key;
include server-base.conf;
listen 8443 ssl proxy_protocol;
ssl on;
# This header must be set only for HTTPS
add_header Strict-Transport-Security "max-age=63072000; preload";
real_ip_header proxy_protocol;
access_log /dev/stdout lb_logs;
}
server { server {
include vhost-traffic-status.conf; include vhost-traffic-status.conf;