Here is a basic example of the configuration file for a NGINX reverse proxy.
Port 80 is used only as a reference in this example. It is the port the AWS-ELB set for Artifactory.
This configuration uses LUA module (the section with it is marked in bold). It is recommended to use it, although it is not mandatory.
server {
listen 80;
server_tokens off;
####Server name #####
server_name <my.artifactory.com>;
client_max_body_size 0;
## Application specific logs
## access_log /var/log/nginx/my.artifactory.com-access.log;
## error_log /var/log/nginx/my.artifactory.com-error.log;
location ~* ^/(402\.htm|500\.htm|502\.htm|503\.htm|503-migrate\.htm)$ {
root /usr/share/nginx/html;
}
if ($http_x_forwarded_proto != "https") {
rewrite ^/artifactory/webapp/(.*) https://$host/artifactory/webapp/$1 redirect;
rewrite ^/$ $scheme://$host/artifactory/webapp/#/home redirect;
}
if ($http_x_forwarded_proto = "https") {
rewrite ^/$ https://$host/artifactory/webapp/#/home redirect;
}
#### docker repository name #####
rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/<docker-repo-name>/$1/$2;
header_filter_by_lua '
local myProto = ngx.var["http_x_forwarded_proto"]
if myProto == "https" then
local locHeader = ngx.header["Location"]
if locHeader then
if type(locHeader) == "string" then
local location = ngx.re.match(locHeader, "http[s]?://(.*)", "io")
if location then
ngx.header["Location"] = "https://" .. location[1]
end
end
end
end
';
location /artifactory {
proxy_http_version 1.1;
proxy_pass http://localhost:8081;
proxy_intercept_errors on;
proxy_pass_header Server;
proxy_connect_timeout 75s;
proxy_send_timeout 2400s;
proxy_read_timeout 2400s;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host/artifactory;
}
}