-
-
Save dimroc/a7d6c211f44138311aef to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Run me with: | |
| # | |
| # $ nginx -p /path/to/this/file/ -c nginx.conf | |
| # | |
| # All requests are then routed to authenticated user's index, so | |
| # | |
| # GET http://user:password@localhost:8080/_search?q=* | |
| # | |
| # is rewritten to: | |
| # | |
| # GET http://localhost:9200/user/_search?q=* | |
| worker_processes 1; | |
| pid nginx.pid; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| server { | |
| listen 8080; | |
| server_name search.example.com; | |
| error_log elasticsearch-errors.log; | |
| access_log elasticsearch.log; | |
| location / { | |
| # Deny access to Cluster API | |
| if ($request_filename ~ "_cluster") { | |
| return 403; | |
| break; | |
| } | |
| # Pass requests to ElasticSearch | |
| proxy_pass http://localhost:9200; | |
| proxy_redirect off; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header Host $http_host; | |
| # Authorize access | |
| auth_basic "ElasticSearch"; | |
| auth_basic_user_file passwords; | |
| # Route all requests to authorized user's own index | |
| rewrite ^(.*)$ /$remote_user$1 break; | |
| rewrite_log on; | |
| return 403; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment