https://domainname.com/ui/vault
通过打字:
https://domainname.com/vault
proxy_pass http://backend_vault/$1
proxy_pass http://backend_vault/vault
proxy_pass http://backend_vault/ui/vault
我变得困惑谢谢你
在nginx的完整示例中使用辅助文件,以下Nginx.conf仅使用Hashicorp Vault UI进行了测试。 如果要加载余额Hashicorp Vault API,则可以使用一个不同的示例
:
user www-data www-data; ## Default: nobody
worker_processes 5; ## Default: 1
error_log logs/error.log;
pid logs/nginx.pid;
worker_rlimit_nofile 8192;
events {
worker_connections 4096; ## Default: 1024
}
http {
include conf/mime.types;
include /etc/nginx/proxy.conf;
include /etc/nginx/fastcgi.conf;
index index.html index.htm index.php;
default_type application/octet-stream;
log_format main - []
;
access_log logs/access.log main;
sendfile on;
tcp_nopush on;
server_names_hash_bucket_size 128; # this seems to be required for some vhosts
upstream vault_backend {
server 192.168.56.140:8200;
server 192.168.56.141:8200;
server 192.168.56.142:8200;
}
server {
listen 80;
#server_name animal-control;
root /var/tmp/www;
# pass requests for dynamic content to rails/turbogears/zope, et al
location / {
try_files $uri $uri/ $uri.html =404;
}
# This location is used to handle redirects send by HA Vault Cluster
location @handle_vault_standby {
set $saved_vault_endpoint '$upstream_http_location';
proxy_pass $saved_vault_endpoint;
}
location /vault/ {
access_log logs/vault_access.log main;
error_log logs/vault_error.log debug;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Accept-Encoding "";
# to proxy WebSockets in nginx
proxy_pass https://vault_backend/;
proxy_redirect /ui/ /vault/ui/;
proxy_redirect /v1/ /vault/v1/;
proxy_buffering off;
#rewrite html baseurkl
sub_filter '<head>' '<head><base href="/vault/">';
#sub_filter_once on;
sub_filter '"/ui/' '"ui/';
sub_filter_once off;
#sub_filter_types application/javascript text/html;
}
location /v1/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Accept-Encoding "";
proxy_pass https://vault_backend;
proxy_redirect /v1/ /vault/v1/;
#rewrite html baseurkl
sub_filter_once on;
sub_filter '"/v1/' '"/vault/v1/';
sub_filter_types application/javascript text/html;}
proxy_buffering off;
proxy_no_cache 1;
proxy_cache_bypass 1;
}
}
这对我有用:
Https://github.com/samirpatil2000/hashicorp-vault-nginxserver {
listen 8088;
server_name localhost;
location /vault/ {
rewrite ^/vault(/.*)$ $1 break; # Rewrites /vault/ path to root path when forwarding
proxy_pass http://localhost:8200/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /ui/ {
proxy_pass http://localhost:8200/ui/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /v1/ {
proxy_pass http://localhost:8200/v1/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}