Commit e5aa26ed authored by Łukasz Nowak's avatar Łukasz Nowak

caddy-frontend: Drop REMOTE_USER header

It is used internally for communication between backend and the server.
parent c24e81d0
......@@ -50,11 +50,11 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b
[template-default-slave-virtualhost]
filename = templates/default-virtualhost.conf.in
md5sum = 19322acbbb17eaca36a51ce1aec47230
md5sum = 113d1708520bca2ebbd72d84b440c37b
[template-cached-slave-virtualhost]
filename = templates/cached-virtualhost.conf.in
md5sum = 7a1fa1239f29cf1a3f6f578f6ff05ca3
md5sum = eafc7e73d7fe47ba9930343bcb876d63
[template-log-access]
filename = templates/template-log-access.conf.in
......
......@@ -17,6 +17,9 @@
{%- endif %}
# Rewrite part
proxy / {{ slave_parameter.get('backend_url', '') }} {
# As backend is trusting REMOTE_USER header unset it always
header_upstream -REMOTE_USER
transparent
timeout 600s
{%- if ssl_proxy_verify %}
......@@ -37,6 +40,8 @@
{%- endif %}
## tls {{ slave_parameter.get('path_to_ssl_crt', slave_parameter.get('login_certificate')) }} {{ slave_parameter.get('path_to_ssl_key', slave_parameter.get('login_key')) }}
proxy / {{ slave_parameter.get('https_backend_url', '') }} {
# As backend is trusting REMOTE_USER header unset it always
header_upstream -REMOTE_USER
transparent
timeout 600s
{%- if ssl_proxy_verify %}
......
......@@ -48,6 +48,9 @@
{% if slave_type == 'zope' and backend_url %}
proxy / {{ backend_url }} {
# As backend is trusting REMOTE_USER header unset it always
header_upstream -REMOTE_USER
{% if disable_via_header %}
header_downstream -Via
{% endif -%}
......@@ -91,6 +94,9 @@
{%- if backend_url %}
proxy / {{ backend_url }} {
# As backend is trusting REMOTE_USER header unset it always
header_upstream -REMOTE_USER
{% if disable_via_header %}
header_downstream -Via
{% endif -%}
......@@ -142,6 +148,9 @@
}
{% elif slave_type == 'zope' and backend_url %}
proxy / {{ backend_url }} {
# As backend is trusting REMOTE_USER header unset it always
header_upstream -REMOTE_USER
{% if disable_via_header %}
header_downstream -Via
{% endif -%}
......@@ -180,6 +189,9 @@
{% endif -%}
{%- if slave_parameter.get('url', '') %}
proxy / {{ slave_parameter.get('url', '') }} {
# As backend is trusting REMOTE_USER header unset it always
header_upstream -REMOTE_USER
{% if disable_via_header %}
header_downstream -Via
{% endif -%}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment