ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-05-06 08:47:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
98b9449e14f7d57c8e3da2cfa117c893e650ae3f
prowler/contrib/reverse-proxy/nginx.conf
T
Boon 98b9449e14 feat: add nginx reverse proxy configuration (#8516) (#10780) 
Co-authored-by: Boon <boon@security8.work>
2026-04-20 17:30:21 +02:00

71 lines
2.1 KiB
Nginx Configuration File
Raw Blame History

# Prowler Reverse Proxy Configuration
# Routes both UI and API through a single endpoint
#
# Usage: See docker-compose.reverse-proxy.yml
# Fixes: https://github.com/prowler-cloud/prowler/issues/8516
upstream prowler-ui {
server prowler-ui:3000;
}
upstream prowler-api {
server prowler-api:8080;
}
server {
listen 80;
server_name _;
# Security headers
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
# API requests — proxy to prowler-api
location /api/ {
proxy_pass http://prowler-api/api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_read_timeout 300s;
proxy_connect_timeout 10s;
# Handle large scan payloads
client_max_body_size 50m;
}
# SAML endpoints — proxy to prowler-api
location /accounts/saml/ {
proxy_pass http://prowler-api/accounts/saml/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
}
# Everything else — proxy to prowler-ui
location / {
proxy_pass http://prowler-ui/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
# WebSocket support for Next.js HMR (dev) and live updates
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
# Health check endpoint
location /health {
access_log off;
return 200 "ok\n";
add_header Content-Type text/plain;
}
}
Reference in New Issue View Git Blame Copy Permalink