two identical keycloak servers + nginx as reverse proxy
Gregory Edigarov
edigarov at qarea.com
Mon Nov 25 10:24:18 UTC 2019
Hello,
Can somebody enlighten me please?
i have two identical keycloak servers running in HA mode via DNS
discovery keycloak1.my.domain & keycloak2.my.domain
the dns discovery record is: keycloak.my.domain
this part is working no questions.
no i am trying to add nginx to the picture:
upstream signin {
server 172.19.24.13:8080;
server 172.19.24.16:8080;
}
server {
listen 443;
ignore_invalid_headers off;
ssl on;
ssl_certificate /etc/ssl/my.domain.crt;
ssl_certificate_key /etc/ssl/my.domain.key;
server_name signin.my.domain;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location / {
proxy_pass http://signin;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
}
every request to https://signin.my.domain results in error 500, and in
logs i see:
rewrite or internal redirection cycle while internally redirecting to
"////////////",
i know exactly that keycloak part work , i could go to
keycloak.my.domain in my browser no problem.
More information about the nginx
mailing list