Mechanism to avoid restarting nginx upon every change

Ajay Garg ajaygargnsit at gmail.com
Sun Apr 9 13:55:56 UTC 2017


Hi All.

We are wanting to implement a solution, wherein the user gets proxied to
the appropriate local-url, depending upon the credentials.
Following architecture works like a charm (thanks a ton to
francis at daoine.org, without whom I would not have been able to reach here)
::

####################################################
server {
                listen 2000 ssl;

                ssl_certificate /etc/nginx/ssl/nginx.crt;
                ssl_certificate_key /etc/nginx/ssl/nginx.key;

                location / {
                                        auth_basic 'Restricted';
                                        auth_basic_user_file
/etc/nginx/ssl/.htpasswd;

                                        if ($remote_user =  "user1") {
                                                proxy_pass
https://127.0.0.1:2001 <https://127.0.0.1:2000>;
                                        }

                                        if ($remote_user =  "user2") {
                                                proxy_pass
https://127.0.0.1:2002 <https://127.0.0.1:2000>;
                                        }

                                       # and so on ....

                }
         }
####################################################


Things are good, except that adding any new user information requires
reloading/restarting the nginx server, causing (however small) downtime.

Can this be avoided?
Can the above be implemented using some sort of database, so that the nginx
itself does not have to be down, and the "remote_user <=> proxy_pass"
mapping can be retrieved from a database instead?

Will be grateful for pointers.


Thanks and Regards,
Ajay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20170409/f5b9ec12/attachment.html>


More information about the nginx mailing list