location {{ path }} { set $forward_scheme {{ forward_scheme }}; set $forward_host {{ forward_host }}; set $forward_port {{ forward_port }}; proxy_set_header Host $host; proxy_set_header X-Forwarded-Scheme $scheme; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Real-IP $remote_addr; {% assign location_path_end_char = path | slice: -1 %} {% assign forward_path_end_char = forward_path | slice: -1 %} {% if location_path_end_char == "/" and forward_path_end_char != "/" %} if ($request_uri ~ "{{ path }}(.*$)") { # Location path ends with / so the regex match will exclude that slash from the match, # but forward path doesn't, so we must prefix $path_remainder with a slash. set $uri_remainder /$1; } {% elsif location_path_end_char != "/" and forward_path_end_char == "/" %} # Location path does not have a trailing / but forward path does, # so we make sure to capture $uri_remainder without a leading slash. if ($request_uri ~ "{{ path }}/(.*$)") { set $uri_remainder $1; } {% else %} # Either both location path and forward path have a trailing /, or neither do. # If both do, then we need to capture $uri_remainder without a leading /, but if neither do, # then we need to capture $uri_remainder with a leading slash (if it has one - it could just be some GET parameters). # The code for both scenarios happens to be the same. if ($request_uri ~ "{{ path }}(.*$)") { set $uri_remainder $1; } {% endif %} proxy_pass $forward_scheme://$forward_host:$forward_port{{ forward_path }}$uri_remainder; {% include "_access.conf" %} {% include "_assets.conf" %} {% include "_exploits.conf" %} {% include "_forced_ssl.conf" %} {% include "_hsts.conf" %} {% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %} proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_http_version 1.1; {% endif %} {{ advanced_config }} }