diff options
author | Vincent Ambo <mail@tazj.in> | 2023-02-01T09·25+0300 |
---|---|---|
committer | tazjin <tazjin@tvl.su> | 2023-02-01T09·30+0000 |
commit | 3caa4c4aa492dd1ee51a111836365790c63bdee1 (patch) | |
tree | e33b59f87adccd5bdb388209f85d099a9bbe75fe /ops/modules/www | |
parent | 5f62cd1ad5a1217ea6b47ec826908d0b298925a9 (diff) |
fix(ops/www): increase buffer memory size for auth.tvl.fyi r/5798
Keycloak seems to have decided today that it will now send headers that are larger than what the nginx default configuration can handle. The numbers are a mix of made up and taken from random nginx voodoo posts on the internet, so they're as good a guess as anyone's. Change-Id: If037bcba48eee371cc96304b150276c669930c75 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7992 Tested-by: BuildkiteCI Reviewed-by: flokli <flokli@flokli.de> Autosubmit: tazjin <tazjin@tvl.su>
Diffstat (limited to 'ops/modules/www')
-rw-r--r-- | ops/modules/www/auth.tvl.fyi.nix | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/ops/modules/www/auth.tvl.fyi.nix b/ops/modules/www/auth.tvl.fyi.nix index 821cb59a0aa5..a068f023658e 100644 --- a/ops/modules/www/auth.tvl.fyi.nix +++ b/ops/modules/www/auth.tvl.fyi.nix @@ -12,6 +12,10 @@ forceSSL = true; extraConfig = '' + # increase buffer size for large headers + proxy_buffers 8 16k; + proxy_buffer_size 16k; + location / { proxy_pass http://localhost:${toString config.services.keycloak.settings.http-port}; proxy_set_header X-Forwarded-For $remote_addr; |