From 3caa4c4aa492dd1ee51a111836365790c63bdee1 Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Wed, 1 Feb 2023 12:25:57 +0300 Subject: fix(ops/www): increase buffer memory size for auth.tvl.fyi Keycloak seems to have decided today that it will now send headers that are larger than what the nginx default configuration can handle. The numbers are a mix of made up and taken from random nginx voodoo posts on the internet, so they're as good a guess as anyone's. Change-Id: If037bcba48eee371cc96304b150276c669930c75 Reviewed-on: https://cl.tvl.fyi/c/depot/+/7992 Tested-by: BuildkiteCI Reviewed-by: flokli Autosubmit: tazjin --- ops/modules/www/auth.tvl.fyi.nix | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'ops') diff --git a/ops/modules/www/auth.tvl.fyi.nix b/ops/modules/www/auth.tvl.fyi.nix index 821cb59a0aa5..a068f023658e 100644 --- a/ops/modules/www/auth.tvl.fyi.nix +++ b/ops/modules/www/auth.tvl.fyi.nix @@ -12,6 +12,10 @@ forceSSL = true; extraConfig = '' + # increase buffer size for large headers + proxy_buffers 8 16k; + proxy_buffer_size 16k; + location / { proxy_pass http://localhost:${toString config.services.keycloak.settings.http-port}; proxy_set_header X-Forwarded-For $remote_addr; -- cgit 1.4.1