upstream auth_web { server auth_web:3000; } upstream auth_api { server auth_api:3001; } map $request_method $login_proxy { POST http://auth_api/$AUTH_MODE/login; GET http://auth_web; } upstream app { server $APPLICATION; } include /etc/nginx/include/upstream.conf; server { listen 80; include /etc/nginx/mime.types; gzip on; gzip_min_length 1000; gzip_proxied any; gzip_comp_level 1; gzip_types text/css text/javascript text/xml text/plain text/x-component application/javascript application/json application/xml application/rss+xml font/truetype font/opentype application/vnd.ms-fontobject image/svg+xml; gzip_vary on; gzip_disable "msie6"; error_page 401 /login; location = /auth { internal; proxy_pass http://auth_api; proxy_pass_request_body off; proxy_set_header Content-Length ""; proxy_set_header refresh-token $refresh_token; proxy_intercept_errors on; } location /login { proxy_pass $login_proxy; } location ~ ^/(logout|get-user)$ { proxy_pass http://auth_api/$AUTH_MODE/$1; } location / { set $refresh_token $REFRESH_TOKEN; proxy_pass http://app; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; include /etc/nginx/include/auth.conf; } location = /health { access_log off; add_header 'Content-Type' 'application/json'; return 200 'UP'; } include /etc/nginx/include/location.conf; }