密钥隐藏(Nginx)的反向代理配置

我有一个在端口8000上运行的spring boot应用程序(带有keycloak适配器)，在8080上运行了keycloak

I have a spring boot application (with keycloak adapter) running on port 8000 and keycloak running on 8080

我已经编辑了/etc/hosts文件，以将来自测试域(foo.bar.com)的请求路由到127.0.0.1

I have edited my /etc/hosts file to route requests coming on my test-domain (foo.bar.com) to route to 127.0.0.1

到目前为止，我对SSL不感兴趣.

I am not interested in SSL as of now.

我的示例nginx配置:

My sample nginx configuration:

server {
    listen       80;
    server_name  foo.bar.com;

   location /myapp {
        proxy_set_header        Host               $host/myapp;
        proxy_set_header        X-Real-IP          $remote_addr;
        proxy_set_header        X-Forwarded-For    $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Host   $host;
        proxy_set_header        X-Forwarded-Server $host;
        proxy_set_header        X-Forwarded-Port   80;
        proxy_set_header        X-Forwarded-Proto  http;

        proxy_pass              http://localhost:8000/;
    }

   location /auth {
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host   $host;
        proxy_set_header X-Forwarded-Proto $scheme;

        proxy_pass              http://localhost:8080;
    }
}

问题:

此样本nginx conf是否足够?我发生了一些无限的重定向.在我的Spring应用程序中，来自keycloak适配器的日志显示: 没有状态Cookie

Will this sample nginx conf be sufficient? I had some infinite redirects happening. Logs from keycloak adapter in my spring application say: No State Cookie

如果我不使用代理服务器，而是直接配置应用程序和keycloak对话，则可以正常工作.我不知道为什么代理服务器会造成问题.

If I do not use proxy server and instead configure the app and keycloak talk directly to each other it works. I wonder why proxy server is creating issues.