From 830814728a84d229b94b563920be17c6d48cb5c1 Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Fri, 29 Jan 2021 20:43:32 +0200
Subject: [PATCH] Set proxy_ssl_trusted_certificate.

Use the CA certificate bundle. For proxying secure services (like using
Vouch).
---
 conf.d/global.conf | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/conf.d/global.conf b/conf.d/global.conf
index 02ef4da..6526997 100644
--- a/conf.d/global.conf
+++ b/conf.d/global.conf
@@ -1,7 +1,8 @@
 # The resolver for the Docker network.
-resolver        127.0.0.11 valid=30s;
-gzip            on;
-tcp_nopush      on;
-tcp_nodelay     on;
-server_tokens   off;
-include         snippets/common-headers.conf;
+resolver                        127.0.0.11 valid=30s;
+gzip                            on;
+tcp_nopush                      on;
+tcp_nodelay                     on;
+server_tokens                   off;
+proxy_ssl_trusted_certificate   /etc/ssl/certs/ca-certificates.crt;
+include                         snippets/common-headers.conf;
-- 
GitLab