From d43e3e2ce39eed3ab0327ee9a12608a6279c4dce Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Sat, 16 Jan 2021 23:12:26 +0200
Subject: [PATCH] LDAP account manager.

Access LAM on its own domain (from inside the network only).
---
 conf.d/lam.shore.co.il | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 conf.d/lam.shore.co.il

diff --git a/conf.d/lam.shore.co.il b/conf.d/lam.shore.co.il
new file mode 100644
index 0000000..b8f7eff
--- /dev/null
+++ b/conf.d/lam.shore.co.il
@@ -0,0 +1,30 @@
+map $host $lam { default ldap-account-manager; }
+
+server {
+    listen      80;
+    listen      [::]:80;
+    server_name lam.shore.co.il;
+    include     snippets/robots-disallow-all.conf;
+    include     snippets/ads-txt.conf;
+    include     snippets/security-txt.conf;
+    include     snippets/www-acme-challenge.conf;
+    include     snippets/redirect-https.conf;
+}
+
+server {
+    listen      443 ssl;
+    listen      [::]:443 ssl;
+    server_name lam.shore.co.il;
+    include     snippets/robots-disallow-all.conf;
+    include     snippets/ads-txt.conf;
+    include     snippets/security-txt.conf;
+    include     snippets/ssl.conf;
+
+    location / {
+        proxy_pass              http://$lam$request_uri;
+        proxy_http_version      1.1;
+        include                 snippets/proxy-headers.conf;
+        proxy_hide_header       X-Frame-Options;
+        include                 snippets/allow-private-ips.conf;
+    }
+}
-- 
GitLab