set $upstream_auth http://127.0.0.1:5001/auth;

## Virtual endpoint created by nginx to forward auth requests.
location /auth {
    ## Essential Proxy Configuration
    internal;
    proxy_pass $upstream_auth;

    ## Headers

    # First strip out all the request headers
    # Note: This is important to ensure that upgrade requests for secure
    #       websockets dont cause the backend to fail
    proxy_pass_request_headers off;
    # Pass info about the request
    proxy_set_header X-Original-Method $request_method;
    proxy_set_header X-Original-URL $scheme://$http_host$request_uri;
    proxy_set_header X-Server-Port $server_port;
    proxy_set_header Content-Length "";
    # Pass along auth related info
    proxy_set_header Authorization $http_authorization;
    proxy_set_header Cookie $http_cookie;
    proxy_set_header X-CSRF-TOKEN "1";

    # include headers from common auth proxies
    include proxy_trusted_headers.conf;

    ## Basic Proxy Configuration
    proxy_pass_request_body off;
    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503; # Timeout if the real server is dead
    proxy_redirect http:// $scheme://;
    proxy_http_version 1.1;
    proxy_cache_bypass $cookie_session;
    proxy_no_cache $cookie_session;
    proxy_buffers 4 32k;
    client_body_buffer_size 128k;

    ## Advanced Proxy Configuration
    send_timeout 5m;
    proxy_read_timeout 240;
    proxy_send_timeout 240;
    proxy_connect_timeout 240;
}