-
-
Save encryptblockr/e9b82fcc0e4906aad007fbfe33a1fc83 to your computer and use it in GitHub Desktop.
Deploying NGINX Plus as an API Gateway, Part 3: Publishing gRPC Services
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| log_format grpc_json escape=json '{"timestamp":"$time_iso8601","client":"$remote_addr",' | |
| '"uri":"$uri","http-status":$status,' | |
| '"grpc-status":$grpc_status,"upstream":"$upstream_addr"' | |
| '"rx-bytes":$request_length,"tx-bytes":$bytes_sent}'; | |
| map $upstream_trailer_grpc_status $grpc_status { | |
| default $upstream_trailer_grpc_status; # We normally expect to receive grpc-status as a trailer | |
| '' $sent_http_grpc_status; # Else send the header, regardless of who generated it | |
| } | |
| server { | |
| listen 50051 http2; # Remove plaintext port for production use | |
| listen 443 http2 ssl; | |
| server_name grpc.example.com; | |
| access_log /var/log/nginx/grpc_log.json grpc_json; | |
| # TLS config | |
| ssl_certificate /etc/ssl/certs/grpc.example.com.crt; | |
| ssl_certificate_key /etc/ssl/private/grpc.example.com.key; | |
| ssl_session_cache shared:SSL:10m; | |
| ssl_session_timeout 5m; | |
| ssl_ciphers HIGH:!aNULL:!MD5; | |
| ssl_protocols TLSv1.2 TLSv1.3; | |
| # vim: syntax=nginx |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment