helmchart/wordpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

templates/configmap.yaml を更新

Browse Source
This commit is contained in:
pieter
2025-11-28 11:24:37 +00:00
parent 23568402aa
commit b530af4921
1 changed files with 28 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
templates/configmap.yaml
View File

@@ -10,6 +10,18 @@ data:
server 127.0.0.1:9000; server 127.0.0.1:9000;
} }
# Ingress/LBからのリアルIPを取得
map $http_x_forwarded_for $real_ip {
~^(\d+\.\d+\.\d+\.\d+) $1;
default $remote_addr;
}
# プロトコル判定HTTP or HTTPS
map $http_x_forwarded_proto $fastcgi_https {
default '';
https on;
}
server { server {
listen 80; listen 80;
server_name _; server_name _;
@@ -21,9 +33,12 @@ data:
client_max_body_size 64M; client_max_body_size 64M;
# リアルIPの取得LoadBalancer/Ingress経由の場合 # リアルIP設定
real_ip_header X-Forwarded-For; real_ip_header X-Forwarded-For;
set_real_ip_from 0.0.0.0/0; set_real_ip_from 10.0.0.0/8;
set_real_ip_from 172.16.0.0/12;
set_real_ip_from 192.168.0.0/16;
real_ip_recursive on;
location / { location / {
try_files $uri $uri/ /index.php?$args; try_files $uri $uri/ /index.php?$args;
@@ -36,35 +51,25 @@ data:
include fastcgi_params; include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_INFO $fastcgi_path_info;
# HTTPSリバースプロキシ対応
fastcgi_param HTTPS $fastcgi_https;
fastcgi_param HTTP_X_FORWARDED_PROTO $http_x_forwarded_proto;
fastcgi_param HTTP_X_FORWARDED_FOR $http_x_forwarded_for;
fastcgi_param HTTP_X_FORWARDED_HOST $http_x_forwarded_host;
fastcgi_param HTTP_X_REAL_IP $real_ip;
fastcgi_param REMOTE_ADDR $real_ip;
fastcgi_param SERVER_PORT $http_x_forwarded_port;
fastcgi_buffering off; fastcgi_buffering off;
fastcgi_read_timeout 300; fastcgi_read_timeout 300;
# HTTPS対応重要
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param REQUEST_SCHEME $scheme;
# X-Forwarded-*ヘッダーの転送
fastcgi_param HTTP_X_FORWARDED_PROTO $http_x_forwarded_proto;
fastcgi_param HTTP_X_FORWARDED_HOST $http_x_forwarded_host;
fastcgi_param HTTP_X_FORWARDED_PORT $http_x_forwarded_port;
fastcgi_param HTTP_X_FORWARDED_FOR $http_x_forwarded_for;
fastcgi_param HTTP_X_REAL_IP $http_x_real_ip;
# HTTPSが検出された場合の明示的な設定
set $https_value "";
if ($http_x_forwarded_proto = "https") {
set $https_value "on";
}
if ($scheme = "https") {
set $https_value "on";
}
fastcgi_param HTTPS $https_value;
} }
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
expires max; expires max;
log_not_found off; log_not_found off;
access_log off; access_log off;
add_header Cache-Control "public, immutable";
} }
location = /favicon.ico { location = /favicon.ico {