server { listen 8080; server_name _; resolver 127.0.0.11 valid=30s ipv6=off; # The dev frontend is intentionally reached through the existing backend-core # microservice proxy so the public port does not need direct access to D601. # Auth endpoints use the production frontend only to issue/clear the shared # host-scoped UniDesk session cookie. Application routes and APIs still go to # frontend-dev. location = /login { proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://frontend:8080$request_uri; } location = /logout { proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://frontend:8080$request_uri; } location / { set $dev_proxy_request_uri "$request_uri?__unideskDevProxyNoCache=$msec"; if ($args != "") { set $dev_proxy_request_uri "$request_uri&__unideskDevProxyNoCache=$msec"; } proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Auth $http_cookie; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_buffering off; proxy_read_timeout 300s; proxy_pass http://backend-core:8080/api/microservices/k3sctl-adapter/proxy/api/services/frontend-dev/proxy$dev_proxy_request_uri; } }