From 97596a685c8c8fb4148460de88e2d60d169ec9f5 Mon Sep 17 00:00:00 2001
From: Rajesh Rajendran <rjshrjndrn@gmail.com>
Date: Sat, 15 Jan 2022 01:16:14 +0530
Subject: [PATCH] chore(nginx): Adding x-forwarded-proto map

x-forwarded-proto is not standard aginst all LB,
If nginx is offloading SSL, then there won't be any x-forwarded-proto.
So, default we're taking $http_x_forwarded_proto else $scheme.

Signed-off-by: Rajesh Rajendran <rjshrjndrn@gmail.com>
---
 .../nginx-ingress/nginx-ingress/templates/configmap.yaml    | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/scripts/helm/nginx-ingress/nginx-ingress/templates/configmap.yaml b/scripts/helm/nginx-ingress/nginx-ingress/templates/configmap.yaml
index bf41a28c2..ea59aa82d 100644
--- a/scripts/helm/nginx-ingress/nginx-ingress/templates/configmap.yaml
+++ b/scripts/helm/nginx-ingress/nginx-ingress/templates/configmap.yaml
@@ -62,7 +62,7 @@ data:
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection "Upgrade";
       proxy_set_header Host $host;
-      proxy_set_header X-Forwarded-Proto $scheme;
+      proxy_set_header X-Forwarded-Proto $origin_proto;
       proxy_pass http://chalice-openreplay.app.svc.cluster.local:8000;
     }
     location /assist/ {
@@ -133,6 +133,10 @@ data:
       default upgrade;
       '' close;
     }
+    map $http_x_forwarded_proto $origin_proto {
+      default $http_x_forwarded_proto;
+      '' $scheme;
+    }
     server {
       listen 80 default_server;
       listen [::]:80 default_server;