[nginxplus] Add X-Forwarded-Proto headers to all DLS configs

advances #5472

roles/nginxplus/files/conf/http/abid_prod.conf

@@ -33,6 +33,7 @@ server {
     location / {
         proxy_pass http://abid;
         proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_cache abidcache;
         proxy_connect_timeout      2h;

roles/nginxplus/files/conf/http/dev/abid_staging.conf

@@ -34,6 +34,7 @@ server {
     #    # app_protect_security_log_enable on;
         proxy_pass http://abid-staging;
         proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_cache abid-stagingcache;
         proxy_connect_timeout      2h;

roles/nginxplus/files/conf/http/dev/dpul-collections-staging.conf

@@ -36,6 +36,7 @@ server {
         # app_protect_security_log_enable on;
         proxy_pass http://dpul-collections-staging;
         proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
         proxy_cache dpul-collections-stagingcache;
         # allow princeton network
         # include /etc/nginx/conf.d/templates/restrict.conf;
@@ -48,6 +49,7 @@ server {
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Host $host;
+      proxy_set_header X-Forwarded-Proto https;
       proxy_set_header X-NginX-Proxy true;
 
       # enables websocket support

roles/nginxplus/files/conf/http/dpul-prod.conf

@@ -37,6 +37,7 @@ server {
         app_protect_enable off;
         proxy_pass http://dpul-prod;
         proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
         proxy_cache dpul-prodcache;
         proxy_intercept_errors on;
         health_check uri=/health.json interval=10 fails=3 passes=2;

roles/nginxplus/files/conf/http/dpul-staging.conf

@@ -36,6 +36,7 @@ server {
         # app_protect_security_log_enable on;
         proxy_pass http://dpul-staging;
         proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
         proxy_cache dpul-stagingcache;
         health_check uri=/health.json interval=10 fails=3 passes=2;
     }

roles/nginxplus/files/conf/http/figgy-prod.conf

@@ -38,6 +38,7 @@ server {
         app_protect_enable off;
         proxy_pass http://figgy;
         proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_cache figgycache;
@@ -59,6 +60,7 @@ server {
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Host $host;
+      proxy_set_header X-Forwarded-Proto https;
       proxy_set_header X-NginX-Proxy true;
 
       # enables websocket support

roles/nginxplus/files/conf/http/figgy-staging.conf

@@ -36,6 +36,7 @@ server {
         app_protect_enable off;
         proxy_pass http://figgy-staging;
         proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_cache figgy-stagingcache;
@@ -56,6 +57,7 @@ server {
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header X-Forwarded-Host $host;
+      proxy_set_header X-Forwarded-Proto https;
       proxy_set_header X-NginX-Proxy true;
 
       # enables websocket support

roles/nginxplus/files/conf/http/imagecat_prod.conf

@@ -34,6 +34,7 @@ server {
     location / {
         proxy_pass http://imagecat_prod;
         proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
         proxy_cache imagecat_prodcache;
         proxy_intercept_errors on;
         # health_check interval=10 fails=3 passes=2;

roles/nginxplus/files/conf/http/imagecat_staging.conf

@@ -33,6 +33,7 @@ server {
     location / {
         proxy_pass http://imagecat_staging;
         proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
         proxy_cache imagecat_stagingcache;
         # health_check interval=10 fails=3 passes=2;
         # allow princeton network

roles/nginxplus/files/conf/http/lae-prod.conf

@@ -43,6 +43,7 @@ server {
     location / {
         proxy_pass http://lae;
         proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_cache laeprodcache;
         health_check interval=10 fails=3 passes=2;

roles/nginxplus/files/conf/http/lae-staging.conf

@@ -43,6 +43,7 @@ server {
         # app_protect_security_log_enable on;
         proxy_pass http://lae-staging;
         proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_cache lae-stagingcache;
         health_check interval=10 fails=3 passes=2;

roles/nginxplus/files/conf/http/maps-prod.conf

@@ -34,6 +34,7 @@ server {
         app_protect_enable off;
         proxy_pass http://maps-prod;
         proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_cache maps-prodcache;
         proxy_buffer_size 128k;

roles/nginxplus/files/conf/http/maps-staging.conf

@@ -33,6 +33,7 @@ server {
         # app_protect_security_log_enable on;
         proxy_pass http://maps-staging;
         proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto https;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_cache maps-stagingcache;
         proxy_connect_timeout      2h;

roles/nginxplus/files/conf/http/pulfalight-prod.conf

@@ -34,6 +34,7 @@ server {
    location / {
        proxy_pass http://pulfalight-prod;
        proxy_set_header X-Forwarded-Host $host;
+       proxy_set_header X-Forwarded-Proto https;
        proxy_cache pulfalight-stagingcache;
        proxy_connect_timeout      2h;
        proxy_send_timeout         2h;

roles/nginxplus/files/conf/http/pulfalight-qa.conf

@@ -33,6 +33,7 @@ server {
        # app_protect_security_log_enable on;
        proxy_pass http://pulfalight-qa;
        proxy_set_header X-Forwarded-Host $host;
+       proxy_set_header X-Forwarded-Proto https;
        proxy_cache pulfalight-qacache;
        proxy_connect_timeout      2h;
        proxy_send_timeout         2h;

roles/nginxplus/files/conf/http/pulfalight-staging.conf

@@ -59,6 +59,7 @@ server {
        # app_protect_security_log_enable on;
        proxy_pass http://pulfalight-staging;
        proxy_set_header X-Forwarded-Host $host;
+       proxy_set_header X-Forwarded-Proto https;
        proxy_cache pulfalight-stagingcache;
        proxy_connect_timeout      2h;
        proxy_send_timeout         2h;