# API Service - FastAPI with Keycloak Authentication # Subpath: /apiservice # Backend: apiservice:8000 location /apiservice { # Remove /apiservice prefix before forwarding to backend rewrite ^/apiservice(/.*)$ $1 break; # Forward to FastAPI backend proxy_pass http://apiservice:8000; # Preserve original host and protocol proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Port $server_port; # Important: Tell FastAPI about the subpath proxy_set_header X-Script-Name /apiservice; # Session cookie handling proxy_cookie_path / /apiservice/; # WebSocket support (for future use) proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # Timeouts proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; # Buffer settings proxy_buffering off; proxy_request_buffering off; } # Static files (if any) location /apiservice/static { rewrite ^/apiservice/static(/.*)$ /static$1 break; proxy_pass http://apiservice:8000; proxy_set_header Host $host; } # Admin panel location /apiservice/admin { rewrite ^/apiservice(/.*)$ $1 break; proxy_pass http://apiservice:8000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Script-Name /apiservice; proxy_cookie_path / /apiservice/; }