Nicolas Cantu
24077e749e
**Motivations:** - Expose Ollama and AnythingLLM via HTTPS paths on the LAN proxy with Bearer auth for Ollama. **Root causes:** - Cursor blocks direct requests to private IPs (SSRF policy). **Correctifs:** - N/A (new configuration artifacts). **Evolutions:** - Nginx site template, HTTP map for Bearer validation, websocket map example, deployment README, services doc link, feature documentation. **Pages affectées:** - deploy/nginx/http-maps/ia-enso-ollama-bearer.map.conf.example - deploy/nginx/http-maps/websocket-connection.map.conf.example - deploy/nginx/sites/ia.enso.4nkweb.com.conf - deploy/nginx/README-ia-enso.md - docs/features/ia-enso-nginx-proxy-ollama-anythingllm.md - docs/services.md
11 lines
504 B
Plaintext
11 lines
504 B
Plaintext
# Install on the proxy inside `http { ... }` (before any server that uses $ia_enso_ollama_authorized):
|
|
# include /etc/nginx/http-maps/ia-enso-ollama-bearer.map.conf;
|
|
#
|
|
# Copy this file without the .example suffix, set a long random Bearer secret (ASCII, no double quotes).
|
|
# Cursor / OpenAI-compatible clients: Base URL .../ollama/v1 and API Key = same secret (no "Bearer " prefix).
|
|
|
|
map $http_authorization $ia_enso_ollama_authorized {
|
|
default 0;
|
|
"Bearer CHANGE_ME_TO_LONG_RANDOM_SECRET" 1;
|
|
}
|