Pass#

Allows passing the accepted connection directly to any configured listening socket in HTTP, Stream, or Mail modules.

The module enables selective SSL termination based on SNI.

Configuration Example#

After the stream module handles the SSL/TLS termination, it forwards the connection to the http module:

stream {

    server {

        listen 8000 default_server;
        ssl_preread on;
        # ...
    }

    server {

        listen 8000;
        server_name foo.example.com;
        pass 127.0.0.1:8001; # to HTTP
    }

    server {

        listen 8000;
        server_name bar.example.com;
        # ...
    }
}

http {

    server {

        listen 8001 ssl;
        # ...

        location / {

            root html;
        }
    }
}

Directives#

pass#

Syntax	`pass` address;
Default	—
Context	server

This directive sets the server address to which the client connection should be passed. The address can be given as an IP address and port:

pass 127.0.0.1:12345;

Or as a path to a UNIX domain socket:

pass unix:/tmp/stream.socket;

Also, the address can be set with variables:

pass $upstream;