.devcontainer/proxy/stream.conf - airavata - Git at Google

 # Thrift server (9930 -> 8930)
 server {
     listen 9930 ssl;               # accept TLS on port 9930
     proxy_pass 192.168.100.9:8930; # forward decrypted traffic

     # point to your cert+key
     ssl_certificate     /vault/server.crt;
     ssl_certificate_key /vault/server.key;

     # (optional) enforce modern TLS only
     ssl_protocols       TLSv1.2 TLSv1.3;
     ssl_ciphers         HIGH:!aNULL:!MD5;
     ssl_prefer_server_ciphers on;

     # tuning
     proxy_connect_timeout 5s;
     proxy_timeout         5s;
 }
	# Thrift server (9930 -> 8930)
	server {
	listen 9930 ssl; # accept TLS on port 9930
	proxy_pass 192.168.100.9:8930; # forward decrypted traffic

	# point to your cert+key
	ssl_certificate /vault/server.crt;
	ssl_certificate_key /vault/server.key;

	# (optional) enforce modern TLS only
	ssl_protocols TLSv1.2 TLSv1.3;
	ssl_ciphers HIGH:!aNULL:!MD5;
	ssl_prefer_server_ciphers on;

	# tuning
	proxy_connect_timeout 5s;
	proxy_timeout 5s;
	}