54 lines
1.8 KiB
Django/Jinja
54 lines
1.8 KiB
Django/Jinja
server {
|
|
listen {{ service.ssl_port | default(443) }};
|
|
|
|
server_name {{ service.domain_name }};
|
|
access_log /var/log/nginx/{{ service.domain_name }}-ssl-access.log;
|
|
error_log /var/log/nginx/{{ service.domain_name }}-ssl-error.log;
|
|
|
|
include ssl_{{ service.domain_name }}.conf;
|
|
|
|
{% if service.password_protect|default(false) %}
|
|
auth_basic "{{ service.domain_name }} is password protected";
|
|
auth_basic_user_file {{ service.password_file }};
|
|
{% endif %}
|
|
|
|
location / {
|
|
proxy_pass http://{{ service.internal_ip }}:{{ service.internal_port }};
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Port $server_port;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
{% if service.https_opts is defined %}
|
|
{% for opt in service.https_opts %}
|
|
{{ opt }}
|
|
{% endfor %}
|
|
{% endif %}
|
|
}
|
|
|
|
{% if service.websockets is defined %}
|
|
location {{ service.websockets.path }} {
|
|
proxy_pass http://{{ service.websockets.internal_ip }}:{{ service.websockets.internal_port }};
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header Host $host;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
}
|
|
{% endif %}
|
|
{% if service.https_custom_locations is defined %}
|
|
{% for location in service.https_custom_locations %}
|
|
location {{ location.rule }} {
|
|
{% for conf_line in location.conf_lines %}
|
|
{{ conf_line }};
|
|
{% endfor %}
|
|
}
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if service.https_custom_configurations is defined %}
|
|
{% for conf in service.https_custom_configurations %}
|
|
{{ conf }};
|
|
{% endfor %}
|
|
{% endif %}
|
|
}
|