63 lines
1.6 KiB
Django/Jinja
63 lines
1.6 KiB
Django/Jinja
{{ ansible_header | comment }}
|
|
|
|
# Automatic Connection header for WebSocket support
|
|
# See http://nginx.org/en/docs/http/websocket.html
|
|
map $http_upgrade $connection_upgrade {
|
|
default upgrade;
|
|
'' close;
|
|
}
|
|
|
|
{% for site in reverseproxy.reverseproxy_sites %}
|
|
# Redirect http://{{ site.from }} to https://{{ site.from }}
|
|
server {
|
|
listen 80;
|
|
listen [::]:80;
|
|
|
|
server_name {{ site.from }};
|
|
|
|
{% for realip in nginx.real_ip_from %}
|
|
set_real_ip_from {{ realip }};
|
|
{% endfor %}
|
|
real_ip_header X-Real-Ip;
|
|
|
|
location / {
|
|
return 302 https://$host$request_uri;
|
|
}
|
|
}
|
|
|
|
# Reverse proxify https://{{ site.from }} to {% if not site.to.startswith("http") %}http://{% endif %}{{ site.to }}
|
|
server {
|
|
listen 443 ssl http2;
|
|
listen [::]:443 ssl http2;
|
|
|
|
server_name {{ site.from }};
|
|
|
|
# SSL common conf
|
|
include "/etc/nginx/snippets/options-ssl.{{ site.ssl|default(nginx.default_ssl_domain) }}.conf";
|
|
|
|
# Log into separate log files
|
|
access_log /var/log/nginx/{{ site.from }}.log;
|
|
error_log /var/log/nginx/{{ site.from }}_error.log;
|
|
|
|
# Keep the TCP connection open a bit for faster browsing
|
|
keepalive_timeout 70;
|
|
|
|
# Custom error page
|
|
error_page 500 502 503 504 /50x.html;
|
|
location = /50x.html {
|
|
root /var/www/html;
|
|
}
|
|
|
|
{% for realip in nginx.real_ip_from %}
|
|
set_real_ip_from {{ realip }};
|
|
{% endfor %}
|
|
real_ip_header X-Real-Ip;
|
|
|
|
location / {
|
|
proxy_pass {% if not site.to.startswith("http") %}http://{% endif %}{{ site.to }};
|
|
include "/etc/nginx/snippets/options-proxypass.conf";
|
|
}
|
|
}
|
|
|
|
{% endfor %}
|