35 lines
1.1 KiB
Django/Jinja
35 lines
1.1 KiB
Django/Jinja
server {
|
|
listen 80;
|
|
listen [::]:80;
|
|
|
|
listen 443 ssl;
|
|
listen [::]:443 ssl;
|
|
|
|
server_name {{ item.key + "." + mydomain if not item.value.internal else item.key + ".internal." + mydomain }};
|
|
|
|
ssl_certificate /etc/letsencrypt/live/{{ item.key + "." + mydomain if not item.value.internal else item.key + ".internal." + mydomain }}/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/{{ item.key + "." + mydomain if not item.value.internal else item.key + ".internal." + mydomain }}/privkey.pem;
|
|
|
|
include /etc/nginx/conf.d/include/ssl-ciphers.conf;
|
|
include /etc/nginx/conf.d/include/ssl-cache.conf;
|
|
include /etc/nginx/conf.d/include/force-ssl.conf;
|
|
|
|
access_log /var/log/nginx/{{ item.key }}_access.log;
|
|
error_log /var/log/nginx/{{ item.key }}_error.log warn;
|
|
|
|
location / {
|
|
{% if item.value.upgraded %}
|
|
include /etc/nginx/conf.d/include/upgrade.conf;
|
|
{% endif %}
|
|
|
|
{% if item.value.internal %}
|
|
include /etc/nginx/conf.d/include/internal.conf;
|
|
{% endif %}
|
|
|
|
set $forward_scheme http;
|
|
set $server "{{ item.value.server }}";
|
|
set $port {{ item.value.port }};
|
|
include /etc/nginx/conf.d/include/proxy.conf;
|
|
}
|
|
}
|