%for %%idx, %%domainname in %%enumerate(%%revprox_domainnames_all) %set %%family = %%normalize_family(%%domainname) %set %%revprox = %%nginx['reverse_proxy_for_' + family]['reverse_proxy_' + family] %set %%wildcard = %%nginx['reverse_proxy_for_' + family]['revprox_domain_wildcard_' + family] # Configuration HTTP %%domainname server { listen 80; server_name %%domainname; return 301 https://www.domain.com$request_uri; } # Configuration HTTPS %%domainname server { listen 443 ssl http2; ssl_certificate %%nginx_certificate_filename[%%idx]; ssl_certificate_key %%nginx_private_key_filename[%%idx]; server_name %%domainname; error_page 403 404 502 503 504 /error.html; location = /error.html{ root /var/www/html; } %for %%location in %%revprox['revprox_location_' + family] %set %%location_str = %%str(%%location) location %%location { proxy_pass %%location['revprox_url_' + family]; %if %%location['revprox_is_websocket_' + family] proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; %else proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Destination $dest; %end if proxy_ssl_trusted_certificate /etc/pki/ca-trust/source/anchors/ca_InternalReverseProxy.crt; proxy_ssl_verify on; proxy_ssl_verify_depth 2; proxy_ssl_session_reuse on; set $dest $http_destination; index error.html; root /var/www/html; } # If user missing '/' %if %%location_str != '/' and %%location_str.endswith('/') location %%location_str[:-1] { rewrite ^(%%location_str[:-1])$ $1/ permanent; } %end if %end for } %end for