2022-08-18 10:19:43 +02:00
|
|
|
%for %%idx, %%domainname in %%enumerate(%%nginx.revprox_domainnames)
|
2022-03-08 19:42:28 +01:00
|
|
|
# Configuration HTTP %%domainname
|
|
|
|
server {
|
|
|
|
listen 80;
|
2022-03-11 19:55:02 +01:00
|
|
|
server_name %%domainname;
|
2022-04-08 18:52:43 +02:00
|
|
|
return 301 https://%%domainname$request_uri;
|
2022-03-08 19:42:28 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
# Configuration HTTPS %%domainname
|
|
|
|
server {
|
2022-03-11 18:41:49 +01:00
|
|
|
listen 443 ssl http2;
|
2022-08-18 10:19:43 +02:00
|
|
|
ssl_certificate %%nginx.nginx_certificate_filename[%%idx];
|
|
|
|
ssl_certificate_key %%nginx.nginx_private_key_filename[%%idx];
|
2022-03-08 19:42:28 +01:00
|
|
|
server_name %%domainname;
|
|
|
|
error_page 403 404 502 503 504 /error.html;
|
|
|
|
location = /error.html{
|
|
|
|
root /var/www/html;
|
|
|
|
}
|
|
|
|
|
2022-08-18 10:19:43 +02:00
|
|
|
%for %%remote in %%nginx.remotes
|
|
|
|
%set %%family = %%normalize_family(%%remote)
|
|
|
|
%set %%revprox = %%nginx['reverse_proxy_for_' + %%family]['reverse_proxy_' + %%family]
|
|
|
|
%for %%rp_domainname in %%revprox['revprox_domainnames_' + %%family]
|
|
|
|
%if %%domainname != %%str(%%rp_domainname)
|
|
|
|
%continue
|
|
|
|
%end if
|
|
|
|
%for %%loc_idx, %%location in %%enumerate(%%rp_domainname['revprox_location_' + %%family])
|
2022-03-08 19:42:28 +01:00
|
|
|
location %%location {
|
2022-08-18 10:19:43 +02:00
|
|
|
proxy_pass %%rp_domainname['revprox_url_' + %%family];
|
|
|
|
%if %%rp_domainname['revprox_is_websocket_' + %%family][%%loc_idx]
|
2022-04-08 18:52:43 +02:00
|
|
|
proxy_http_version 1.1;
|
2022-03-11 19:55:02 +01:00
|
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
|
|
proxy_set_header Connection "upgrade";
|
2022-08-18 10:19:43 +02:00
|
|
|
%else
|
2022-03-08 19:42:28 +01:00
|
|
|
proxy_set_header Host $http_host;
|
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
|
|
proxy_set_header X-Forwarded-Host $host;
|
|
|
|
proxy_set_header X-Forwarded-Port $server_port;
|
|
|
|
proxy_set_header X-Forwarded-Server $host;
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_set_header Destination $dest;
|
2022-08-18 10:19:43 +02:00
|
|
|
%end if
|
2022-03-15 12:01:51 +01:00
|
|
|
proxy_ssl_trusted_certificate /etc/pki/ca-trust/source/anchors/ca_InternalReverseProxy.crt;
|
2022-03-08 19:42:28 +01:00
|
|
|
proxy_ssl_verify on;
|
|
|
|
proxy_ssl_verify_depth 2;
|
|
|
|
proxy_ssl_session_reuse on;
|
2022-08-18 10:19:43 +02:00
|
|
|
%set %%maxbody = %%rp_domainname['revprox_max_body_size_' + %%family]
|
|
|
|
%if %%maxbody
|
2022-04-08 18:52:43 +02:00
|
|
|
client_max_body_size %%maxbody;
|
2022-08-18 10:19:43 +02:00
|
|
|
%end if
|
2022-03-08 19:42:28 +01:00
|
|
|
set $dest $http_destination;
|
|
|
|
index error.html;
|
|
|
|
root /var/www/html;
|
|
|
|
}
|
2022-03-11 18:41:49 +01:00
|
|
|
# If user missing '/'
|
2022-08-18 10:19:43 +02:00
|
|
|
%if %%location != '/' and %%location.endswith('/')
|
|
|
|
location %%location[:-1] {
|
|
|
|
rewrite ^(%%location[:-1])$ $1/ permanent;
|
2022-03-08 19:42:28 +01:00
|
|
|
}
|
2022-08-18 10:19:43 +02:00
|
|
|
%end if
|
|
|
|
%end for
|
|
|
|
%end for
|
2022-03-08 19:42:28 +01:00
|
|
|
%end for
|
|
|
|
}
|
2022-08-18 10:19:43 +02:00
|
|
|
|
2022-03-08 19:42:28 +01:00
|
|
|
%end for
|