Benzine/Docker-Swarm-Loadbalancer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Docker-Swarm-Loadbalancer/bouncer/NginxTemplate.twig

64 lines
1.7 KiB
Twig
Raw Blame History

server {
{% if allowNonSSL %}
listen 80;
listen [::]:80;
{% endif %}
listen 443 ssl;
listen [::]:443 ssl;
server_name {{ domains|join(' ') }};
access_log /var/log/bouncer/{{ name }}.access.log;
error_log /var/log/bouncer/{{ name }}.error.log;
{% if useTemporaryCert %}
ssl_certificate /certs/example.crt;
ssl_certificate_key /certs/example.key;
{% elseif useGlobalCert %}
ssl_certificate /certs/global.crt;
ssl_certificate_key /certs/global.key;
{% else %}
ssl_certificate /etc/letsencrypt/live/{{ name }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ name }}/privkey.pem;
{% endif %}
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ssl_ciphers HIGH:!aNULL:!MD5;
{% if allowLargePayloads %}
client_max_body_size {{ maxPayloadSizeMegabytes }}M;
{% endif %}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $host;
{% if hasAuth %}
auth_basic "closed site";
auth_basic_user_file sites-enabled/{{ authFile }};
{% endif %}
{% if allowWebsocketSupport %}
# WebSocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
{% endif %}
{% if proxyTimeoutSeconds %}
proxy_read_timeout {{ proxyTimeoutSeconds }};
proxy_connect_timeout {{ proxyTimeoutSeconds }};
proxy_send_timeout {{ proxyTimeoutSeconds }};
{% endif %}
proxy_pass {{ targetPath }};
}
}
{% if not allowNonSSL %}
server {
listen 80;
listen [::]:80;
server_name {{ domains|join(' ') }};
return 301 https://$host$request_uri;
}
{% endif %}
Reference in a new issue View git blame Copy permalink