parent
1b06fe273f
commit
38a8354754
|
@ -28,8 +28,8 @@ Common
|
||||||
- `ssl_name`: (D) name of the key used when using TLS/SSL. Optional when `proto` contains "https". If you don't set this value, it will search by `name`.
|
- `ssl_name`: (D) name of the key used when using TLS/SSL. Optional when `proto` contains "https". If you don't set this value, it will search by `name`.
|
||||||
- `ssl_template` (O) "strong" (default) or "legacy". You can disable SSL helpers and add your own directives by setting "false".
|
- `ssl_template` (O) "strong" (default) or "legacy". You can disable SSL helpers and add your own directives by setting "false".
|
||||||
- `php_version` (O) Sepecify PHP version (5 or 7)
|
- `php_version` (O) Sepecify PHP version (5 or 7)
|
||||||
- `http_proxy_protocol` (O) Enable proxy protocol on http listen (default: false)
|
- `http_proxy_protocol_port` (O) Enable proxy protocol on http port.
|
||||||
- `https_proxy_protocol` (O) Enable proxy protocol on https listen (default: false)
|
- `https_proxy_protocol_port` (O) Enable proxy protocol on https port.
|
||||||
|
|
||||||
(O): Optional
|
(O): Optional
|
||||||
(M): Mandatory
|
(M): Mandatory
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
{% set __proto = item.proto | default(['http']) %}
|
{% set __proto = item.proto | default(['http']) %}
|
||||||
{% set __main_name = item.filename | default(item.name if item.name is string else item.name[0]) %}
|
{% set __main_name = item.filename | default(item.name if item.name is string else item.name[0]) %}
|
||||||
{% set __listen = item.listen | default(['80']) %}
|
{% set __listen = item.listen | default([80]) %}
|
||||||
{% set __listen_ssl = item.listen_ssl | default(['443']) %}
|
{% set __listen_ssl = item.listen_ssl | default([443]) %}
|
||||||
{% set __http_proxy_protocol = item.http_proxy_protocol | default(false) %}
|
{% set __http_proxy_protocol_port = item.http_proxy_protocol_port | default([]) %}
|
||||||
{% set __https_proxy_protocol = item.https_proxy_protocol | default(false) %}
|
{% set __https_proxy_protocol_port = item.https_proxy_protocol_port | default([]) %}
|
||||||
{% set __location = item.location | default({}) %}
|
{% set __location = item.location | default({}) %}
|
||||||
{% set __headers = item.headers | default({'X-Frame-Options': 'DENY always', 'X-Content-Type-Options': 'nosniff always' }) %}
|
{% set __headers = item.headers | default({'X-Frame-Options': 'DENY always', 'X-Content-Type-Options': 'nosniff always' }) %}
|
||||||
{% set __ssl_name = item.ssl_name | default(item.name if item.name is string else item.name[0]) %}
|
{% set __ssl_name = item.ssl_name | default(item.name if item.name is string else item.name[0]) %}
|
||||||
|
@ -30,12 +30,12 @@
|
||||||
server {
|
server {
|
||||||
{% if 'http' in __proto %}
|
{% if 'http' in __proto %}
|
||||||
{% for port in __listen %}
|
{% for port in __listen %}
|
||||||
listen {{ port }}{% if nginx_default_vhost == __main_name %} default_server{% endif %}{% if __http_proxy_protocol %} proxy_protocol{% endif %};
|
listen {{ port }}{% if nginx_default_vhost == __main_name %} default_server{% endif %}{% if port | int in __http_proxy_protocol_port %} proxy_protocol{% endif %};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if 'https' in __proto %}
|
{% if 'https' in __proto %}
|
||||||
{% for port in __listen_ssl %}
|
{% for port in __listen_ssl %}
|
||||||
listen {{ port }}{% if nginx_default_vhost_ssl == __main_name %} default_server{% endif %} ssl{% if nginx_auto_config_httpv2 and 'http_v2' in nginx_modules %} http2{% endif %}{% if __https_proxy_protocol %} proxy_protocol{% endif %};
|
listen {{ port }}{% if nginx_default_vhost_ssl == __main_name %} default_server{% endif %} ssl{% if nginx_auto_config_httpv2 and 'http_v2' in nginx_modules %} http2{% endif %}{% if port | int in __https_proxy_protocol_port %} proxy_protocol{% endif %};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{{ ssl(__ssl_name) }}
|
{{ ssl(__ssl_name) }}
|
||||||
{% if item.ssl_template is not defined or item.ssl_template != false %}
|
{% if item.ssl_template is not defined or item.ssl_template != false %}
|
||||||
|
@ -142,7 +142,7 @@ server {
|
||||||
#
|
#
|
||||||
server {
|
server {
|
||||||
{% for port in __listen %}
|
{% for port in __listen %}
|
||||||
listen {{ port }}{% if nginx_default_vhost == __main_name %} default_server{% endif %}{% if __http_proxy_protocol %} proxy_protocol{% endif %};
|
listen {{ port }}{% if nginx_default_vhost == __main_name %} default_server{% endif %}{% if port | int in __http_proxy_protocol_port %} proxy_protocol{% endif %};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
server_name {% if item.name is string %}{{ item.name }}{% else %}{{ "\n\t\t" }}{{ item.name | join("\n\t\t") }}{% endif %};
|
server_name {% if item.name is string %}{{ item.name }}{% else %}{{ "\n\t\t" }}{{ item.name | join("\n\t\t") }}{% endif %};
|
||||||
return 301 https://{{ __main_name }}{% if '443' not in __listen_ssl %}:{{ __listen_ssl[0] }}{% endif %}$request_uri;
|
return 301 https://{{ __main_name }}{% if '443' not in __listen_ssl %}:{{ __listen_ssl[0] }}{% endif %}$request_uri;
|
||||||
|
@ -156,7 +156,7 @@ server {
|
||||||
#
|
#
|
||||||
server {
|
server {
|
||||||
{% for port in __listen %}
|
{% for port in __listen %}
|
||||||
listen {{ port }}{% if __http_proxy_protocol %} proxy_protocol{% endif %};
|
listen {{ port }}{% if port | int in __http_proxy_protocol_port %} proxy_protocol{% endif %};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
server_name {% if item.redirect_from is string %}{{ item.redirect_from }}{% else %}{{ "\n\t\t" }}{{ item.redirect_from | join("\n\t\t") }}{% endif %};
|
server_name {% if item.redirect_from is string %}{{ item.redirect_from }}{% else %}{{ "\n\t\t" }}{{ item.redirect_from | join("\n\t\t") }}{% endif %};
|
||||||
return 301 $scheme://{{ __main_name }}$request_uri;
|
return 301 $scheme://{{ __main_name }}$request_uri;
|
||||||
|
|
|
@ -212,8 +212,10 @@
|
||||||
redirect_https: true
|
redirect_https: true
|
||||||
- name: 'test-ssl-proxy-protocol.local'
|
- name: 'test-ssl-proxy-protocol.local'
|
||||||
proto: ['http', 'https']
|
proto: ['http', 'https']
|
||||||
http_proxy_protocol: true
|
listen: [80, 20080]
|
||||||
https_proxy_protocol: true
|
listen_ssl: [443, 20443]
|
||||||
|
http_proxy_protocol_port: [20080]
|
||||||
|
https_proxy_protocol_port: [20443]
|
||||||
template: '_base'
|
template: '_base'
|
||||||
ssl_name: 'test-ssl.local'
|
ssl_name: 'test-ssl.local'
|
||||||
nginx_dh_length: 2048
|
nginx_dh_length: 2048
|
||||||
|
|
Loading…
Reference in New Issue