nginx_vhost.conf.master 2.38 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69
server {
        listen   80;
        server_name  <tmpl_var name='alias'> <tmpl_var name='domain'>;

        access_log  /var/log/ispconfig/nginx/<tmpl_var name='domain'>/access.log;
        error_log  /var/log/ispconfig/nginx/<tmpl_var name='domain'>/error.log;

        include         /etc/nginx/proxy.conf;

        location / {
                proxy_pass      http://<tmpl_var name='ip_address'>:80;
        }

        location ~* \.(jpg|png|gif|jpeg|css|js|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ {
                # Cache static-looking files for 120 minutes, setting a 10 day expiry time in the HTTP header,
                # whether logged in or not (may be too heavy-handed).
                proxy_cache_valid 200 120m;
                expires 864000;
                proxy_pass      http://<tmpl_var name='ip_address'>:80;
        }

        <tmpl_if name='nginx_directives'>
            <tmpl_var name='nginx_directives'>
        </tmpl_if>



}


<tmpl_if name='ssl_enabled'>
###########################################################
# SSL Vhost
###########################################################
server {
        listen   443;
        server_name  <tmpl_var name='ssl_domain'> <tmpl_var name='alias'>;

        access_log  /var/log/ispconfig/nginx/<tmpl_var name='domain'>/access.log
        error_log  /var/log/ispconfig/nginx/<tmpl_var name='domain'>/error.log
        
        ### SSL cert files ###
        ssl_certificate      <tmpl_var name='config_dir'>/ssl/<tmpl_var name='ssl_domain'>.crt
        ssl_certificate_key  <tmpl_var name='config_dir'>/ssl/<tmpl_var name='ssl_domain'>.crt
        
        <tmpl_if name='has_bundle_cert'>
            ssl_client_certificate <tmpl_var name='config_dir'>/ssl/<tmpl_var name='ssl_domain'>.bundle
        </tmpl_if>
        
        ### Add SSL specific settings here ###
        keepalive_timeout    60;
        
        ###  Limiting Ciphers ########################
        # Uncomment as per your setup
        #ssl_ciphers HIGH:!ADH;
        #ssl_perfer_server_ciphers on;
        #ssl_protocols SSLv3;
        ##############################################

        include         /etc/nginx/proxy.conf;

        ### Most PHP, Python, Rails, Java App can use this header ###
        proxy_set_header X-Forwarded-Proto https;

        location / {
                proxy_pass      https://<tmpl_var name='ip_address'>:443;
        }
}
</tmpl_if>