Newer
Older
latham
committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
server {
listen 80;
server_name <tmpl_var name='alias'> <tmpl_var name='domain'>;
access_log /var/log/ispconfig/nginx/<tmpl_var name='domain'>/access.log;
error_log /var/log/ispconfig/nginx/<tmpl_var name='domain'>/error.log;
include /etc/nginx/proxy.conf;
location / {
proxy_pass http://<tmpl_var name='ip_address'>:80;
}
location ~* \.(jpg|png|gif|jpeg|css|js|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ {
# Cache static-looking files for 120 minutes, setting a 10 day expiry time in the HTTP header,
# whether logged in or not (may be too heavy-handed).
proxy_cache_valid 200 120m;
expires 864000;
proxy_pass http://<tmpl_var name='ip_address'>:80;
}
<tmpl_if name='nginx_directives'>
<tmpl_var name='nginx_directives'>
</tmpl_if>
}
<tmpl_if name='ssl_enabled'>
###########################################################
# SSL Vhost
###########################################################
server {
listen 443;
server_name <tmpl_var name='ssl_domain'> <tmpl_var name='alias'>;
access_log /var/log/ispconfig/nginx/<tmpl_var name='domain'>/access.log
error_log /var/log/ispconfig/nginx/<tmpl_var name='domain'>/error.log
### SSL cert files ###
ssl_certificate <tmpl_var name='config_dir'>/ssl/<tmpl_var name='ssl_domain'>.crt
ssl_certificate_key <tmpl_var name='config_dir'>/ssl/<tmpl_var name='ssl_domain'>.crt
<tmpl_if name='has_bundle_cert'>
ssl_client_certificate <tmpl_var name='config_dir'>/ssl/<tmpl_var name='ssl_domain'>.bundle
</tmpl_if>
### Add SSL specific settings here ###
keepalive_timeout 60;
### Limiting Ciphers ########################
# Uncomment as per your setup
#ssl_ciphers HIGH:!ADH;
#ssl_perfer_server_ciphers on;
#ssl_protocols SSLv3;
##############################################
include /etc/nginx/proxy.conf;
### Most PHP, Python, Rails, Java App can use this header ###
proxy_set_header X-Forwarded-Proto https;
location / {
proxy_pass https://<tmpl_var name='ip_address'>:443;
}
}
</tmpl_if>