commit | author | age
|
10b4c8
|
1 |
<tmpl_loop name="vhosts"> |
T |
2 |
server { |
|
3 |
|
|
4 |
###################################################################### |
|
5 |
## Server configuration |
|
6 |
###################################################################### |
|
7 |
|
|
8 |
# Tell nginx to listen on port <tmpl_var name='port'> (default http(s) port, IPv4) |
|
9 |
listen <tmpl_var name='ip_address'>:<tmpl_var name='port'>; |
|
10 |
|
|
11 |
<tmpl_if name='ipv6_enabled'> |
|
12 |
# Tell nginx to listen on port <tmpl_var name='port'> (default http(s) port, IPv6) |
|
13 |
listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='port'> ipv6only=on; |
|
14 |
</tmpl_if> |
|
15 |
|
|
16 |
server_name <tmpl_var name='domain'> <tmpl_if name='alias'><tmpl_var name='alias'></tmpl_if> <tmpl_if name='ip_address' op='!=' value='*'><tmpl_var name='ip_address'></tmpl_if>; |
|
17 |
|
|
18 |
###################################################################### |
|
19 |
## Log configuration |
|
20 |
###################################################################### |
|
21 |
|
|
22 |
access_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/access.log combined; |
|
23 |
error_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log; |
|
24 |
|
|
25 |
<tmpl_if name='ssl_enabled'> |
|
26 |
###################################################################### |
|
27 |
## SSL configuration |
|
28 |
###################################################################### |
|
29 |
|
|
30 |
ssl on; |
|
31 |
ssl_certificate <tmpl_var name='web_document_root_ssl'>/<tmpl_var name='ssl_domain'>.nginx.crt; |
|
32 |
ssl_certificate_key <tmpl_var name='web_document_root_ssl'>/<tmpl_var name='ssl_domain'>.nginx.key; |
|
33 |
</tmpl_if> |
|
34 |
|
|
35 |
###################################################################### |
|
36 |
## Redirects configuration |
|
37 |
###################################################################### |
|
38 |
|
|
39 |
<tmpl_if name='seo_redirect_enabled'> |
|
40 |
# SEO Redirect |
|
41 |
if ($http_host = "<tmpl_var name='seo_redirect_origin_domain'>") { |
|
42 |
rewrite ^ $scheme://<tmpl_var name='seo_redirect_target_domain'>$request_uri permanent; |
|
43 |
} |
|
44 |
</tmpl_if> |
|
45 |
|
|
46 |
<tmpl_if name='rewrite_enabled'> |
|
47 |
<tmpl_loop name="redirects"> |
|
48 |
# Redirects |
|
49 |
#if ($http_host ~* "<tmpl_var name='rewrite_domain'>$") { |
|
50 |
# rewrite ^/(.+)$ <tmpl_var name='rewrite_target'>$1 <tmpl_var name='rewrite_type'>; |
|
51 |
#} |
|
52 |
</tmpl_loop> |
|
53 |
</tmpl_if> |
|
54 |
|
|
55 |
###################################################################### |
|
56 |
## Error configuration |
|
57 |
###################################################################### |
|
58 |
|
|
59 |
error_page 400 /error/400.html; |
|
60 |
error_page 401 /error/401.html; |
|
61 |
error_page 403 /error/403.html; |
|
62 |
error_page 404 /error/404.html; |
|
63 |
error_page 405 /error/405.html; |
|
64 |
error_page 500 /error/500.html; |
|
65 |
error_page 502 /error/502.html; |
|
66 |
error_page 503 /error/503.html; |
|
67 |
|
|
68 |
###################################################################### |
|
69 |
## Locations configuration |
|
70 |
###################################################################### |
|
71 |
|
|
72 |
location / { |
|
73 |
|
|
74 |
# disable access log (we already have it for nginx) |
|
75 |
access_log off; |
|
76 |
|
|
77 |
# set the document root |
|
78 |
root <tmpl_var name='web_document_root_www'>; |
|
79 |
|
|
80 |
# cache apache2's answers in the cache |
|
81 |
proxy_cache nginx_cache; |
|
82 |
|
|
83 |
# pass all requests to apache2 |
|
84 |
<tmpl_if name='seo_redirect_enabled'> |
|
85 |
proxy_pass http://<tmpl_if name='ip_address' op='!=' value='*'><tmpl_var name='ip_address'><tmpl_else><tmpl_var name='seo_redirect_target_domain'></tmpl_if>:<tmpl_var name='apache2_port'>; |
|
86 |
<tmpl_else> |
|
87 |
proxy_pass http://<tmpl_if name='ip_address' op='!=' value='*'><tmpl_var name='ip_address'><tmpl_else><tmpl_var name='domain'></tmpl_if>:<tmpl_var name='apache2_port'>; |
|
88 |
</tmpl_if> |
|
89 |
|
|
90 |
} |
|
91 |
|
|
92 |
location ~ /\. { |
|
93 |
|
|
94 |
# Don't allow any access |
|
95 |
deny all; |
|
96 |
|
|
97 |
# Don't log access |
|
98 |
access_log off; |
|
99 |
|
|
100 |
} |
|
101 |
|
|
102 |
###################################################################### |
|
103 |
## Directives configuration |
|
104 |
###################################################################### |
|
105 |
|
|
106 |
<tmpl_loop name="nginx_directives"> |
|
107 |
<tmpl_var name='nginx_directive'> |
|
108 |
</tmpl_loop> |
|
109 |
|
|
110 |
###################################################################### |
|
111 |
## CP configuration |
|
112 |
###################################################################### |
|
113 |
|
|
114 |
# If domain.tld/ispconfig is requested, redirect to the secure ISPConfig URL |
|
115 |
location = /ispconfig { rewrite ^ <tmpl_var name='cp_base_url'>/ permanent; } |
|
116 |
|
|
117 |
# If domain.tld/phpmyadmin is requested, redirect to the secure phpMyAdmin URL |
|
118 |
location = /phpmyadmin { rewrite ^ <tmpl_var name='cp_base_url'>/phpmyadmin/ permanent; } |
|
119 |
|
|
120 |
# If domain.tld/webmail is requested, redirect to the secure RoundCube Webmail URL |
|
121 |
location = /webmail { rewrite ^ <tmpl_var name='cp_base_url'>/webmail/ permanent; } |
|
122 |
|
|
123 |
} |
|
124 |
|
|
125 |
</tmpl_loop> |