ISPConfig3 devel
blame | history | raw
xaver
2011-09-09 0141fd3928cc1f7254e6cfba2b58a9ac3964f2e2 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69

server {


        listen   80;


        server_name  <tmpl_var name='alias'> <tmpl_var name='domain'>;


 


        access_log  /var/log/ispconfig/nginx/<tmpl_var name='domain'>/access.log;


        error_log  /var/log/ispconfig/nginx/<tmpl_var name='domain'>/error.log;


 


        include         /etc/nginx/proxy.conf;


 


        location / {


                proxy_pass      http://<tmpl_var name='ip_address'>:80;


        }


 


        location ~* \.(jpg|png|gif|jpeg|css|js|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ {


                # Cache static-looking files for 120 minutes, setting a 10 day expiry time in the HTTP header,


                # whether logged in or not (may be too heavy-handed).


                proxy_cache_valid 200 120m;


                expires 864000;


                proxy_pass      http://<tmpl_var name='ip_address'>:80;


        }


 


        <tmpl_if name='nginx_directives'>


            <tmpl_var name='nginx_directives'>


        </tmpl_if>


 


 


 


}


 


 


<tmpl_if name='ssl_enabled'>


###########################################################


# SSL Vhost


###########################################################


server {


        listen   443;


        server_name  <tmpl_var name='ssl_domain'> <tmpl_var name='alias'>;


 


        access_log  /var/log/ispconfig/nginx/<tmpl_var name='domain'>/access.log


        error_log  /var/log/ispconfig/nginx/<tmpl_var name='domain'>/error.log


        


        ### SSL cert files ###


        ssl_certificate      <tmpl_var name='config_dir'>/ssl/<tmpl_var name='ssl_domain'>.crt


        ssl_certificate_key  <tmpl_var name='config_dir'>/ssl/<tmpl_var name='ssl_domain'>.crt


        


        <tmpl_if name='has_bundle_cert'>


            ssl_client_certificate <tmpl_var name='config_dir'>/ssl/<tmpl_var name='ssl_domain'>.bundle


        </tmpl_if>


        


        ### Add SSL specific settings here ###


        keepalive_timeout    60;


        


        ###  Limiting Ciphers ########################


        # Uncomment as per your setup


        #ssl_ciphers HIGH:!ADH;


        #ssl_perfer_server_ciphers on;


        #ssl_protocols SSLv3;


        ##############################################


 


        include         /etc/nginx/proxy.conf;


 


        ### Most PHP, Python, Rails, Java App can use this header ###


        proxy_set_header X-Forwarded-Proto https;


 


        location / {


                proxy_pass      https://<tmpl_var name='ip_address'>:443;


        }


}


</tmpl_if>