Nginx templates

src/backend/templates/proxy_host.conf

@@ -1,33 +1,15 @@
-# {{ domain_names | join: ", " }}
-server {
-  listen 80;
-  {%- if ssl_enabled == 1 or ssl_enabled == true -%}
-  listen 443 ssl;
-  {%- endif %}
-  server_name {{ domain_names | join: " " }};
-  access_log /data/logs/proxy_host-{{ id }}.log proxy;
+{% include "_header_comment.conf" %}
 
+server {
   set $server {{ forward_ip }};
   set $port   {{ forward_port }};
 
-  {% if caching_enabled == 1 or caching_enabled == true -%}
-  # Asset Caching
-  include conf.d/include/assets.conf;
-  {%- endif %}
-  {% if block_exploits == 1 or block_exploits == true -%}
-  # Block Exploits
-  include conf.d/include/block-exploits.conf;
-  {%- endif -%}
+  {% include "_listen.conf" %}
+  {% include "_certificates.conf" %}
+  {% include "_assets.conf" %}
+  {% include "_exploits.conf" %}
 
-  {%- if ssl_enabled == 1 or ssl_enabled == true -%}
-  {%- if ssl_provider == "letsencrypt" %}
-  # Let's Encrypt SSL
-  include conf.d/include/letsencrypt-acme-challenge.conf;
-  include conf.d/include/ssl-ciphers.conf;
-  ssl_certificate /etc/letsencrypt/live/proxy_host-{{ id }}/fullchain.pem;
-  ssl_certificate_key /etc/letsencrypt/live/proxy_host-{{ id }}/privkey.pem;
-  {%- endif -%}
-  {%- endif %}
+  access_log /data/logs/proxy_host-{{ id }}.log proxy;
 
   # TODO: Advanced config options
 
@@ -38,12 +20,7 @@ server {
     auth_basic_user_file  /config/access/{{ access_list_id }};
     {%- endif %}
 
-    {%- if ssl_enabled == 1 or ssl_enabled == true -%}
-    {%- if ssl_forced == 1 or ssl_forced == true -%}
-    # Force SSL
-    include conf.d/include/force-ssl.conf;
-    {%- endif -%}
-    {%- endif %}
+    {% include "_forced_ssl.conf" %}
 
     # Proxy!
     include conf.d/include/proxy.conf;