62 lines
1.3 KiB
Plaintext
62 lines
1.3 KiB
Plaintext
{% include "_header_comment.conf" %}
|
|
|
|
{% if enabled %}
|
|
server {
|
|
set $forward_scheme {{ forward_scheme }};
|
|
set $server "{{ forward_host }}";
|
|
set $port {{ forward_port }};
|
|
|
|
{% include "_listen.conf" %}
|
|
{% include "_certificates.conf" %}
|
|
{% include "_assets.conf" %}
|
|
{% include "_exploits.conf" %}
|
|
{% include "_hsts.conf" %}
|
|
|
|
access_log /data/logs/proxy_host-{{ id }}.log proxy;
|
|
|
|
{{ advanced_config }}
|
|
|
|
{{ locations }}
|
|
|
|
{% if use_default_location %}
|
|
|
|
location / {
|
|
|
|
{% if access_list_id > 0 %}
|
|
{% if access_list.items.length > 0 %}
|
|
# Authorization
|
|
auth_basic "Authorization required";
|
|
auth_basic_user_file /data/access/{{ access_list_id }};
|
|
|
|
{{ access_list.passauth }}
|
|
{% endif %}
|
|
|
|
# Access Rules
|
|
{% for client in access_list.clients %}
|
|
{{- client.rule -}};
|
|
{% endfor %}deny all;
|
|
|
|
# Access checks must...
|
|
{{ access_list.satisfy }};
|
|
|
|
{% endif %}
|
|
|
|
{% include "_forced_ssl.conf" %}
|
|
{% include "_hsts.conf" %}
|
|
|
|
{% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $http_connection;
|
|
proxy_http_version 1.1;
|
|
{% endif %}
|
|
|
|
# Proxy!
|
|
include conf.d/include/proxy.conf;
|
|
}
|
|
{% endif %}
|
|
|
|
# Custom
|
|
include /data/nginx/custom/server_proxy[.]conf;
|
|
}
|
|
{% endif %}
|