2019-01-18 13:52:23 +00:00
|
|
|
#jinja2: lstrip_blocks: True
|
|
|
|
|
# {{ ansible_managed }}
|
|
|
|
|
upstream backend_matrix {
|
2019-01-19 01:00:00 +00:00
|
|
|
server {{ matrix_nginx_proxy_ip }}:{{ matrix_nginx_proxy_port }};
|
2019-01-18 13:52:23 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
server {
|
|
|
|
|
listen 80;
|
|
|
|
|
server_name {{ matrix_base_url | urlsplit('hostname') }};
|
|
|
|
|
|
|
|
|
|
client_max_body_size 200M;
|
|
|
|
|
|
|
|
|
|
{% if matrix_nginx_tls_enabled %}
|
|
|
|
|
return 301 https://$server_name$request_uri;
|
|
|
|
|
{% else %}
|
|
|
|
|
location / {
|
2019-01-19 01:00:00 +00:00
|
|
|
proxy_pass {{ 'https' if matrix_tls_enabled else 'http' }}://backend_matrix;
|
2019-01-18 13:52:23 +00:00
|
|
|
proxy_set_header X-Forwarded-For $remote_addr;
|
|
|
|
|
}
|
|
|
|
|
{% endif %}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
{% if matrix_nginx_tls_enabled %}
|
|
|
|
|
server {
|
|
|
|
|
listen 443 ssl;
|
|
|
|
|
server_name {{ matrix_base_url | urlsplit('hostname') }};
|
|
|
|
|
|
|
|
|
|
client_max_body_size 200M;
|
|
|
|
|
|
|
|
|
|
location / {
|
2019-01-19 01:00:00 +00:00
|
|
|
proxy_pass {{ 'https' if matrix_tls_enabled else 'http' }}://backend_matrix;
|
2019-01-18 13:52:23 +00:00
|
|
|
proxy_set_header X-Forwarded-For $remote_addr;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ssl_certificate /etc/pki/tls/certs/{{ matrix_nginx_tls_cert_file }};
|
|
|
|
|
ssl_certificate_key /etc/pki/tls/private/{{ matrix_nginx_tls_key_file }};
|
|
|
|
|
}
|
|
|
|
|
{% endif %}
|
