36 lines
924 B
Django/Jinja
36 lines
924 B
Django/Jinja
#jinja2: lstrip_blocks: True
|
|
# {{ ansible_managed }}
|
|
{% if item.value.proxy_server is defined %}
|
|
upstream backends {
|
|
{% for server in item.value.proxy_server %}
|
|
server {{ server }};
|
|
{% endfor %}
|
|
}
|
|
{% endif %}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name {{ item.value.server_name }};
|
|
|
|
return 301 https://$server_name$request_uri;
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name {{ item.value.server_name }};
|
|
|
|
location / {
|
|
proxy_pass https://backends;
|
|
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "Upgrade";
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-Host $server_name;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
ssl_certificate /etc/pki/tls/certs/le-rknet.pem;
|
|
ssl_certificate_key /etc/pki/tls/private/le-rknet.pem;
|
|
}
|