1234567891011121314151617181920212223242526272829303132333435363738394041424344 |
- server {
- listen 80;
- listen [::]:80;
- listen 443 ssl http2;
- server_name {{item.server_name}};
- keepalive_timeout 200;
- {{item.custom_config | default('') | indent(2)}}
- {% if with_ssl %}
- ssl_session_timeout 5m;
- ssl_session_cache shared:SSL:50m;
- ssl_session_tickets off;
- ssl_certificate /etc/nginx/certs/ada/ada.crt;
- ssl_certificate_key /etc/nginx/certs/ada/ada.key;
- {% endif %}
- location / {
- proxy_pass {{item.proxy_pass}};
- # set host
- proxy_set_header Host $host;
- proxy_set_header X-Forwarded-For 42.42.42.42;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_set_header X-Forwarded-Host $host;
- proxy_set_header X-Forwarded-Port $server_port;
- # websocket proxy
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- # compression
- gzip on;
- gzip_types text/plain application/xml application/json;
- gzip_proxied no-cache no-store private expired auth;
- gzip_min_length 1000;
- # cache
- proxy_cache STATIC;
- }
- }
|