2011-06-07 00:25:04 +02:00
|
|
|
server {
|
2014-01-02 16:49:58 +01:00
|
|
|
listen <%= @listen_ip %>:<%= @ssl_port %> ssl<% if @spdy == 'on' %> spdy<% end %><% if @listen_options %> <%= @listen_options %><% end %>;
|
2013-11-22 05:18:04 +01:00
|
|
|
<% if @ipv6_enable && (defined? @ipaddress6) %>
|
2014-01-27 16:57:38 +01:00
|
|
|
listen [<%= @ipv6_listen_ip %>]:<%= @ssl_port %> ssl<% if @spdy == 'on' %> spdy<% end %><% if @ipv6_listen_options %> <%= @ipv6_listen_options %><% end %>;
|
2012-11-08 19:59:17 +01:00
|
|
|
<% end %>
|
2013-07-17 20:42:57 +02:00
|
|
|
server_name <%= @rewrite_www_to_non_www ? @name.gsub(/^www\./, '') : @server_name.join(" ") %>;
|
2011-06-07 00:25:04 +02:00
|
|
|
|
|
|
|
ssl on;
|
2013-04-16 18:12:32 +02:00
|
|
|
|
2013-07-17 20:42:57 +02:00
|
|
|
ssl_certificate <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.crt;
|
|
|
|
ssl_certificate_key <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.key;
|
2013-12-27 09:10:11 +01:00
|
|
|
<% if defined? @ssl_dhparam -%>
|
|
|
|
ssl_dhparam <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.dh.pem;
|
|
|
|
<% end -%>
|
2013-09-29 20:36:19 +02:00
|
|
|
ssl_session_cache <%= @ssl_cache %>;
|
2013-05-21 14:30:21 +02:00
|
|
|
ssl_session_timeout 5m;
|
2013-07-17 20:42:57 +02:00
|
|
|
ssl_protocols <%= @ssl_protocols %>;
|
|
|
|
ssl_ciphers <%= @ssl_ciphers %>;
|
2013-04-24 10:42:06 +02:00
|
|
|
ssl_prefer_server_ciphers on;
|
2013-12-29 15:39:21 +01:00
|
|
|
<% if @ssl_stapling -%>
|
|
|
|
ssl_stapling on;
|
|
|
|
<% end -%>
|
|
|
|
<% if defined? @ssl_stapling_file -%>
|
|
|
|
ssl_stapling_file <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.ocsp.resp;
|
|
|
|
<% end -%>
|
|
|
|
<% if defined? @ssl_stapling_responder -%>
|
|
|
|
ssl_stapling_responder <%= @ssl_stapling_responder %>;
|
|
|
|
<% end -%>
|
|
|
|
<% if @ssl_stapling_verify -%>
|
|
|
|
ssl_stapling_verify on;
|
|
|
|
<% end -%>
|
|
|
|
<% if defined? @ssl_trusted_cert -%>
|
|
|
|
ssl_trusted_certificate <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.trusted.crt;
|
|
|
|
<% end -%>
|
2013-12-29 15:48:32 +01:00
|
|
|
<% if defined? @resolver -%>
|
|
|
|
resolver <%= @resolver %>;
|
|
|
|
<% end -%>
|
2013-07-31 23:07:59 +02:00
|
|
|
<% if defined? @auth_basic -%>
|
2013-07-17 20:42:57 +02:00
|
|
|
auth_basic "<%= @auth_basic %>";
|
2013-05-20 16:30:32 +02:00
|
|
|
<% end -%>
|
2013-07-31 23:07:59 +02:00
|
|
|
<% if defined? @auth_basic_user_file -%>
|
2013-08-22 22:44:25 +02:00
|
|
|
auth_basic_user_file "<%= @auth_basic_user_file %>";
|
2013-05-20 16:30:32 +02:00
|
|
|
<% end -%>
|
2013-12-25 01:13:22 +01:00
|
|
|
<% if @index_files.count > 0 -%>
|
2013-12-29 16:13:17 +01:00
|
|
|
index <% Array(@index_files).each do |i| %> <%= i %><% end %>;
|
2013-12-19 00:07:56 +01:00
|
|
|
<% end -%>
|
2013-06-28 10:12:01 +02:00
|
|
|
|
2013-08-07 15:59:44 +02:00
|
|
|
access_log <%= @ssl_access_log %>;
|
|
|
|
error_log <%= @ssl_error_log %>;
|
2014-02-08 00:36:30 +01:00
|
|
|
|
|
|
|
<% if @vhost_cfg_prepend -%><% @vhost_cfg_prepend.sort_by{ |k, v| k.to_s == 'allow' ? '' : k.to_s }.each do |key,value| -%>
|
|
|
|
<%= key %> <%= value %>;
|
|
|
|
<% end -%><% end -%>
|
|
|
|
<% if @vhost_cfg_ssl_prepend -%><% @vhost_cfg_ssl_prepend.sort_by{ |k, v| k.to_s == 'allow' ? '' : k.to_s }.each do |key,value| -%>
|
|
|
|
<%= key %> <%= value %>;
|
|
|
|
<% end -%><% end -%>
|
2013-09-29 20:53:25 +02:00
|
|
|
<% if @root -%>
|
|
|
|
root <%= @root %>;
|
|
|
|
<% end -%>
|
2013-09-29 20:36:19 +02:00
|
|
|
<% if @passenger_cgi_param -%><% @passenger_cgi_param.each do |key,value| -%>
|
|
|
|
passenger_set_cgi_param <%= key %> <%= value %>;
|
|
|
|
<% end -%><% end -%>
|
2013-12-18 23:47:49 +01:00
|
|
|
<% @proxy_set_header.each do |header| -%>
|
|
|
|
proxy_set_header <%= header %>;
|
|
|
|
<% end -%>
|
2013-12-24 13:07:58 +01:00
|
|
|
<% if @add_header -%><% @add_header.each do |key,value| -%>
|
|
|
|
add_header <%= key %> <%= value %>;
|
|
|
|
<% end -%><% end -%>
|