module-nginx/templates/vhost/vhost_ssl_header.erb

server {
  listen       <%= @listen_ip %>:<%= @ssl_port %> ssl<% if @spdy == 'on' %> spdy<% end %><% if @listen_options %><%= @listen_options %><% end %>;
  <% if @ipv6_enable == 'true' && (defined? ipaddress6) %>
  listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %> ipv6only=on;
  <% end %>
  server_name  <%= @rewrite_www_to_non_www ? @name.gsub(/^www\./, '') : @server_name.join(" ") %>;

  ssl on;

  ssl_certificate           <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.crt;
  ssl_certificate_key       <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.key;
  ssl_session_cache         shared:SSL:10m;
  ssl_session_timeout       5m;
  ssl_protocols             <%= @ssl_protocols %>;
  ssl_ciphers               <%= @ssl_ciphers %>;
  ssl_prefer_server_ciphers on;
<% if defined? @auth_basic -%>
  auth_basic                "<%= @auth_basic %>";
<% end -%>
<% if defined? @auth_basic_user_file -%>
  auth_basic_user_file      <%= @auth_basic_user_file %>;
<% end -%>

  access_log            <%= @ssl_access_log %>;
  error_log             <%= @ssl_error_log %>;
Added SuSE Support 2011-06-07 00:25:04 +02:00			`server {`
Fix deprecated variable names 2013-07-17 20:42:57 +02:00			`listen <%= @listen_ip %>:<%= @ssl_port %> ssl<% if @spdy == 'on' %> spdy<% end %><% if @listen_options %><%= @listen_options %><% end %>;`
			`<% if @ipv6_enable == 'true' && (defined? ipaddress6) %>`
			`listen [<%= @ipv6_listen_ip %>]:<%= @ipv6_listen_port %> <% if @ipv6_listen_options %><%= @ipv6_listen_options %><% end %> ipv6only=on;`
Fixup incorrect changes from merge 2012-11-08 19:59:17 +01:00			`<% end %>`
Fix deprecated variable names 2013-07-17 20:42:57 +02:00			`server_name <%= @rewrite_www_to_non_www ? @name.gsub(/^www\./, '') : @server_name.join(" ") %>;`
Added SuSE Support 2011-06-07 00:25:04 +02:00
			`ssl on;`
* Get ssl key/cert with provided file-locations * Parameter index has now become optional * Fix typos 2013-04-16 18:12:32 +02:00
Fix deprecated variable names 2013-07-17 20:42:57 +02:00			`ssl_certificate <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.crt;`
			`ssl_certificate_key <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= @name.gsub(' ', '_') %>.key;`
Changed SSL ciphers to the recent default for Nginx which is much more secure Added SSL caching to speed up SSL requests Add server_tokens to the global config so this can be turned on\|off between dev and prod Add proxy_set_header to vhost as different vhosts may require different headers and the global setting is not ideal Minor space formatting so that the generated files are fractionally more readable 2013-04-24 10:42:06 +02:00			`ssl_session_cache shared:SSL:10m;`
Merge branch 'master' of https://github.com/jfryman/puppet-nginx Conflicts: manifests/config.pp manifests/init.pp manifests/params.pp manifests/resource/location.pp manifests/resource/vhost.pp manifests/service.pp templates/vhost/vhost_footer.erb templates/vhost/vhost_header.erb templates/vhost/vhost_location_directory.erb templates/vhost/vhost_location_proxy.erb templates/vhost/vhost_ssl_header.erb tests/vhost.pp 2013-05-21 14:30:21 +02:00			`ssl_session_timeout 5m;`
Fix deprecated variable names 2013-07-17 20:42:57 +02:00			`ssl_protocols <%= @ssl_protocols %>;`
			`ssl_ciphers <%= @ssl_ciphers %>;`
Changed SSL ciphers to the recent default for Nginx which is much more secure Added SSL caching to speed up SSL requests Add server_tokens to the global config so this can be turned on\|off between dev and prod Add proxy_set_header to vhost as different vhosts may require different headers and the global setting is not ideal Minor space formatting so that the generated files are fractionally more readable 2013-04-24 10:42:06 +02:00			`ssl_prefer_server_ciphers on;`
* Option fastcgi_script fixed * Options location_cfg_append and location_cfg_prepend added to fastcgi template * Option www_root is optional now * Options logging fixed in http template * Auth_basic fixed in SSL vhost header 2013-07-31 23:07:59 +02:00			`<% if defined? @auth_basic -%>`
Fix deprecated variable names 2013-07-17 20:42:57 +02:00			`auth_basic "<%= @auth_basic %>";`
* Fixed listen parameter in template vhost_ssl_header * Added auth basic support * Added vhost_cfg_append parameter to `nginx::resource::vhost` 2013-05-20 16:30:32 +02:00			`<% end -%>`
* Option fastcgi_script fixed * Options location_cfg_append and location_cfg_prepend added to fastcgi template * Option www_root is optional now * Options logging fixed in http template * Auth_basic fixed in SSL vhost header 2013-07-31 23:07:59 +02:00			`<% if defined? @auth_basic_user_file -%>`
Fix deprecated variable names 2013-07-17 20:42:57 +02:00			`auth_basic_user_file <%= @auth_basic_user_file %>;`
* Fixed listen parameter in template vhost_ssl_header * Added auth basic support * Added vhost_cfg_append parameter to `nginx::resource::vhost` 2013-05-20 16:30:32 +02:00			`<% end -%>`
vhosts_ssl_header.erb was missing access_log and error_log directives 2013-06-28 10:12:01 +02:00
Add custom logs to ssl vhosts as well. 2013-08-07 15:59:44 +02:00			`access_log <%= @ssl_access_log %>;`
			`error_log <%= @ssl_error_log %>;`