server {
  listen       <%= listen_ip %>:<%= ssl_port %> ssl<% if spdy == 'on' %> spdy<% end %><% if @listen_options %><%= listen_options %><% end %>;
  <% if ipv6_enable == 'true' && (defined? ipaddress6) %>
  listen [<%= ipv6_listen_ip %>]:<%= ipv6_listen_port %> <% if @ipv6_listen_options %><%= ipv6_listen_options %><% end %> ipv6only=on;
  <% end %>
  server_name  <%= rewrite_www_to_non_www ? name.gsub(/^www\./, '') : server_name.join(" ") %>;

  ssl on;

  ssl_certificate           <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= name.gsub(' ', '_') %>.crt;
  ssl_certificate_key       <%= scope.lookupvar('nginx::params::nx_conf_dir') %>/<%= name.gsub(' ', '_') %>.key;
  ssl_session_cache         shared:SSL:10m;
  ssl_session_timeout       5m;
  ssl_protocols             <%= ssl_protocols %>;
  ssl_ciphers               <%= ssl_ciphers %>;
  ssl_prefer_server_ciphers on;

<% if auth_basic != :undef -%>
  auth_basic                "<%= auth_basic %>";
<% end -%>
<% if auth_basic_user_file != :undef -%>
  auth_basic_user_file      <%= auth_basic_user_file %>;
<% end -%>