ansible/roles/ingress/templates/vhosts.conf.j2

47 lines
1.2 KiB
Plaintext
Raw Normal View History

{% for server in ingress_servers %}
server {
{% if loop.index == 1 %}
listen {{ ingress_listen_args }} default_server;
{% else %}
listen {{ ingress_listen_args }} ssl;
{% endif %}
server_name {{ server.name }};
{% if ingress_listen_tls %}
# TLS configuration
ssl_certificate /etc/letsencrypt/live/{{ ingress_servers[0].name }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ ingress_servers[0].name }}/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/{{ ingress_servers[0].name }}/chain.pem;
ssl_dhparam /etc/letsencrypt/dhparams/dhparam.pem;
{% endif %}
{% if server.directives is defined %}
# Extra directives
{% for directive in server.directives %}
{{ directive }};
{% endfor %}
{% endif %}
{% if server.proxies is defined %}
# Proxy locations
{% for proxy in server.proxies %}
location {{ proxy.location }} {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass {{ proxy.pass }};
}
{% endfor %}
{% endif %}
{% if server.locations is defined %}
# Extra manually-defined locations
{% for location in server.locations %}
location {{ location.location }} {
{{ location.contents }}
}
{% endfor %}
{% endif %}
}
{% endfor %}