{% for server in ingress_servers %} server { {% if loop.index == 1 %} listen {{ ingress_listen_args }} default_server; {% else %} listen {{ ingress_listen_args }} ssl; {% endif %} server_name {{ server.name }}; # TLS configuration ssl_certificate /etc/letsencrypt/live/{{ ingress_servers[0].name }}/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/{{ ingress_servers[0].name }}/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/{{ ingress_servers[0].name }}/chain.pem; ssl_dhparam /etc/letsencrypt/dhparams/dhparam.pem; {% if server.directives is defined %} # Extra directives {% for directive in server.directives %} {{ directive }}; {% endfor %} {% endif %} {% if server.proxies is defined %} # Proxy locations {% for proxy in server.proxies %} location {{ proxy.location }} { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_pass {{ proxy.pass }}; } {% endfor %} {% endif %} {% if server.locations is defined %} # Extra manually-defined locations {% for location in server.locations %} location {{ location.location }} { {{ location.contents }} } {% endfor %} {% endif %} } {% endfor %}