Chris Hammer
3b5a8e2c54
--------------------------
* ADD:
- add tags to each task
- added clean deploy task for site removals; will only run if task tag is used
- added tower2.thezengarden.net to site list for testing awx installs/upgrades
* MODIFY:
- modified awx site reference to be tower
64 lines
2.4 KiB
Django/Jinja
64 lines
2.4 KiB
Django/Jinja
#####################################################
|
|
# The Zen Garden Network #
|
|
# #
|
|
# Configuration : {{ proxy_site_conf_dir }}/{{ item.key }}.conf #
|
|
# Version : {{ proxy_site_version }}-{{ proxy_site_revision }} #
|
|
# #
|
|
# Chris H. <chris@thezengarden.net> #
|
|
#####################################################
|
|
|
|
|
|
### Configuration for: {{ item.key }}
|
|
################################################
|
|
server {
|
|
listen 443 ssl;
|
|
server_name {{ item.key }} {% if proxy_sites[item.key]['aliases'] is defined %}{{ proxy_sites[item.key]['aliases'] }}{% endif %};
|
|
|
|
ssl_certificate {{ proxy_sites[item.key]['ssl_cert'] | default(proxy_site_ssl_certificate) }};
|
|
ssl_certificate_key {{ proxy_sites[item.key]['ssl_key'] | default(proxy_site_ssl_certificate_key) }};
|
|
ssl_session_cache shared:SSL:10m;
|
|
ssl_protocols {{ proxy_site_ssl_protocols }};
|
|
ssl_ciphers {{ proxy_site_ssl_ciphers }};
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
access_log {{ proxy_site_log_path }}/{{ item.key }}.log;
|
|
|
|
{% if proxy_sites[item.key]['max_upload'] is defined %}
|
|
client_max_body_size {{ proxy_sites[item.key]['max_upload'] }};
|
|
{% endif %}
|
|
|
|
location / {
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-Host $host;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
#proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Proto https;
|
|
proxy_set_header Host $host;
|
|
|
|
{% if item.key == "tower.thezengarden.net" or item.key == "tower2.thezengarden.net" %}
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
{% endif %}
|
|
|
|
proxy_pass {{ proxy_sites[item.key]['proto'] }}://{{ proxy_sites[item.key]['dest'] }}:{{ proxy_sites[item.key]['port'] }};
|
|
|
|
|
|
# re-write redirects to http as to https
|
|
proxy_redirect http:// https://;
|
|
}
|
|
|
|
{% if item.key == "seafile.thezengarden.net" %}
|
|
location /seafhttp {
|
|
rewrite ^/seafhttp(.*)$ $1 break;
|
|
proxy_pass {{ proxy_sites[item.key]['proto'] }}://{{ proxy_sites[item.key]['dest'] }}:{{ proxy_sites[item.key]['seafhttp_port'] }};
|
|
client_max_body_size 0;
|
|
|
|
proxy_connect_timeout 36000s;
|
|
proxy_read_timeout 36000s;
|
|
proxy_send_timeout 36000s;
|
|
send_timeout 36000s;
|
|
proxy_request_buffering off;
|
|
}
|
|
{% endif %}
|
|
}
|