|
|
server {
|
|
|
listen 80;
|
|
|
|
|
|
# Base settings.
|
|
|
root {{ home }}/htdocs/;
|
|
|
|
|
|
server_name {{ fqdn }};
|
|
|
|
|
|
# HTTP (plaintext) configuration.
|
|
|
listen 80;
|
|
|
|
|
|
# HTTPS (TLS) configuration.
|
|
|
listen 443 ssl;
|
|
|
listen [::]:443 ssl;
|
|
|
ssl_certificate_key /etc/ssl/private/{{ https_tls_key | basename }};
|
|
|
ssl_certificate /etc/ssl/certs/{{ https_tls_certificate | basename }};
|
|
|
|
|
|
{% if rewrites -%}
|
|
|
# Site rewrites.
|
|
|
{% for rewrite in rewrites -%}
|
|
|
rewrite {{ rewrite }};
|
|
|
{% endfor -%}
|
|
|
{% endif %}
|
|
|
|
|
|
{% if static_locations -%}
|
|
|
# Static locations
|
|
|
{% for location in static_locations -%}
|
|
|
location {{ location }} {
|
|
|
try_files $uri $uri/ =404;
|
|
|
}
|
|
|
{% endfor -%}
|
|
|
{% endif %}
|
|
|
|
|
|
# Pass remaining requests to the WSGI server.
|
|
|
location / {
|
|
|
try_files $uri @proxy_to_app;
|
|
|
}
|
|
|
|
|
|
location @proxy_to_app {
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
proxy_set_header Host $http_host;
|