Update vhost-gen templates

cfg/vhost-gen/README.md

@@ -4,11 +4,29 @@ Enabling templates in this directory will change the webserver vhost configurati
 
 In order for template files to be picked up by the web server they must have the correct name.
 
-Copy the example templates to a new file with the correct name.
+Copy the example templates to a new file with the correct name either in this directory which
+will then apply those settings for all vhosts or into the corresponding project directory to
+only make the settings for a specific project.
 
-| Web server     | Example template        | Template name  |
-|----------------|-------------------------|----------------|
-| Apache 2.2     |  `apache22.yml-example` | `apache22.yml` |
-| Apache 2.4     |  `apache24.yml-example` | `apache24.yml` |
-| Nginx stable   |  `nginx.yml-example`    | `nginx.yml`    |
-| Nginx mainline |  `nginx.yml-example`    | `nginx.yml`    |
+
+## Normal virtual hosts
+
+| Web server     | Example template               | Template name  |
+|----------------|--------------------------------|----------------|
+| Apache 2.2     |  `apache22.yml-example-vhost`  | `apache22.yml` |
+| Apache 2.4     |  `apache24.yml-example-vhost`  | `apache24.yml` |
+| Nginx stable   |  `nginx.yml-example-vhost`     | `nginx.yml`    |
+| Nginx mainline |  `nginx.yml-example-vhost`     | `nginx.yml`    |
+
+
+## Reverse proxy virtual hosts
+
+**Do not apply the `*-rproxy` templates globally (in this directory), or everything will stop
+working. Use them only for per project settings!**
+
+| Web server     | Example template               | Template name  |
+|----------------|--------------------------------|----------------|
+| Apache 2.2     |  `apache22.yml-example-rproxy` | `apache22.yml` |
+| Apache 2.4     |  `apache24.yml-example-rproxy` | `apache24.yml` |
+| Nginx stable   |  `nginx.yml-example-rproxy`    | `nginx.yml`    |
+| Nginx mainline |  `nginx.yml-example-rproxy`    | `nginx.yml`    |

cfg/vhost-gen/nginx.yml-example-rproxy

@@ -0,0 +1,127 @@
+---
+
+# Nginx vHost Template defintion for vhost-gen.py
+#
+# The 'feature' section contains optional features that can be enabled via
+# conf.yml and will then be replaced into the main vhost ('structure' section)
+# into their corresponding position:
+#
+#    __XDOMAIN_REQ__
+#    __PHP_FPM__
+#    __ALIASES__
+#    __DENIES__
+#    __STATUS__
+#
+# The features itself also contain variables to be adjusted in conf.yml
+# and will then be replaced in their corresponding feature section
+# before being replaced into the vhost section (if enabled):
+#
+# PHP-FPM:
+#    __PHP_ADDR__
+#    __PHP_PORT__
+# XDomain:
+#    __REGEX__
+# Alias:
+#    __REGEX__
+#    __PATH__
+# Deny:
+#    __REGEX__
+# Status:
+#    __REGEX__
+#
+# Variables to be replaced directly in the vhost configuration can also be set
+# in conf.yml and include:
+#    __VHOST_NAME__
+#    __DOCUMENT_ROOT__
+#    __INDEX__
+#    __ACCESS_LOG__
+#    __ERROR_LOG__
+#    __PHP_ADDR__
+#    __PHP_PORT__
+#
+
+
+###
+### Basic vHost skeleton
+###
+vhost: |
+  server {
+      listen       __PORT____DEFAULT_VHOST__;
+      server_name  __VHOST_NAME__;
+
+      access_log   "__ACCESS_LOG__" combined;
+      error_log    "__ERROR_LOG__" warn;
+
+      # Reverse Proxy definition (Ensure to adjust the port, currently '8000')
+      location / {
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_pass http://php:8000;
+      }
+
+  __REDIRECT__
+  __SSL__
+  __ALIASES__
+  __DENIES__
+  __SERVER_STATUS__
+      # Custom directives
+  __CUSTOM__
+  }
+
+###
+### vHost Type (normal or reverse proxy)
+###
+vhost_type:
+  docroot: ""
+  rproxy: ""
+
+###
+### Optional features to be enabled in vHost
+###
+features:
+
+  # SSL Configuration
+  ssl: |
+    ssl_certificate           __SSL_PATH_CRT__;
+    ssl_certificate_key       __SSL_PATH_KEY__;
+    ssl_protocols             __SSL_PROTOCOLS__;
+    ssl_prefer_server_ciphers __SSL_HONOR_CIPHER_ORDER__;
+    ssl_ciphers               __SSL_CIPHERS__;
+
+  # Redirect to SSL directive
+  redirect: |
+    return 301 https://__VHOST_NAME__:__SSL_PORT__$request_uri;
+
+  # PHP-FPM left empty, as we are an reverse proxy configuration
+  php_fpm: ""
+
+  alias: |
+    # Alias Definition
+    location ~ __ALIAS__ {
+        root  __PATH__;
+    __XDOMAIN_REQ__
+    }
+
+  deny: |
+    # Deny Definition
+    location ~ __REGEX__ {
+        deny all;
+    }
+
+  server_status: |
+    # Status Page
+    location ~ __REGEX__ {
+        stub_status on;
+        access_log off;
+    }
+
+  xdomain_request: |
+    # Allow cross domain request from these hosts
+    if ( $http_origin ~* (__REGEX__) ) {
+        add_header "Access-Control-Allow-Origin" "$http_origin";
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+        add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
+        add_header 'Access-Control-Expose-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
+        add_header 'Access-Control-Max-Age' 0;
+        return 200;
+    }