mirror of
https://github.com/cytopia/devilbox.git
synced 2025-01-17 10:19:48 +00:00
122 lines
3.0 KiB
Plaintext
122 lines
3.0 KiB
Plaintext
---
|
|
|
|
# Nginx Reverse Proxy Template defintion for vhost-gen.py
|
|
#
|
|
# The 'feature' section contains optional features that can be enabled via
|
|
# conf.yml and will then be replaced into the main vhost ('structure' section)
|
|
# into their corresponding position:
|
|
#
|
|
# __XDOMAIN_REQ__
|
|
# __ALIASES__
|
|
# __DENIES__
|
|
# __STATUS__
|
|
#
|
|
# The features itself also contain variables to be adjusted in conf.yml
|
|
# and will then be replaced in their corresponding feature section
|
|
# before being replaced into the vhost section (if enabled):
|
|
#
|
|
# XDomain:
|
|
# __REGEX__
|
|
# Alias:
|
|
# __REGEX__
|
|
# __PATH__
|
|
# Deny:
|
|
# __REGEX__
|
|
# Status:
|
|
# __REGEX__
|
|
#
|
|
# Variables to be replaced directly in the vhost configuration can also be set
|
|
# in conf.yml and include:
|
|
# __VHOST_NAME__
|
|
# __DOCUMENT_ROOT__
|
|
# __INDEX__
|
|
# __ACCESS_LOG__
|
|
# __ERROR_LOG__
|
|
#
|
|
|
|
|
|
###
|
|
### Basic vHost skeleton
|
|
###
|
|
vhost: |
|
|
server {
|
|
listen __PORT____HTTP_PROTO____DEFAULT_VHOST__;
|
|
server_name __VHOST_NAME__;
|
|
|
|
access_log "__ACCESS_LOG__" combined;
|
|
error_log "__ERROR_LOG__" warn;
|
|
|
|
# Reverse Proxy definition (Ensure to adjust the port, currently '8000')
|
|
location / {
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_pass http://php:8000;
|
|
}
|
|
|
|
__REDIRECT__
|
|
__SSL__
|
|
__ALIASES__
|
|
__DENIES__
|
|
__SERVER_STATUS__
|
|
# Custom directives
|
|
__CUSTOM__
|
|
}
|
|
|
|
###
|
|
### vHost Type (normal or reverse proxy)
|
|
###
|
|
vhost_type:
|
|
docroot: ""
|
|
rproxy: ""
|
|
|
|
###
|
|
### Optional features to be enabled in vHost
|
|
###
|
|
features:
|
|
|
|
# SSL Configuration
|
|
ssl: |
|
|
ssl_certificate __SSL_PATH_CRT__;
|
|
ssl_certificate_key __SSL_PATH_KEY__;
|
|
ssl_protocols __SSL_PROTOCOLS__;
|
|
ssl_prefer_server_ciphers __SSL_HONOR_CIPHER_ORDER__;
|
|
ssl_ciphers __SSL_CIPHERS__;
|
|
|
|
# Redirect to SSL directive
|
|
redirect: |
|
|
return 301 https://__VHOST_NAME__:__SSL_PORT__$request_uri;
|
|
|
|
# PHP-FPM left empty, as we are an reverse proxy configuration
|
|
php_fpm: ""
|
|
|
|
alias: |
|
|
# Alias Definition
|
|
location ~ __ALIAS__ {
|
|
root __PATH__;
|
|
__XDOMAIN_REQ__
|
|
}
|
|
|
|
deny: |
|
|
# Deny Definition
|
|
location ~ __REGEX__ {
|
|
deny all;
|
|
}
|
|
|
|
server_status: |
|
|
# Status Page
|
|
location ~ __REGEX__ {
|
|
stub_status on;
|
|
access_log off;
|
|
}
|
|
|
|
xdomain_request: |
|
|
# Allow cross domain request from these hosts
|
|
if ( $http_origin ~* (__REGEX__) ) {
|
|
add_header "Access-Control-Allow-Origin" "$http_origin";
|
|
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
|
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
|
|
add_header 'Access-Control-Expose-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
|
|
add_header 'Access-Control-Max-Age' 0;
|
|
return 200;
|
|
}
|