Browse Source

Beautify/Enhance HTTP template

devuan/0.14.0
Beer 2 years ago
parent
commit
8a5bfbf32f
No known key found for this signature in database GPG Key ID: E7D86E358DC831A4
  1. 508
      templates/http/default.conf.j2

508
templates/http/default.conf.j2

@ -1,28 +1,40 @@
{{ ansible_managed | comment }}
{% if item.value.upstreams is defined and item.value.upstreams %}
{% for upstream in item.value.upstreams %}
upstream {{ item.value.upstreams[upstream].name }} {
{% if item.value.upstreams[upstream].lb_method is defined and item.value.upstreams[upstream].lb_method | length %}
{{ item.value.upstreams[upstream].lb_method }};
{% endif %}
{% if item.value.upstreams[upstream].zone_name is defined and item.value.upstreams[upstream].zone_name %}
zone {{ item.value.upstreams[upstream].zone_name }} {{ item.value.upstreams[upstream].zone_size }};
{% endif %}
{% for server in item.value.upstreams[upstream].servers %}
server {{ item.value.upstreams[upstream].servers[server].address }}:{{ item.value.upstreams[upstream].servers[server].port }} weight={{ item.value.upstreams[upstream].servers[server].weight|default("1") }} {{ item.value.upstreams[upstream].servers[server].health_check|default("") }};
{% endfor %}
{% if item.value.upstreams[upstream].custom_options is defined and item.value.upstreams[upstream].custom_options | length %}
{% for inline_option in item.value.upstreams[upstream].custom_options %}
{%- if item.value.upstreams is mapping %}
{% for key, upstream in item.value.upstreams|dictsort %}
upstream {{ upstream.name }} {
{% if upstream.lb_method is defined and upstream.lb_method | length %}
{{ upstream.lb_method }};
{% endif %}
{% if upstream.zone_name is defined and upstream.zone_name %}
zone {{ upstream.zone_name }} {{ upstream.zone_size }};
{% endif %}
{% for key, server in upstream.servers|dictsort %}
server {{ server.address }}:{{ server.port }}
{%- if server.weight|d() %}
weight={{ server.weight }}
{%- endif -%}
;
{% endfor %}
{% if upstream.custom_options is defined %}
{% if upstream.custom_options is mapping %}
{% for inline_option, value in upstream.custom_options|dictsort %}
{{ inline_option }} {{ value }};
{% endfor %}
{% elif upstream.custom_options is iterable %}
{% for inline_option in upstream.custom_options %}
{{ inline_option }};
{% endfor %}
{% endif %}
{% endif %}
}
{% endfor %}
{% endif %}
{% if item.value.proxy_cache is defined and item.value.proxy_cache %}
{% if item.value.proxy_cache.proxy_cache_path is defined and item.value.proxy_cache.proxy_cache_path %}
{%- if item.value.proxy_cache is mapping %}
{% if item.value.proxy_cache.proxy_cache_path is iterable %}
{% for proxy_cache_path in item.value.proxy_cache.proxy_cache_path %}
proxy_cache_path {{ proxy_cache_path.path }} keys_zone={{ proxy_cache_path.keys_zone.name }}:{{ proxy_cache_path.keys_zone.size }}
levels={{ proxy_cache_path.levels }} max_size={{ proxy_cache_path.max_size }}
@ -67,94 +79,107 @@ auth_request {{ item.value.auth_request_http }};
auth_request_set {{ item.value.auth_request_set_http.name }} {{ item.value.auth_request_set_http.value }};
{% endif %}
{% if item.value.custom_options is defined and item.value.custom_options | length %}
{%- if item.value.custom_options is defined %}
{% if item.value.custom_options is mapping %}
{% for inline_option, value in item.value.custom_options|dictsort %}
{{ inline_option }} {{ value }};
{% endfor %}
{% elif item.value.custom_options is iterable %}
{% for inline_option in item.value.custom_options %}
{{ inline_option }};
{% endfor %}
{% endif %}
{% endif %}
{%- if item.value.servers is mapping %}
{% for key, server in item.value.servers|dictsort %}
{% if item.value.servers is defined %}
{% for server in item.value.servers %}
server {
{% for listen in item.value.servers[server].listen %}
listen {% if item.value.servers[server].listen[listen].ip is defined and item.value.servers[server].listen[listen].ip | length %}{{ item.value.servers[server].listen[listen].ip }}:{% endif %}{{ item.value.servers[server].listen[listen].port }}{% if item.value.servers[server].listen[listen].ssl is defined and item.value.servers[server].listen[listen].ssl %} ssl{% endif %}{% if item.value.servers[server].listen[listen].opts is defined and item.value.servers[server].listen[listen].opts | length %} {{ item.value.servers[server].listen[listen].opts | join(" ") }}{% endif %};
{% for key, listen in server.listen|dictsort %}
listen {% if listen.ip is defined and listen.ip | ipaddr %}
{% if listen.ip | ipv4 %}{{ listen.ip }}:{% else %}[{{ listen.ip }}]:{% endif %}
{% endif %}
{{ listen.port }}{% if listen.ssl is defined and listen.ssl %} ssl{% endif %}{% if listen.opts is defined and listen.opts | length %} {{ listen.opts | join(" ") }}{% endif %};
{% endfor %}
server_name {{ item.value.servers[server].server_name | default('localhost') }};
{% if item.value.servers[server].ssl is defined and item.value.servers[server].ssl %}
ssl_certificate {{ item.value.servers[server].ssl.cert }};
ssl_certificate_key {{ item.value.servers[server].ssl.key }};
{% if item.value.servers[server].ssl.trusted_cert is defined %}
ssl_trusted_certificate {{ item.value.servers[server].ssl.trusted_cert }};
server_name {{ server.server_name | default('localhost') }};
{% if server.ssl is mapping %}
ssl_certificate {{ server.ssl.cert }};
ssl_certificate_key {{ server.ssl.key }};
{% if server.ssl.trusted_cert is defined %}
ssl_trusted_certificate {{ server.ssl.trusted_cert }};
{% endif %}
{% if item.value.servers[server].ssl.dhparam is defined %}
ssl_dhparam {{ item.value.servers[server].ssl.dhparam }};
{% if server.ssl.dhparam is defined %}
ssl_dhparam {{ server.ssl.dhparam }};
{% endif %}
{% if item.value.servers[server].ssl.protocols is defined and item.value.servers[server].ssl.protocols %}
ssl_protocols {{ item.value.servers[server].ssl.protocols }};
{% if server.ssl.protocols is defined and server.ssl.protocols %}
ssl_protocols {{ server.ssl.protocols }};
{% endif %}
{% if item.value.servers[server].ssl.ciphers is defined and item.value.servers[server].ssl.ciphers %}
ssl_ciphers {{ item.value.servers[server].ssl.ciphers }};
{% if server.ssl.ciphers is defined and server.ssl.ciphers %}
ssl_ciphers {{ server.ssl.ciphers }};
{% endif %}
{% if item.value.servers[server].ssl.prefer_server_ciphers is defined and item.value.servers[server].ssl.prefer_server_ciphers %}
{% if server.ssl.prefer_server_ciphers is defined and server.ssl.prefer_server_ciphers %}
ssl_prefer_server_ciphers on;
{% endif %}
{% if item.value.servers[server].ssl.session_cache is defined and item.value.servers[server].ssl.session_cache %}
ssl_session_cache {{ item.value.servers[server].ssl.session_cache }};
{% if server.ssl.session_cache is defined and server.ssl.session_cache %}
ssl_session_cache {{ server.ssl.session_cache }};
{% endif %}
{% if item.value.servers[server].ssl.session_timeout is defined and item.value.servers[server].ssl.session_timeout %}
ssl_session_timeout {{ item.value.servers[server].ssl.session_timeout }};
{% if server.ssl.session_timeout is defined and server.ssl.session_timeout %}
ssl_session_timeout {{ server.ssl.session_timeout }};
{% endif %}
{% if item.value.servers[server].ssl.disable_session_tickets is defined and item.value.servers[server].ssl.disable_session_tickets %}
{% if server.ssl.disable_session_tickets is defined and server.ssl.disable_session_tickets %}
ssl_session_tickets off;
{% endif %}
{% if item.value.servers[server].ssl.stapling is defined and item.value.servers[server].ssl.stapling %}
{% if server.ssl.stapling is defined and server.ssl.stapling %}
ssl_stapling on;
{% endif %}
{% if item.value.servers[server].ssl.stapling_verify is defined and item.value.servers[server].ssl.stapling_verify %}
{% if server.ssl.stapling_verify is defined and server.ssl.stapling_verify %}
ssl_stapling_verify on;
{% endif %}
{% endif %}
{% if item.value.servers[server].include_files is defined and item.value.servers[server].include_files | length %}
{% for file in item.value.servers[server].include_files %}
{% if server.include_files is defined and server.include_files | length %}
{% for file in server.include_files %}
include "{{ file }}";
{% endfor %}
{% endif %}
{% if item.value.servers[server].proxy_hide_headers is defined %}
{% for header in item.value.servers[server].proxy_hide_headers %}
{% if server.proxy_hide_headers is defined %}
{% for header in server.proxy_hide_headers %}
proxy_hide_header {{ header }};
{% endfor %}
{% endif %}
{% if item.value.servers[server].add_headers is defined %}
{% for header in item.value.servers[server].add_headers %}
add_header {{ item.value.servers[server].add_headers[header].name }} "{{ item.value.servers[server].add_headers[header].value }}"{% if item.value.servers[server].add_headers[header].always is defined and item.value.servers[server].add_headers[header].always %} always{% endif %};
{% if server.add_headers is defined %}
{% for key, header in server.add_headers|dictsort %}
add_header {{ header.name }} "{{ header.value }}"{% if header.always is defined and header.always %} always{% endif %};
{% endfor %}
{% endif %}
{% if item.value.servers[server].auth_basic is defined and item.value.servers[server].auth_basic %}
auth_basic "{{ item.value.servers[server].auth_basic }}";
{% if server.auth_basic is defined and server.auth_basic %}
auth_basic "{{ server.auth_basic }}";
{% endif %}
{% if item.value.servers[server].auth_basic_user_file is defined and item.value.servers[server].auth_basic_user_file %}
auth_basic_user_file {{ item.value.servers[server].auth_basic_user_file }};
{% if server.auth_basic_user_file is defined and server.auth_basic_user_file %}
auth_basic_user_file {{ server.auth_basic_user_file }};
{% endif %}
{% if item.value.servers[server].root is defined and item.value.servers[server].root %}
root {{ item.value.servers[server].root }};
{% if server.root is defined and server.root %}
root {{ server.root }};
{% endif %}
{% if item.value.servers[server].https_redirect is defined and item.value.servers[server].https_redirect %}
return 301 https://{{ item.value.servers[server].https_redirect }}$request_uri;
{% if server.https_redirect is defined and server.https_redirect %}
return 301 https://{{ server.https_redirect }}$request_uri;
{% endif %}
{% if item.value.servers[server].autoindex is defined and item.value.servers[server].autoindex %}
{% if server.autoindex is defined and server.autoindex %}
autoindex on;
{% endif %}
{% if item.value.servers[server].try_files is defined %}
try_files {{ item.value.servers[server].try_files }};
{% if server.try_files is defined %}
try_files {{ server.try_files }};
{% endif %}
{% if item.value.servers[server].auth_request is defined %}
auth_request {{ item.value.servers[server].auth_request }};
{% if server.auth_request is defined %}
auth_request {{ server.auth_request }};
{% endif %}
{% if item.value.servers[server].auth_request_set is defined %}
auth_request_set {{ item.value.servers[server].auth_request_set.name }} {{ item.value.servers[server].auth_request_set.value }};
{% if server.auth_request_set is defined %}
auth_request_set {{ server.auth_request_set.name }} {{ server.auth_request_set.value }};
{% endif %}
{% if item.value.servers[server].client_max_body_size is defined and item.value.servers[server].client_max_body_size %}
client_max_body_size {{ item.value.servers[server].client_max_body_size }};
{% if server.client_max_body_size is defined and server.client_max_body_size %}
client_max_body_size {{ server.client_max_body_size }};
{% endif %}
{% if item.value.servers[server].sub_filter.sub_filters is defined and item.value.servers[server].sub_filter.sub_filters | length %}
{% for sub_filter in item.value.servers[server].sub_filter.sub_filters %}
@ -170,144 +195,151 @@ server {
{% if item.value.servers[server].sub_filter.types is defined and item.value.servers[server].sub_filter.types %}
sub_filter_types {{ item.value.servers[server].sub_filter.types }};
{% endif %}
{% if item.value.servers[server].custom_options is defined and item.value.servers[server].custom_options | length %}
{% for inline_option in item.value.servers[server].custom_options %}
{% if server.custom_options is defined %}
{% if server.custom_options is mapping %}
{% for inline_option, value in server.custom_options|dictsort %}
{{ inline_option }} {{ value }};
{% endfor %}
{% elif server.custom_options is iterable %}
{% for inline_option in server.custom_options %}
{{ inline_option }};
{% endfor %}
{% endif %}
{% endif %}
{%- if server.reverse_proxy is defined and server.reverse_proxy %}
{% if item.value.servers[server].reverse_proxy is defined and item.value.servers[server].reverse_proxy %}
{% for location in item.value.servers[server].reverse_proxy.locations %}
location {{ item.value.servers[server].reverse_proxy.locations[location].location }} {
{% if item.value.servers[server].reverse_proxy.locations[location].internal is sameas true %}
{% for key, location in server.reverse_proxy.locations|dictsort %}
location {{ location.location }} {
{% if location.internal is sameas true %}
internal;
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].include_files is defined and item.value.servers[server].reverse_proxy.locations[location].include_files | length %}
{% for file in item.value.servers[server].reverse_proxy.locations[location].include_files %}
{% if location.include_files is defined and location.include_files | length %}
{% for file in location.include_files %}
include "{{ file }}";
{% endfor %}
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_hide_headers is defined %}
{% for header in item.value.servers[server].reverse_proxy.locations[location].proxy_hide_headers %}
{% if location.proxy_hide_headers is defined %}
{% for header in location.proxy_hide_headers %}
proxy_hide_header {{ header }};
{% endfor %}
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].add_headers is defined %}
{% for header in item.value.servers[server].reverse_proxy.locations[location].add_headers %}
add_header {{ item.value.servers[server].reverse_proxy.locations[location].add_headers[header].name }} "{{ item.value.servers[server].reverse_proxy.locations[location].add_headers[header].value }}"{% if item.value.servers[server].reverse_proxy.locations[location].add_headers[header].always is defined and item.value.servers[server].reverse_proxy.locations[location].add_headers[header].always %} always{% endif %};
{% if location.add_headers is defined %}
{% for header in location.add_headers %}
add_header {{ location.add_headers[header].name }} "{{ location.add_headers[header].value }}"{% if location.add_headers[header].always is defined and location.add_headers[header].always %} always{% endif %};
{% endfor %}
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].auth_request is defined %}
auth_request {{ item.value.servers[server].reverse_proxy.locations[location].auth_request }};
{% if location.auth_request is defined %}
auth_request {{ location.auth_request }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].auth_request_set is defined %}
auth_request_set {{ item.value.servers[server].reverse_proxy.locations[location].auth_request_set.name }} {{ item.value.servers[server].reverse_proxy.locations[location].auth_request_set.value }};
{% if location.auth_request_set is defined %}
auth_request_set {{ location.auth_request_set.name }} {{ location.auth_request_set.value }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].auth_basic is defined and item.value.servers[server].reverse_proxy.locations[location].auth_basic %}
auth_basic "{{ item.value.servers[server].reverse_proxy.locations[location].auth_basic }}";
{% if location.auth_basic is defined and location.auth_basic %}
auth_basic "{{ location.auth_basic }}";
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].auth_basic_user_file is defined and item.value.servers[server].reverse_proxy.locations[location].auth_basic_user_file %}
auth_basic_user_file {{ item.value.servers[server].reverse_proxy.locations[location].auth_basic_user_file }};
{% if location.auth_basic_user_file is defined and location.auth_basic_user_file %}
auth_basic_user_file {{ location.auth_basic_user_file }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].returns is defined %}
{% for code in item.value.servers[server].reverse_proxy.locations[location].returns %}
{% if item.value.servers[server].reverse_proxy.locations[location].returns[code] is defined %}
return {{ item.value.servers[server].reverse_proxy.locations[location].returns[code].code }} {{ item.value.servers[server].reverse_proxy.locations[location].returns[code].url }};
{% if location.returns is defined %}
{% for code in location.returns %}
{% if location.returns[code] is defined %}
return {{ location.returns[code].code }} {{ location.returns[code].url }};
{% else %}
return {{ item.value.servers[server].reverse_proxy.locations[location].returns[code].url }};
return {{ location.returns[code].url }};
{% endif %}
{% endfor %}
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_connect_timeout is defined and item.value.servers[server].reverse_proxy.locations[location].proxy_connect_timeout %}
proxy_connect_timeout {{ item.value.servers[server].reverse_proxy.locations[location].proxy_connect_timeout }};
{% if location.proxy_connect_timeout is defined and location.proxy_connect_timeout %}
proxy_connect_timeout {{ location.proxy_connect_timeout }};
{% endif %}
proxy_pass {{ item.value.servers[server].reverse_proxy.locations[location].proxy_pass }};
{% if item.value.servers[server].reverse_proxy.locations[location].rewrites is defined %}
{% for rewrite in item.value.servers[server].reverse_proxy.locations[location].rewrites %}
proxy_pass {{ location.proxy_pass }};
{% if location.rewrites is defined %}
{% for rewrite in location.rewrites %}
rewrite {{ rewrite }};
{% endfor %}
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_read_timeout is defined and item.value.servers[server].reverse_proxy.locations[location].proxy_read_timeout %}
proxy_read_timeout {{ item.value.servers[server].reverse_proxy.locations[location].proxy_read_timeout }};
{% if location.proxy_read_timeout is defined and location.proxy_read_timeout %}
proxy_read_timeout {{ location.proxy_read_timeout }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_send_timeout is defined and item.value.servers[server].reverse_proxy.locations[location].proxy_send_timeout %}
proxy_send_timeout {{ item.value.servers[server].reverse_proxy.locations[location].proxy_send_timeout }};
{% if location.proxy_send_timeout is defined and location.proxy_send_timeout %}
proxy_send_timeout {{ location.proxy_send_timeout }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_pass_request_body is defined %}
proxy_pass_request_body {{ item.value.servers[server].reverse_proxy.locations[location].proxy_pass_request_body }};
{% if location.proxy_pass_request_body is defined %}
proxy_pass_request_body {{ location.proxy_pass_request_body }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_store is defined %}
proxy_store {{ item.value.servers[server].reverse_proxy.locations[location].proxy_store | ternary("on", "off") }};
{% if location.proxy_store is defined %}
proxy_store {{ location.proxy_store | ternary("on", "off") }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_store_access is defined %}
proxy_store_access {{ item.value.servers[server].reverse_proxy.locations[location].proxy_store_access }};
{% if location.proxy_store_access is defined %}
proxy_store_access {{ location.proxy_store_access }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].allows is defined %}
{% for allow in item.value.servers[server].reverse_proxy.locations[location].allows %}
{% if location.allows is defined %}
{% for allow in location.allows %}
allow {{ allow }};
{% endfor %}
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].denies is defined %}
{% for deny in item.value.servers[server].reverse_proxy.locations[location].denies %}
{% if location.denies is defined %}
{% for deny in location.denies %}
deny {{ deny }};
{% endfor %}
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_set_header is defined %}
{% for header in item.value.servers[server].reverse_proxy.locations[location].proxy_set_header %}
proxy_set_header {{ item.value.servers[server].reverse_proxy.locations[location].proxy_set_header[header].name }} {{ item.value.servers[server].reverse_proxy.locations[location].proxy_set_header[header].value }};
{% if location.proxy_set_header is defined %}
{% for header in location.proxy_set_header %}
proxy_set_header {{ location.proxy_set_header[header].name }} {{ location.proxy_set_header[header].value }};
{% endfor %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_http_version is defined %}
proxy_http_version {{ item.value.servers[server].reverse_proxy.locations[location].proxy_http_version }};
{% if location.proxy_http_version is defined %}
proxy_http_version {{ location.proxy_http_version }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].websocket is defined and item.value.servers[server].reverse_proxy.locations[location].websocket %}
{% if location.websocket is defined and location.websocket %}
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
{% endif %}
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].try_files is defined %}
try_files {{ item.value.servers[server].reverse_proxy.locations[location].try_files }};
{% if location.try_files is defined %}
try_files {{ location.try_files }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_ssl is defined and item.value.servers[server].reverse_proxy.locations[location].proxy_ssl %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.cert is defined %}
proxy_ssl_certificate {{ item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.cert }};
{% if location.proxy_ssl is defined and location.proxy_ssl %}
{% if location.proxy_ssl.cert is defined %}
proxy_ssl_certificate {{ location.proxy_ssl.cert }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.key is defined %}
proxy_ssl_certificate_key {{ item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.key }};
{% if location.proxy_ssl.key is defined %}
proxy_ssl_certificate_key {{ location.proxy_ssl.key }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.trusted_cert is defined %}
proxy_ssl_trusted_certificate {{ item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.trusted_cert }};
{% if location.proxy_ssl.trusted_cert is defined %}
proxy_ssl_trusted_certificate {{ location.proxy_ssl.trusted_cert }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.server_name is defined %}
proxy_ssl_server_name {{ item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.server_name | ternary("on", "off") }};
{% if location.proxy_ssl.server_name is defined %}
proxy_ssl_server_name {{ location.proxy_ssl.server_name | ternary("on", "off") }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.name is defined %}
proxy_ssl_name {{ item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.name }};
{% if location.proxy_ssl.name is defined %}
proxy_ssl_name {{ location.proxy_ssl.name }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.protocols is defined %}
proxy_ssl_protocols {{ item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.protocols }};
{% if location.proxy_ssl.protocols is defined %}
proxy_ssl_protocols {{ location.proxy_ssl.protocols }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.ciphers is defined %}
proxy_ssl_ciphers {{ item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.ciphers }};
{% if location.proxy_ssl.ciphers is defined %}
proxy_ssl_ciphers {{ location.proxy_ssl.ciphers }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.verify is defined %}
proxy_ssl_verify {{ item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.verify | ternary("on", "off") }};
{% if location.proxy_ssl.verify is defined %}
proxy_ssl_verify {{ location.proxy_ssl.verify | ternary("on", "off") }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.verify_depth is defined %}
proxy_ssl_verify_depth {{ item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.verify_depth }};
{% if location.proxy_ssl.verify_depth is defined %}
proxy_ssl_verify_depth {{ location.proxy_ssl.verify_depth }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.session_reuse is defined %}
proxy_ssl_session_reuse {{ item.value.servers[server].reverse_proxy.locations[location].proxy_ssl.session_reuse | ternary("on", "off") }};
{% if location.proxy_ssl.session_reuse is defined %}
proxy_ssl_session_reuse {{ location.proxy_ssl.session_reuse | ternary("on", "off") }};
{% endif %}
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_redirect is defined %}
proxy_redirect {{ item.value.servers[server].reverse_proxy.locations[location].proxy_redirect | ternary(item.value.servers[server].reverse_proxy.locations[location].proxy_redirect, "off") }};
{% if location.proxy_redirect is defined %}
proxy_redirect {{ location.proxy_redirect | ternary(location.proxy_redirect, "off") }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_cache is defined %}
proxy_cache {{ item.value.servers[server].reverse_proxy.locations[location].proxy_cache }};
{% if location.proxy_cache is defined %}
proxy_cache {{ location.proxy_cache }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_cache_valid is defined %}
{% for proxy_cache_valid in item.value.servers[server].reverse_proxy.locations[location].proxy_cache_valid %}
{% if location.proxy_cache_valid is defined %}
{% for proxy_cache_valid in location.proxy_cache_valid %}
{% if proxy_cache_valid.code is defined %}
proxy_cache_valid {{ proxy_cache_valid.code }} {{ proxy_cache_valid.time | default("10m") }};
{% elif proxy_cache_valid.time is defined and proxy_cache_valid.code is not defined %}
@ -315,137 +347,146 @@ server {
{% endif %}
{% endfor %}
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_cache_background_update is defined %}
proxy_cache_background_update {{ item.value.servers[server].reverse_proxy.locations[location].proxy_cache_background_update | ternary("on", "off") }};
{% if location.proxy_cache_background_update is defined %}
proxy_cache_background_update {{ location.proxy_cache_background_update | ternary("on", "off") }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_cache_lock is defined %}
proxy_cache_lock {{ item.value.servers[server].reverse_proxy.locations[location].proxy_cache_lock | ternary("on", "off") }};
{% if location.proxy_cache_lock is defined %}
proxy_cache_lock {{ location.proxy_cache_lock | ternary("on", "off") }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_cache_min_uses is defined %}
proxy_cache_min_uses {{ item.value.servers[server].reverse_proxy.locations[location].proxy_cache_min_uses }};
{% if location.proxy_cache_min_uses is defined %}
proxy_cache_min_uses {{ location.proxy_cache_min_uses }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_cache_revalidate is defined %}
proxy_cache_revalidate {{ item.value.servers[server].reverse_proxy.locations[location].proxy_cache_revalidate | ternary("on", "off") }};
{% if location.proxy_cache_revalidate is defined %}
proxy_cache_revalidate {{ location.proxy_cache_revalidate | ternary("on", "off") }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_cache_use_stale is defined %}
proxy_cache_use_stale {{ item.value.servers[server].reverse_proxy.locations[location].proxy_cache_use_stale | join(" ") }};
{% if location.proxy_cache_use_stale is defined %}
proxy_cache_use_stale {{ location.proxy_cache_use_stale | join(" ") }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_temp_path is defined %}
proxy_temp_path {{ item.value.servers[server].reverse_proxy.locations[location].proxy_temp_path.path }} {{ item.value.servers[server].reverse_proxy.locations[location].proxy_temp_path.level_1 | default("") }} {{ item.value.servers[server].reverse_proxy.locations[location].proxy_temp_path.level_2 | default("") }} {{ item.value.servers[server].reverse_proxy.locations[location].proxy_temp_path.level_3 | default("") }};
{% if location.proxy_temp_path is defined %}
proxy_temp_path {{ location.proxy_temp_path.path }} {{ location.proxy_temp_path.level_1 | default("") }} {{ location.proxy_temp_path.level_2 | default("") }} {{ location.proxy_temp_path.level_3 | default("") }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_ignore_headers is defined %}
proxy_ignore_headers {{ item.value.servers[server].reverse_proxy.locations[location].proxy_ignore_headers | join(" ") }};
{% if location.proxy_ignore_headers is defined %}
proxy_ignore_headers {{ location.proxy_ignore_headers | join(" ") }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].client_max_body_size is defined and item.value.servers[server].reverse_proxy.locations[location].client_max_body_size %}
client_max_body_size {{ item.value.servers[server].reverse_proxy.locations[location].client_max_body_size }};
{% if location.client_max_body_size is defined and location.client_max_body_size %}
client_max_body_size {{ location.client_max_body_size }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_cookie_path is defined %}
proxy_cookie_path {{ item.value.servers[server].reverse_proxy.locations[location].proxy_cookie_path.path }} {{ item.value.servers[server].reverse_proxy.locations[location].proxy_cookie_path.replacement }};
{% if location.proxy_cookie_path is defined %}
proxy_cookie_path {{ location.proxy_cookie_path.path }} {{ location.proxy_cookie_path.replacement }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].proxy_buffering is defined %}
proxy_buffering {{ item.value.servers[server].reverse_proxy.locations[location].proxy_buffering | ternary("on", "off") }};
{% if location.proxy_buffering is defined %}
proxy_buffering {{ location.proxy_buffering | ternary("on", "off") }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].sub_filter.sub_filters is defined and item.value.servers[server].reverse_proxy.locations[location].sub_filter.sub_filters | length %}
{% for sub_filter in item.value.servers[server].reverse_proxy.locations[location].sub_filter.sub_filters %}
{% if location.sub_filter.sub_filters is defined and location.sub_filter.sub_filters | length %}
{% for sub_filter in location.sub_filter.sub_filters %}
sub_filter {{ sub_filter }};
{% endfor %}
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].sub_filter.last_modified is defined %}
sub_filter_last_modified {{ item.value.servers[server].reverse_proxy.locations[location].sub_filter.last_modified | ternary("on", "off") }};
{% if location.sub_filter.last_modified is defined %}
sub_filter_last_modified {{ location.sub_filter.last_modified | ternary("on", "off") }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].sub_filter.once is defined %}
sub_filter_once {{ item.value.servers[server].reverse_proxy.locations[location].sub_filter.once | ternary("on", "off") }};
{% if location.sub_filter.once is defined %}
sub_filter_once {{ location.sub_filter.once | ternary("on", "off") }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].sub_filter.types is defined and item.value.servers[server].reverse_proxy.locations[location].sub_filter.types %}
sub_filter_types {{ item.value.servers[server].reverse_proxy.locations[location].sub_filter.types }};
{% if location.sub_filter.types is defined and location.sub_filter.types %}
sub_filter_types {{ location.sub_filter.types }};
{% endif %}
{% if item.value.servers[server].reverse_proxy.locations[location].custom_options is defined and item.value.servers[server].reverse_proxy.locations[location].custom_options | length %}
{% for inline_option in item.value.servers[server].reverse_proxy.locations[location].custom_options %}
{% if location.custom_options is defined %}
{% if location.custom_options is mapping %}
{% for inline_option, value in location.custom_options|dictsort %}
{{ inline_option }} {{ value }};
{% endfor %}
{% elif location.custom_options is iterable %}
{% for inline_option in location.custom_options %}
{{ inline_option }};
{% endfor %}
{% endif %}
{% if (item.value.servers[server].reverse_proxy.health_check_plus is defined) and item.value.servers[server].reverse_proxy.health_check_plus %}
health_check;
{% endif %}
}
{% endfor %}
{% endif %}
{% if item.value.servers[server].web_server is defined %}
{% for location in item.value.servers[server].web_server.locations %}
location {{ item.value.servers[server].web_server.locations[location].location }} {
{% if item.value.servers[server].web_server.locations[location].html_file_location is defined %}
root {{ item.value.servers[server].web_server.locations[location].html_file_location }};
{%- if server.web_server is defined %}
{% for key, location in server.web_server.routes|dictsort %}
location {{ location.location }} {
{% if location.root is defined %}
root {{ location.root }};
{% endif %}
{% if item.value.servers[server].web_server.locations[location].html_file_name is defined %}
index {{ item.value.servers[server].web_server.locations[location].html_file_name }};
{% if location.index is defined %}
index {{ location.index }};
{% endif %}
{% if item.value.servers[server].web_server.locations[location].autoindex | default(false) %}
{% if location.autoindex | default(false) %}
autoindex on;
{% endif %}
{% if item.value.servers[server].web_server.locations[location].try_files is defined %}
try_files {{ item.value.servers[server].web_server.locations[location].try_files }};
{% if location.try_files is defined %}
try_files {{ location.try_files }};
{% endif %}
{% if item.value.servers[server].web_server.locations[location].include_files is defined and item.value.servers[server].web_server.locations[location].include_files | length %}
{% for file in item.value.servers[server].web_server.locations[location].include_files %}
{% if location.include_files is defined and location.include_files | length %}
{% for file in location.include_files %}
include "{{ file }}";
{% endfor %}
{% endif %}
{% if item.value.servers[server].web_server.locations[location].custom_options is defined and item.value.servers[server].web_server.locations[location].custom_options | length %}
{% for inline_option in item.value.servers[server].web_server.locations[location].custom_options %}
{% if location.custom_options is defined %}
{% if location.custom_options is mapping %}
{% for inline_option, value in location.custom_options|dictsort %}
{{ inline_option }} {{ value }};
{% endfor %}
{% elif location.custom_options is iterable %}
{% for inline_option in location.custom_options %}
{{ inline_option }};
{% endfor %}
{% endif %}
{% if item.value.servers[server].web_server.locations[location].proxy_hide_headers is defined %}
{% for header in item.value.servers[server].web_server.locations[location].proxy_hide_headers %}
{% endif %}
{% if location.proxy_hide_headers is defined %}
{% for header in location.proxy_hide_headers %}
proxy_hide_header {{ header }};
{% endfor %}
{% endif %}
{% if item.value.servers[server].web_server.locations[location].add_headers is defined %}
{% for header in item.value.servers[server].web_server.locations[location].add_headers %}
add_header {{ item.value.servers[server].web_server.locations[location].add_headers[header].name }} "{{ item.value.servers[server].web_server.locations[location].add_headers[header].value }}"{% if item.value.servers[server].web_server.locations[location].add_headers[header].always is defined and item.value.servers[server].web_server.locations[location].add_headers[header].always %} always{% endif %};
{% if location.add_headers is defined %}
{% for header in location.add_headers %}
add_header {{ location.add_headers[header].name }} "{{ location.add_headers[header].value }}"{% if location.add_headers[header].always is defined and location.add_headers[header].always %} always{% endif %};
{% endfor %}
{% endif %}
{% if item.value.servers[server].web_server.locations[location].returns is defined %}
{% for code in item.value.servers[server].web_server.locations[location].returns %}
{% if item.value.servers[server].web_server.locations[location].returns[code] is defined %}
return {{ item.value.servers[server].web_server.locations[location].returns[code].code }} {{ item.value.servers[server].web_server.locations[location].returns[code].url }};
{% if location.returns is defined %}
{% for code in location.returns %}
{% if location.returns[code] is defined %}
return {{ location.returns[code].code }} {{ location.returns[code].url }};
{% else %}
return {{ item.value.servers[server].web_server.locations[location].returns[code].url }};
return {{ location.returns[code].url }};
{% endif %}
{% endfor %}
{% endif %}
{% if item.value.servers[server].web_server.locations[location].auth_basic is defined and item.value.servers[server].web_server.locations[location].auth_basic %}
auth_basic "{{ item.value.servers[server].web_server.locations[location].auth_basic }}";
{% if location.auth_basic is defined and location.auth_basic %}
auth_basic "{{ location.auth_basic }}";
{% endif %}
{% if item.value.servers[server].web_server.locations[location].auth_basic_user_file is defined and item.value.servers[server].web_server.locations[location].auth_basic_user_file %}
auth_basic_user_file {{ item.value.servers[server].web_server.locations[location].auth_basic_user_file }};
{% if location.auth_basic_user_file is defined and location.auth_basic_user_file %}
auth_basic_user_file {{ location.auth_basic_user_file }};
{% endif %}
{% if item.value.servers[server].web_server.locations[location].auth_request is defined %}
auth_request {{ item.value.servers[server].web_server.locations[location].auth_request }};
{% if location.auth_request is defined %}
auth_request {{ location.auth_request }};
{% endif %}
{% if item.value.servers[server].web_server.locations[location].auth_request_set is defined %}
auth_request_set {{ item.value.servers[server].web_server.locations[location].auth_request_set.name }} {{ item.value.servers[server].web_server.locations[location].auth_request_set.value }};
{% if location.auth_request_set is defined %}
auth_request_set {{ location.auth_request_set.name }} {{ location.auth_request_set.value }};
{% endif %}
{% if item.value.servers[server].web_server.locations[location].sub_filter.sub_filters is defined and item.value.servers[server].web_server.locations[location].sub_filter.sub_filters | length %}
{% for sub_filter in item.value.servers[server].web_server.locations[location].sub_filter.sub_filters %}
{% if location.sub_filter.sub_filters is defined and location.sub_filter.sub_filters | length %}
{% for sub_filter in location.sub_filter.sub_filters %}
sub_filter {{ sub_filter }};
{% endfor %}
{% endif %}
{% if item.value.servers[server].web_server.locations[location].sub_filter.last_modified is defined %}
sub_filter_last_modified {{ item.value.servers[server].web_server.locations[location].sub_filter.last_modified | ternary("on", "off") }};
{% if location.sub_filter.last_modified is defined %}
sub_filter_last_modified {{ location.sub_filter.last_modified | ternary("on", "off") }};
{% endif %}
{% if item.value.servers[server].web_server.locations[location].sub_filter.once is defined %}
sub_filter_once {{ item.value.servers[server].web_server.locations[location].sub_filter.once | ternary("on", "off") }};
{% if location.sub_filter.once is defined %}
sub_filter_once {{ location.sub_filter.once | ternary("on", "off") }};
{% endif %}
{% if item.value.servers[server].web_server.locations[location].sub_filter.types is defined and item.value.servers[server].web_server.locations[location].sub_filter.types %}
sub_filter_types {{ item.value.servers[server].web_server.locations[location].sub_filter.types }};
{% if location.sub_filter.types is defined and location.sub_filter.types %}
sub_filter_types {{ location.sub_filter.types }};
{% endif %}
}
{% endfor %}
{% if item.value.servers[server].web_server.http_demo_conf %}
{% if server.web_server.http_demo_conf|d() %}
sub_filter_once off;
sub_filter 'server_hostname' '$hostname';
sub_filter 'server_address' '$server_addr:$server_port';
@ -459,31 +500,34 @@ server {
sub_filter 'proxied_for_ip' '$http_x_forwarded_for';
{% endif %}
{% endif %}
{% if item.value.servers[server].returns is defined %}
{% for return in item.value.servers[server].returns %}
location {{ item.value.servers[server].returns[return].location }} {
return {{ item.value.servers[server].returns[return].code }}{% if item.value.servers[server].returns[return].value is defined %} {{ item.value.servers[server].returns[return].value }}{% endif %};
{% if server.returns is defined %}
{% for return in server.returns %}
location {{ server.returns[return].location }} {
return {{ server.returns[return].code }}{% if server.returns[return].value is defined %} {{ server.returns[return].value }}{% endif %};
}
{% endfor %}
{% endif %}
{% if item.value.servers[server].error_page is defined %}
{% if server.error_page is defined %}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root {{ item.value.servers[server].error_page }};
root {{ server.error_page }};
}
{% endif %}
{% if item.value.servers[server].access_log is defined %}
{% for access_log in item.value.servers[server].access_log %}
access_log {{ access_log.location }} {{ access_log.name }};
{%- if server.access_log is defined or server.error_log is defined %}
{% if server.access_log is defined %}
{% for access_log in server.access_log %}
access_log {{ access_log.location }} {{ access_log.name }};
{% endfor %}
{% endif %}
{% if item.value.servers[server].error_log is defined %}
error_log {{ item.value.servers[server].error_log.location }} {{ item.value.servers[server].error_log.level }};
{% if server.error_log is defined %}
error_log {{ server.error_log.location }} {{ server.error_log.level }};
{% endif %}
{% endif %}
}
{% endfor %}
{% endif %}

Loading…
Cancel
Save