47 lines
1.1 KiB
Django/Jinja
47 lines
1.1 KiB
Django/Jinja
$HTTP["host"] == "{{domain}}" {
|
|
server.name = "{{domain}}"
|
|
|
|
# Anfragen auf Port 80 über IPv4
|
|
$SERVER["socket"] == ":80" {
|
|
# auf HTTPS umleiten
|
|
url.redirect = ("^/(.*)" => "https://{{domain}}/$1")
|
|
}
|
|
|
|
# Anfragen auf Port 80 über IPv6
|
|
$SERVER["socket"] == "[::]:80" {
|
|
# auf HTTPS umleiten
|
|
url.redirect = ("^/(.*)" => "https://{{domain}}/$1")
|
|
}
|
|
|
|
# Anfragen auf Port 443 über IPv4
|
|
$SERVER["socket"] == ":443" {
|
|
# mit dem SSL-Kram beglücken
|
|
ssl.engine = "enable"
|
|
ssl.pemfile = "/etc/ssl/certs/{{domain}}.pem"
|
|
ssl.privkey = "/etc/ssl/keys/{{domain}}.pem"
|
|
ssl.ca-file = "/etc/ssl/fullchains/{{domain}}.pem"
|
|
}
|
|
|
|
# Anfragen auf Port 443 über IPv6
|
|
$SERVER["socket"] == "[::]:443" {
|
|
# mit dem SSL-Kram beglücken
|
|
ssl.engine = "enable"
|
|
ssl.pemfile = "/etc/ssl/certs/{{domain}}.pem"
|
|
ssl.privkey = "/etc/ssl/keys/{{domain}}.pem"
|
|
ssl.ca-file = "/etc/ssl/fullchains/{{domain}}.pem"
|
|
}
|
|
|
|
$HTTP["url"] =~ "^/" {
|
|
proxy.server = (
|
|
"" => (
|
|
"" => (
|
|
"host" => "localhost",
|
|
"port" => {{port}}
|
|
)
|
|
)
|
|
)
|
|
proxy.header = (
|
|
"upgrade" => "enable"
|
|
)
|
|
}
|
|
}
|