ppm/nginx
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update to work with new way for the firewall

Browse source
This commit is contained in:
Peter 2025-08-15 23:11:03 +02:00
parent 42ce223749
commit 920c9db231
2 changed files with 43 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

26
nginx.conf.j2
View file

@ -29,16 +29,20 @@ http {
gzip on;
server {
listen [{{ config.listenhttpaddress6 }}]:{{ config.httpport }};
listen {{ config.listenhttpaddress4 }}:{{ config.httpport }};
listen [{{ config.listenhttpaddress6 }}]:{{ ports.http }};
listen {{ config.listenhttpaddress4 }}:{{ ports.http }};
{% if config.listenhttpaddress6 != "::1" %}listen [::1]:{{ ports.http }};{% endif %}
{% if config.listenhttpaddress4 != "127.0.0.1" %}listen 127.0.0.1:{{ ports.http }};{% endif %}
server_name _;
root /var/www/empty;
default_type text/html;
return 200 "Nothing to see here";
}
server {
listen [{{ config.listenhttpaddress6 }}]:{{ config.httpsport }} ssl;
listen {{ config.listenhttpaddress4 }}:{{ config.httpsport }} ssl;
listen [{{ config.listenhttpaddress6 }}]:{{ ports.https }} ssl;
listen {{ config.listenhttpaddress4 }}:{{ ports.https }} ssl;
{% if config.listenhttpaddress6 != "::1" %}listen [::1]:{{ ports.https }} ssl;{% endif %}
{% if config.listenhttpaddress4 != "127.0.0.1" %}listen 127.0.0.1:{{ ports.https }} ssl;{% endif %}
server_name _;
ssl_certificate /etc/nginx/ssl.cert;
@ -52,12 +56,14 @@ http {
{% for app in otherapps -%}
{%- if "web" in otherapps[app]["imports"] -%}
{%- for onesite in otherapps[app]["imports"]["web"] -%}
{%- for onesite in otherapps[app]["imports"]["web"]["sites"] -%}
{# Redirect http to https. We only support https sites #}
server {
listen [{{ config.listenhttpaddress6 }}]:{{ config.httpport }};
listen {{ config.listenhttpaddress4 }}:{{ config.httpport }};
listen [{{ config.listenhttpaddress6 }}]:{{ ports.http }};
listen {{ config.listenhttpaddress4 }}:{{ ports.http }};
{% if config.listenhttpaddress6 != "::1" %}listen [::1]:{{ ports.http }};{% endif %}
{% if config.listenhttpaddress4 != "127.0.0.1" %}listen 127.0.0.1:{{ ports.http }};{% endif %}
server_name {{ onesite.publicname }};
root /var/www/empty;
location / {
@ -65,8 +71,10 @@ http {
}
}
server {
listen [{{ config.listenhttpaddress6 }}]:{{ config.httpsport }} ssl;
listen {{ config.listenhttpaddress4 }}:{{ config.httpsport }} ssl;
listen [{{ config.listenhttpaddress6 }}]:{{ ports.https }} ssl;
listen {{ config.listenhttpaddress4 }}:{{ ports.https }} ssl;
{% if config.listenhttpaddress6 != "::1" %}listen [::1]:{{ ports.https }} ssl;{% endif %}
{% if config.listenhttpaddress4 != "127.0.0.1" %}listen 127.0.0.1:{{ ports.https }} ssl;{% endif %}
server_name {{ onesite.publicname }};
ssl_certificate /etc/nginx/ssl.cert;