diff --git a/nginx/dns.stpl b/nginx/dns.stpl new file mode 100755 index 0000000..d760e3f --- /dev/null +++ b/nginx/dns.stpl @@ -0,0 +1,79 @@ +#=========================================================================# +# Default Web Domain Template # +# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS # +# https://docs.hestiacp.com/admin_docs/web.html#how-do-web-templates-work # +#=========================================================================# +upstream portainer { + server 127.0.1.1:9090; +} +map $http_upgrade $connection_upgrade { + default upgrade; + '' close; +} + +server { + listen %ip%:%proxy_ssl_port% ssl http2; + server_name %domain_idn% %alias_idn%; + ssl_certificate %ssl_pem%; + ssl_certificate_key %ssl_key%; + ssl_stapling on; + ssl_stapling_verify on; + error_log /var/log/%web_system%/domains/%domain%.error.log error; + + include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*; + + location / { + proxy_pass http://127.0.0.1:8989; + } + + location /portainer/ { + proxy_http_version 1.1; + proxy_set_header Host $http_host; # required for docker client's sake + proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_read_timeout 900; + + proxy_set_header Connection ""; + proxy_buffers 32 4k; + proxy_pass https://portainer/; + } + + location /portainer/api/websocket/ { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection $connection_upgrade; + proxy_pass https://portainer/api/websocket/; + } + + location /pma121/ { + proxy_http_version 1.1; + proxy_set_header Host $http_host; # required for docker client's sake + proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_read_timeout 900; + + proxy_set_header Connection ""; + proxy_buffers 32 4k; + proxy_pass http://127.0.0.1:8988/; + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://127.0.0.1:8989; + } + + location ~ /\.(?!well-known\/|file) { + deny all; + return 404; + } + + proxy_hide_header Upgrade; + + include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*; +} + diff --git a/nginx/dns.tpl b/nginx/dns.tpl new file mode 100755 index 0000000..d657828 --- /dev/null +++ b/nginx/dns.tpl @@ -0,0 +1,39 @@ +#=========================================================================# +# Default Web Domain Template # +# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS # +# https://docs.hestiacp.com/admin_docs/web.html#how-do-web-templates-work # +#=========================================================================# + +server { + listen %ip%:%proxy_port%; + server_name %domain_idn% %alias_idn%; + + include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*; + + location / { + proxy_pass http://%ip%:%web_port%; + location ~* ^.+\.(%proxy_extensions%)$ { + root %docroot%; + access_log /var/log/%web_system%/domains/%domain%.log combined; + access_log /var/log/%web_system%/domains/%domain%.bytes bytes; + expires max; + try_files $uri @fallback; + } + } + + location /error/ { + alias %home%/%user%/web/%domain%/document_errors/; + } + + location @fallback { + proxy_pass http://%ip%:%web_port%; + } + + location ~ /\.(?!well-known\/|file) { + deny all; + return 404; + } + + include %home%/%user%/conf/web/%domain%/nginx.conf_*; +} +