Commit 6dfad695 authored by Łukasz Nowak's avatar Łukasz Nowak

caddy-frontend: Drop-in dummy of nginx with Caddy

Dummy site is setup for Caddy to run.
parent 8b903391
...@@ -19,7 +19,7 @@ md5sum = f686f765e55d1dce2e55a400f0714b3e ...@@ -19,7 +19,7 @@ md5sum = f686f765e55d1dce2e55a400f0714b3e
[template-apache-frontend] [template-apache-frontend]
filename = instance-apache-frontend.cfg filename = instance-apache-frontend.cfg
md5sum = 8a4883472d6401bc7669ae70c9bafc43 md5sum = df34d8398a5f19ac7a828e1c85c22867
[template-apache-replicate] [template-apache-replicate]
filename = instance-apache-replicate.cfg.in filename = instance-apache-replicate.cfg.in
...@@ -81,6 +81,18 @@ md5sum = 84baef0a49c9a65e8f2d2ffdb8c1d39c ...@@ -81,6 +81,18 @@ md5sum = 84baef0a49c9a65e8f2d2ffdb8c1d39c
filename = templates/trafficserver/storage.config.jinja2 filename = templates/trafficserver/storage.config.jinja2
md5sum = 117238225b3fc3c5b5be381815f44c67 md5sum = 117238225b3fc3c5b5be381815f44c67
[template-nginx-configuration]
filename = templates/nginx.cfg.in
md5sum = e85e5ebc2cea6f48af90601ed9bd2d84
[template-nginx-eventsource-slave-virtualhost]
filename = templates/nginx-eventsource-slave.conf.in
md5sum = 7fb09bb130dc463a6736c1f319e798d6
[template-nginx-notebook-slave-virtualhost]
filename = templates/nginx-notebook-slave.conf.in
md5sum = afa11dda952b2317227e5c72508aeda2
[template-apache-lazy-script-call] [template-apache-lazy-script-call]
filename = templates/apache-lazy-script-call.sh.in filename = templates/apache-lazy-script-call.sh.in
md5sum = ebe5d3d19923eb812a40019cb11276d8 md5sum = ebe5d3d19923eb812a40019cb11276d8
......
...@@ -704,6 +704,15 @@ curl_path = ${curl:location}/bin/curl ...@@ -704,6 +704,15 @@ curl_path = ${curl:location}/bin/curl
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
command-line = ${caddy:output} command-line = ${caddy:output}
-conf $${nginx-configuration:output} -conf $${nginx-configuration:output}
-host $${instance-parameter:configuration.domain}
-root $${caddy-directory:document-root}
-http-port $${nginx-configuration:plain_port}
-https-port $${nginx-configuration:port}
-log $${nginx-configuration:error_log}
-http2=$${instance-parameter:configuration.enable-http2-by-default}
-pidfile $${nginx-configuration:pid-file}
-disable-http-challenge
-disable-tls-sni-challenge
wrapper-path = $${directory:service}/frontend_nginx wrapper-path = $${directory:service}/frontend_nginx
[nginx-configuration] [nginx-configuration]
...@@ -723,6 +732,8 @@ slave-configuration-directory = $${caddy-directory:nginx-slave-configuration} ...@@ -723,6 +732,8 @@ slave-configuration-directory = $${caddy-directory:nginx-slave-configuration}
pid-file = $${directory:run}/nginx.pid pid-file = $${directory:run}/nginx.pid
nginx-graceful-command = $${:nginx-configuration-verification}; if [ $? -eq 0 ]; then kill -HUP $(cat $${:pid-file}); fi nginx-graceful-command = $${:nginx-configuration-verification}; if [ $? -eq 0 ]; then kill -HUP $(cat $${:pid-file}); fi
nginx-configuration-verification = $${nginx-frontend:wrapper-path} -validate nginx-configuration-verification = $${nginx-frontend:wrapper-path} -validate
ssl_certificate = $${ca-frontend:cert-file}
ssl_key = $${ca-frontend:key-file}
[frontend-nginx-graceful] [frontend-nginx-graceful]
< = jinja2-template-base < = jinja2-template-base
......
...@@ -11,105 +11,105 @@ ...@@ -11,105 +11,105 @@
('ssl_certificate_key', 'path_to_ssl_key')] -%} ('ssl_certificate_key', 'path_to_ssl_key')] -%}
upstream {{ slave_parameter.get('slave_reference') }} { # TODO-Caddy upstream {{ slave_parameter.get('slave_reference') }} {
server {{ upstream }}; # TODO-Caddy server {{ upstream }};
} # TODO-Caddy
upstream https_{{ slave_parameter.get('slave_reference') }} { # TODO-Caddy pstream https_{{ slave_parameter.get('slave_reference') }} {
server {{ https_upstream }}; # TODO-Caddy server {{ https_upstream }};
} # TODO-Caddy
server { # TODO-Caddy server {
listen [{{ global_ipv6 }}]:{{ nginx_http_port }}; # TODO-Caddy listen [{{ global_ipv6 }}]:{{ nginx_http_port }};
listen {{ local_ipv4 }}:{{ nginx_http_port }}; # TODO-Caddy listen {{ local_ipv4 }}:{{ nginx_http_port }};
# TODO-Caddy
server_name {{ slave_parameter.get('custom_domain') }}; # TODO-Caddy server_name {{ slave_parameter.get('custom_domain') }};
# TODO-Caddy
error_log {{ slave_parameter.get('error_log') }} error; # TODO-Caddy error_log {{ slave_parameter.get('error_log') }} error;
access_log {{ slave_parameter.get('access_log') }} custom; # TODO-Caddy access_log {{ slave_parameter.get('access_log') }} custom;
# TODO-Caddy
location /pub { # TODO-Caddy location /pub {
push_stream_publisher; # TODO-Caddy push_stream_publisher;
push_stream_channels_path $arg_id; # TODO-Caddy push_stream_channels_path $arg_id;
# store messages in memory # TODO-Caddy # store messages in memory
push_stream_store_messages off; # TODO-Caddy push_stream_store_messages off;
# TODO-Caddy
# Message size limit # TODO-Caddy # Message size limit
# client_max_body_size MUST be equal to client_body_buffer_size or # TODO-Caddy # client_max_body_size MUST be equal to client_body_buffer_size or
# you will be sorry. # TODO-Caddy # you will be sorry.
client_max_body_size 16k; # TODO-Caddy client_max_body_size 16k;
client_body_buffer_size 16k; # TODO-Caddy client_body_buffer_size 16k;
# TODO-Caddy
} # TODO-Caddy }
# TODO-Caddy
location ~ /sub/(.*) { # TODO-Caddy location ~ /sub/(.*) {
# activate subscriber mode for this location # TODO-Caddy # activate subscriber mode for this location
add_header "Access-Control-Allow-Origin" "*"; # TODO-Caddy add_header "Access-Control-Allow-Origin" "*";
add_header 'Access-Control-Allow-Credentials' 'false'; # TODO-Caddy add_header 'Access-Control-Allow-Credentials' 'false';
add_header 'Access-Control-Allow-Methods' 'GET, HEAD, OPTIONS'; # TODO-Caddy add_header 'Access-Control-Allow-Methods' 'GET, HEAD, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'; # TODO-Caddy add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
# TODO-Caddy
push_stream_subscriber eventsource; # TODO-Caddy push_stream_subscriber eventsource;
# positional channel path # TODO-Caddy # positional channel path
push_stream_channels_path $1; # TODO-Caddy push_stream_channels_path $1;
# TODO-Caddy
# content-type # TODO-Caddy # content-type
default_type "text/event-stream; charset=utf-8"; # TODO-Caddy default_type "text/event-stream; charset=utf-8";
} # TODO-Caddy }
# TODO-Caddy
} # TODO-Caddy
server { # TODO-Caddy server {
listen [{{ global_ipv6 }}]:{{ nginx_https_port }} ssl; # TODO-Caddy listen [{{ global_ipv6 }}]:{{ nginx_https_port }} ssl;
listen {{ local_ipv4 }}:{{ nginx_https_port }} ssl; # TODO-Caddy listen {{ local_ipv4 }}:{{ nginx_https_port }} ssl;
# TODO-Caddy
server_name {{ slave_parameter.get('custom_domain') }}; # TODO-Caddy server_name {{ slave_parameter.get('custom_domain') }};
# TODO-Caddy
error_log {{ slave_parameter.get('error_log') }} error; # TODO-Caddy error_log {{ slave_parameter.get('error_log') }} error;
access_log {{ slave_parameter.get('access_log') }} custom; # TODO-Caddy access_log {{ slave_parameter.get('access_log') }} custom;
# TODO-Caddy
ssl on; # TODO-Caddy ssl on;
# TODO-Caddy
ssl_session_timeout 5m; # TODO-Caddy ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # TODO-Caddy ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5'; # TODO-Caddy ssl_ciphers 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5';
ssl_prefer_server_ciphers on; # TODO-Caddy ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m; # TODO-Caddy ssl_session_cache shared:SSL:10m;
{% for key, value in ssl_configuration_list -%} {% for key, value in ssl_configuration_list -%}
{% if value in slave_parameter -%} {% if value in slave_parameter -%}
{{ ' %s' % key }} {{ slave_parameter.get(value) }}; # TODO-Caddy {{ ' %s' % key }} {{ slave_parameter.get(value) }};
{% endif -%} {% endif -%}
{% endfor %} {% endfor %}
location /pub { # TODO-Caddy location /pub {
push_stream_publisher; # TODO-Caddy push_stream_publisher;
push_stream_channels_path $arg_id; # TODO-Caddy push_stream_channels_path $arg_id;
# store messages in memory # TODO-Caddy # store messages in memory
push_stream_store_messages off; # TODO-Caddy push_stream_store_messages off;
# TODO-Caddy
# Message size limit # TODO-Caddy # Message size limit
# client_max_body_size MUST be equal to client_body_buffer_size or # TODO-Caddy # client_max_body_size MUST be equal to client_body_buffer_size or
# you will be sorry. # TODO-Caddy # you will be sorry.
client_max_body_size 16k; # TODO-Caddy client_max_body_size 16k;
client_body_buffer_size 16k; # TODO-Caddy client_body_buffer_size 16k;
# TODO-Caddy
} # TODO-Caddy }
# TODO-Caddy
location ~ /sub/(.*) { # TODO-Caddy location ~ /sub/(.*) {
# activate subscriber mode for this location # TODO-Caddy # activate subscriber mode for this location
add_header "Access-Control-Allow-Origin" "*"; # TODO-Caddy add_header "Access-Control-Allow-Origin" "*";
add_header 'Access-Control-Allow-Credentials' 'false'; # TODO-Caddy add_header 'Access-Control-Allow-Credentials' 'false';
add_header 'Access-Control-Allow-Methods' 'GET, HEAD, OPTIONS'; # TODO-Caddy add_header 'Access-Control-Allow-Methods' 'GET, HEAD, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'; # TODO-Caddy add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
# TODO-Caddy
push_stream_subscriber eventsource; # TODO-Caddy push_stream_subscriber eventsource;
# positional channel path # TODO-Caddy # positional channel path
push_stream_channels_path $1; # TODO-Caddy push_stream_channels_path $1;
# TODO-Caddy
# content-type # TODO-Caddy # content-type
default_type "text/event-stream; charset=utf-8"; # TODO-Caddy default_type "text/event-stream; charset=utf-8";
} # TODO-Caddy }
} # TODO-Caddy}
{% endif -%} {% endif -%}
...@@ -11,96 +11,96 @@ ...@@ -11,96 +11,96 @@
('ssl_certificate_key', 'path_to_ssl_key')] -%} ('ssl_certificate_key', 'path_to_ssl_key')] -%}
upstream {{ slave_parameter.get('slave_reference') }} { # TODO-Caddy upstream {{ slave_parameter.get('slave_reference') }} {
server {{ upstream }}; # TODO-Caddy server {{ upstream }};
} # TODO-Caddy }
upstream https_{{ slave_parameter.get('slave_reference') }} { # TODO-Caddy upstream https_{{ slave_parameter.get('slave_reference') }} {
server {{ https_upstream }}; # TODO-Caddy server {{ https_upstream }};
} # TODO-Caddy }
server { # TODO-Caddy server {
listen [{{ global_ipv6 }}]:{{ nginx_http_port }}; # TODO-Caddy listen [{{ global_ipv6 }}]:{{ nginx_http_port }};
listen {{ local_ipv4 }}:{{ nginx_http_port }}; # TODO-Caddy listen {{ local_ipv4 }}:{{ nginx_http_port }};
# TODO-Caddy
server_name {{ slave_parameter.get('custom_domain') }}; # TODO-Caddy server_name {{ slave_parameter.get('custom_domain') }};
# TODO-Caddy
error_log {{ slave_parameter.get('error_log') }} error; # TODO-Caddy error_log {{ slave_parameter.get('error_log') }} error;
access_log {{ slave_parameter.get('access_log') }} custom; # TODO-Caddy access_log {{ slave_parameter.get('access_log') }} custom;
# TODO-Caddy
location / { # TODO-Caddy location / {
proxy_pass {{ proxy_pass }}; # TODO-Caddy proxy_pass {{ proxy_pass }};
proxy_set_header Host $host; # TODO-Caddy proxy_set_header Host $host;
} # TODO-Caddy }
# TODO-Caddy
location ~ /api/kernels/ { # TODO-Caddy location ~ /api/kernels/ {
proxy_pass {{ proxy_pass }}; # TODO-Caddy proxy_pass {{ proxy_pass }};
proxy_set_header Host $host; # TODO-Caddy proxy_set_header Host $host;
# websocket support # TODO-Caddy # websocket support
proxy_http_version 1.1; # TODO-Caddy proxy_http_version 1.1;
proxy_set_header Upgrade "websocket"; # TODO-Caddy proxy_set_header Upgrade "websocket";
proxy_set_header Connection "Upgrade"; # TODO-Caddy proxy_set_header Connection "Upgrade";
proxy_read_timeout 86400; # TODO-Caddy proxy_read_timeout 86400;
} # TODO-Caddy }
# TODO-Caddy
location ~ /terminals/ { # TODO-Caddy location ~ /terminals/ {
proxy_pass {{ proxy_pass }}; # TODO-Caddy proxy_pass {{ proxy_pass }};
proxy_set_header Host $host; # TODO-Caddy proxy_set_header Host $host;
# websocket support # TODO-Caddy # websocket support
proxy_http_version 1.1; # TODO-Caddy proxy_http_version 1.1;
proxy_set_header Upgrade "websocket"; # TODO-Caddy proxy_set_header Upgrade "websocket";
proxy_set_header Connection "Upgrade"; # TODO-Caddy proxy_set_header Connection "Upgrade";
proxy_read_timeout 86400; # TODO-Caddy proxy_read_timeout 86400;
} # TODO-Caddy }
} # TODO-Caddy }
server { # TODO-Caddy server {
listen [{{ global_ipv6 }}]:{{ nginx_https_port }} ssl; # TODO-Caddy listen [{{ global_ipv6 }}]:{{ nginx_https_port }} ssl;
listen {{ local_ipv4 }}:{{ nginx_https_port }} ssl; # TODO-Caddy listen {{ local_ipv4 }}:{{ nginx_https_port }} ssl;
# TODO-Caddy
server_name {{ slave_parameter.get('custom_domain') }}; # TODO-Caddy server_name {{ slave_parameter.get('custom_domain') }};
# TODO-Caddy
error_log {{ slave_parameter.get('error_log') }} error; # TODO-Caddy error_log {{ slave_parameter.get('error_log') }} error;
access_log {{ slave_parameter.get('access_log') }} custom; # TODO-Caddy access_log {{ slave_parameter.get('access_log') }} custom;
# TODO-Caddy
ssl on; # TODO-Caddy ssl on;
# TODO-Caddy
ssl_session_timeout 5m; # TODO-Caddy ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # TODO-Caddy ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5'; # TODO-Caddy ssl_ciphers 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5';
ssl_prefer_server_ciphers on; # TODO-Caddy ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m; # TODO-Caddy ssl_session_cache shared:SSL:10m;
{% for key, value in ssl_configuration_list -%} {% for key, value in ssl_configuration_list -%}
{% if value in slave_parameter -%} {% if value in slave_parameter -%}
{{ ' %s' % key }} {{ slave_parameter.get(value) }}; # TODO-Caddy {{ ' %s' % key }} {{ slave_parameter.get(value) }};
{% endif -%} {% endif -%}
{% endfor %} {% endfor %}
location / { # TODO-Caddy location / {
proxy_pass {{ https_proxy_pass }}; # TODO-Caddy proxy_pass {{ https_proxy_pass }};
proxy_set_header Host $host; # TODO-Caddy proxy_set_header Host $host;
} # TODO-Caddy }
# TODO-Caddy
location ~ /api/kernels/ { # TODO-Caddy location ~ /api/kernels/ {
proxy_pass {{ https_proxy_pass }}; # TODO-Caddy proxy_pass {{ https_proxy_pass }};
proxy_set_header Host $host; # TODO-Caddy proxy_set_header Host $host;
# websocket support # TODO-Caddy # websocket support
proxy_http_version 1.1; # TODO-Caddy proxy_http_version 1.1;
proxy_set_header Upgrade "websocket"; # TODO-Caddy proxy_set_header Upgrade "websocket";
proxy_set_header Connection "Upgrade"; # TODO-Caddy proxy_set_header Connection "Upgrade";
proxy_read_timeout 86400; # TODO-Caddy proxy_read_timeout 86400;
} # TODO-Caddy }
# TODO-Caddy
location ~ /terminals/ { # TODO-Caddy location ~ /terminals/ {
proxy_pass {{ https_proxy_pass }}; # TODO-Caddy proxy_pass {{ https_proxy_pass }};
proxy_set_header Host $host; # TODO-Caddy proxy_set_header Host $host;
# websocket support # TODO-Caddy # websocket support
proxy_http_version 1.1; # TODO-Caddy proxy_http_version 1.1;
proxy_set_header Upgrade "websocket"; # TODO-Caddy proxy_set_header Upgrade "websocket";
proxy_set_header Connection "Upgrade"; # TODO-Caddy proxy_set_header Connection "Upgrade";
proxy_read_timeout 86400; # TODO-Caddy proxy_read_timeout 86400;
} # TODO-Caddy }
} # TODO-Caddy }
{% endif -%} {% endif -%}
daemon off; # run in the foreground so supervisord can look after it # Dummy site for starting Caddy correctly
https://www.example.org:$${nginx-configuration:port} {
worker_processes $${nginx-configuration:worker_processes}; tls $${nginx-configuration:ssl_certificate} $${nginx-configuration:ssl_key}
pid $${nginx-configuration:pid-file}; bind $${nginx-configuration:local_ip}
# TODO-Caddy bind {{ ipv6_addr }}
# Serve an error 204 (No Content) for favicon.ico
status 204 /favicon.ico
status 404 /
}
events { http://www.example.org:$${nginx-configuration:plain_port} {
worker_connections $${nginx-configuration:worker_connections}; bind $${nginx-configuration:local_ip}
# multi_accept on; # TODO-Caddy bind {{ ipv6_addr }}
# Serve an error 204 (No Content) for favicon.ico
status 204 /favicon.ico
status 404 /
} }
# TODO-Caddy daemon off; # run in the foreground so supervisord can look after it
error_log $${nginx-configuration:error_log}; # TODO-Caddy worker_processes $${nginx-configuration:worker_processes};
http { # TODO-Caddy events {
# TODO-Caddy worker_connections $${nginx-configuration:worker_connections};
# TODO-Caddy # multi_accept on;
# TODO-Caddy }
# TODO-Caddy http {
## ##
# Basic Settings # Basic Settings
## ##
sendfile on; # TODO-Caddy sendfile on;
tcp_nopush on; # TODO-Caddy tcp_nopush on;
tcp_nodelay on; # TODO-Caddy tcp_nodelay on;
keepalive_timeout 65; # TODO-Caddy keepalive_timeout 65;
types_hash_max_size 2048; # TODO-Caddy types_hash_max_size 2048;
server_tokens off; # TODO-Caddy server_tokens off;
error_log $${nginx-configuration:error_log}; # TODO-Caddy log_format custom '$remote_addr - $remote_user $time_local $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time';
log_format custom '$remote_addr - $remote_user $time_local $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time'; # TODO-Caddy access_log $${nginx-configuration:access_log} custom;
access_log $${nginx-configuration:access_log} custom;
# server_names_hash_bucket_size 64; # server_names_hash_bucket_size 64;
# server_name_in_redirect off; # server_name_in_redirect off;
default_type application/octet-stream; # TODO-Caddy default_type application/octet-stream;
ssl_certificate $${ca-frontend:cert-file}; # TODO-Caddy ssl_certificate $${ca-frontend:cert-file};
ssl_certificate_key $${ca-frontend:key-file}; # TODO-Caddy ssl_certificate_key $${ca-frontend:key-file};
## ##
# Gzip Settings # Gzip Settings
## ##
gzip on; # TODO-Caddy gzip on;
gzip_disable "msie6"; # TODO-Caddy gzip_disable "msie6";
gzip_vary on; # TODO-Caddy gzip_vary on;
gzip_proxied any; # TODO-Caddy gzip_proxied any;
gzip_comp_level 6; # TODO-Caddy gzip_comp_level 6;
gzip_buffers 16 8k; # TODO-Caddy gzip_buffers 16 8k;
gzip_http_version 1.1; # TODO-Caddy gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; # TODO-Caddy gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
## ##
# Push stream Settings # Push stream Settings
## ##
push_stream_shared_memory_size 32m; # TODO-Caddy push_stream_shared_memory_size 32m;
fastcgi_temp_path $${directory:varnginx} 1 2;
uwsgi_temp_path $${directory:varnginx} 1 2;
scgi_temp_path $${directory:varnginx} 1 2;
client_body_temp_path $${directory:varnginx} 1 2;
proxy_temp_path $${directory:varnginx} 1 2;
include $${nginx-configuration:slave-configuration-directory}/*.conf;
server { # TODO-Caddy fastcgi_temp_path $${directory:varnginx} 1 2;
listen [$${nginx-configuration:ip}]:$${nginx-configuration:plain_port}; # TODO-Caddy uwsgi_temp_path $${directory:varnginx} 1 2;
listen $${nginx-configuration:local_ip}:$${nginx-configuration:plain_port}; # TODO-Caddy scgi_temp_path $${directory:varnginx} 1 2;
# TODO-Caddy client_body_temp_path $${directory:varnginx} 1 2;
# TODO-Caddy proxy_temp_path $${directory:varnginx} 1 2;
# TODO-Caddy }
## Serve an error 204 (No Content) for favicon.ico import $${nginx-configuration:slave-configuration-directory}/*.conf
location = /favicon.ico {
return 204;
}
location / {
root $${apache-directory:document-root};
index notfound.html;
}
}
server {
listen [$${nginx-configuration:ip}]:$${nginx-configuration:port} ssl;
listen $${nginx-configuration:local_ip}:$${nginx-configuration:port} ssl;
ssl on;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
## Serve an error 204 (No Content) for favicon.ico
location = /favicon.ico {
return 204;
}
location / {
root $${apache-directory:document-root};
index notfound.html;
}
}
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment