summaryrefslogtreecommitdiff
path: root/templates/site-ssl.erb
blob: c0af188da0d5ce09beeb6d7a2ebdae2e1574022b (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

server {
  listen      443;
  server_name <%= @server_name %> <%= @aliases %>;

  ssl on;
  ssl_certificate     /etc/letsencrypt/live/<%= @server_name %>/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/<%= @server_name %>/privkey.pem;

  # enable HSTS header
  add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload";

  location / {
    # preserve http header and set forwarded proto
    proxy_set_header Host $http_host;
    proxy_set_header X-Forwarded-Proto https;

    # default proxy pass
    proxy_pass       http://<%= @backend %>:80;
  }
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-19 10:22:57 +0000