nginx-proxy-manager/backend/templates/proxy_host.conf

{% include "_header_comment.conf" %}

{% if enabled %}
server {
  set $forward_scheme {{ forward_scheme }};
  set $server         "{{ forward_host }}";
  set $port           {{ forward_port }};

{% include "_listen.conf" %}
{% include "_certificates.conf" %}
{% include "_assets.conf" %}
{% include "_exploits.conf" %}
{% include "_hsts.conf" %}
{% include "_forced_ssl.conf" %}

{% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_http_version 1.1;
{% endif %}

  access_log /data/logs/proxy_host-{{ id }}/access.log proxy;
  error_log /data/logs/proxy_host-{{ id }}/error.log warn;

{{ advanced_config }}

{{ locations }}

{% if use_default_location %}

  location / {

    {% if access_list_id > 0 %}
    {% if access_list.items.length > 0 %}
    # Authorization
    auth_basic            "Authorization required";
    auth_basic_user_file  /data/access/{{ access_list_id }};

    {{ access_list.passauth }}
    {% endif %}

    # Access Rules
    {% for client in access_list.clients %}
    {{- client.rule -}};
    {% endfor %}deny all;

    # Access checks must...
    {% if access_list.satisfy %}
    {{ access_list.satisfy }};
    {% endif %}

    {% endif %}

{% include "_hsts.conf" %}

    {% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $http_connection;
    proxy_http_version 1.1;
    {% endif %}

    # Proxy!
    include conf.d/include/proxy.conf;
  }
{% endif %}

  # Custom
  include /data/nginx/custom/server_proxy[.]conf;
}
{% endif %}
Nginx templates 2018-08-16 23:25:59 +00:00			`{% include "_header_comment.conf" %}`
Audit Log items, backend stuff, help pages 2018-08-01 11:18:17 +00:00
Initial work for disabling hosts 2019-01-03 10:27:43 +00:00			`{% if enabled %}`
Nginx templates 2018-08-16 23:25:59 +00:00			`server {`
Support for upstream ssl proxy hosts 2018-12-11 23:47:12 +00:00			`set $forward_scheme {{ forward_scheme }};`
			`set $server "{{ forward_host }}";`
			`set $port {{ forward_port }};`
Audit Log items, backend stuff, help pages 2018-08-01 11:18:17 +00:00
Templates update 2018-08-16 23:59:02 +00:00			`{% include "_listen.conf" %}`
			`{% include "_certificates.conf" %}`
			`{% include "_assets.conf" %}`
			`{% include "_exploits.conf" %}`
Fixes #68 - HSTS is now part of the UI 2019-02-18 08:21:45 +00:00			`{% include "_hsts.conf" %}`
Move 'Force SSL' definitions to host root configuration This fixes issues with these settings not applying to custom locations defined under hosts. 2021-04-13 18:59:49 +00:00			`{% include "_forced_ssl.conf" %}`
Audit Log items, backend stuff, help pages 2018-08-01 11:18:17 +00:00
Move 'Allow Websockets' definitions to host root configuration This fixes issues with these settings not applying to custom locations defined under hosts. 2021-04-13 19:04:35 +00:00			`{% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}`
			`proxy_set_header Upgrade $http_upgrade;`
			`proxy_set_header Connection $http_connection;`
			`proxy_http_version 1.1;`
			`{% endif %}`

Store host logs in subfolders 2021-06-29 18:40:36 +00:00			`access_log /data/logs/proxy_host-{{ id }}/access.log proxy;`
			`error_log /data/logs/proxy_host-{{ id }}/error.log warn;`
Audit Log items, backend stuff, help pages 2018-08-01 11:18:17 +00:00
Finished importer, advanced nginx config for hosts, custom certs used in nginx templates 2018-08-22 04:31:03 +00:00			`{{ advanced_config }}`
Audit Log items, backend stuff, help pages 2018-08-01 11:18:17 +00:00
Feature/custom locations (#74) * New feature: custom locations * Custom locations: exteding config generator * Custom locations: refactoring * Fixing proxy_host table on small screens * Custom locations: translations * Custom locations bugfix * Custom locations bugfix * PR #74 fixes 2019-03-04 22:21:02 +00:00			`{{ locations }}`

Ignore default location when defined in advanced config (#79) 2019-02-25 00:34:55 +00:00			`{% if use_default_location %}`
Feature/custom locations (#74) * New feature: custom locations * Custom locations: exteding config generator * Custom locations: refactoring * Fixing proxy_host table on small screens * Custom locations: translations * Custom locations bugfix * Custom locations bugfix * PR #74 fixes 2019-03-04 22:21:02 +00:00
Audit Log items, backend stuff, help pages 2018-08-01 11:18:17 +00:00			`location / {`
write access list to proxy host config 2020-04-14 06:31:44 +00:00
			`{% if access_list_id > 0 %}`
skip auth check if no users defined 2020-05-09 16:48:50 +00:00			`{% if access_list.items.length > 0 %}`
write access list to proxy host config 2020-04-14 06:31:44 +00:00			`# Authorization`
Audit Log items, backend stuff, help pages 2018-08-01 11:18:17 +00:00			`auth_basic "Authorization required";`
Access polish, import v1 stsarted 2018-08-20 22:33:51 +00:00			`auth_basic_user_file /data/access/{{ access_list_id }};`
Allows auth information from AccessList not to be passed to proxied hosts. Resolves issue #153. Signed-off-by: James Morgan <jmorgan.au+github@gmail.com> 2020-10-14 09:17:25 +00:00
			`{{ access_list.passauth }}`
skip auth check if no users defined 2020-05-09 16:48:50 +00:00			`{% endif %}`
write access list to proxy host config 2020-04-14 06:31:44 +00:00
			`# Access Rules`
			`{% for client in access_list.clients %}`
			`{{- client.rule -}};`
			`{% endfor %}deny all;`

			`# Access checks must...`
Don't spit out a ; if the preceeding value is empty 2020-10-16 03:41:08 +00:00			`{% if access_list.satisfy %}`
write access list to proxy host config 2020-04-14 06:31:44 +00:00			`{{ access_list.satisfy }};`
Don't spit out a ; if the preceeding value is empty 2020-10-16 03:41:08 +00:00			`{% endif %}`
write access list to proxy host config 2020-04-14 06:31:44 +00:00
			`{% endif %}`
Certificates ui section and permissions 2018-08-02 09:48:47 +00:00
Fixes #68 - HSTS is now part of the UI 2019-02-18 08:21:45 +00:00			`{% include "_hsts.conf" %}`
Certificates ui section and permissions 2018-08-02 09:48:47 +00:00
Partial revert of 421934e Keeping the server block of websocket definitions but also bringing back the location block after discussions on #1067 2021-05-08 02:17:10 +00:00			`{% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}`
			`proxy_set_header Upgrade $http_upgrade;`
			`proxy_set_header Connection $http_connection;`
			`proxy_http_version 1.1;`
			`{% endif %}`

Certificates ui section and permissions 2018-08-02 09:48:47 +00:00			`# Proxy!`
Audit Log items, backend stuff, help pages 2018-08-01 11:18:17 +00:00			`include conf.d/include/proxy.conf;`
			`}`
Ignore default location when defined in advanced config (#79) 2019-02-25 00:34:55 +00:00			`{% endif %}`

Allow including custom nginx conf files (#178) * Allow including custom nginx conf files Give advanced users more flexibility by allowing them to include custom config files at differents locations in the nginx configuration. `/data/nginx/custom/root.conf`: Included at the very end of nginx.conf `/data/nginx/custom/http.conf`: Included at the end of the main `http` block `/data/nginx/custom/server_proxy.conf`: Included at the end of every proxy `server` block `/data/nginx/custom/server_redirect.conf`: Included at the end of every redirection `server` block `/data/nginx/custom/server_stream.conf`: Included at the end of every stream `server` block `/data/nginx/custom/server_stream_tcp.conf`: Included at the end of every TCP stream `server` block `/data/nginx/custom/server_stream_udp.conf`: Included at the end of every UDP stream `server` block * Don't fail if file doesn't exist * Advanced Nginx settings doc 2019-08-09 01:19:42 +00:00			`# Custom`
			`include /data/nginx/custom/server_proxy[.]conf;`
Audit Log items, backend stuff, help pages 2018-08-01 11:18:17 +00:00			`}`
Initial work for disabling hosts 2019-01-03 10:27:43 +00:00			`{% endif %}`