{% include "_header_comment.conf" %} {% if enabled %} server { set $forward_scheme {{ forward_scheme }}; set $server "{{ forward_host }}"; set $port {{ forward_port }}; {% include "_listen.conf" %} {% include "_certificates.conf" %} {% include "_assets.conf" %} {% include "_exploits.conf" %} {% include "_hsts.conf" %} {% include "_forced_ssl.conf" %} {% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %} proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_http_version 1.1; {% endif %} access_log /data/logs/proxy_host-{{ id }}/access.log proxy; error_log /data/logs/proxy_host-{{ id }}/error.log warn; {{ advanced_config }} {{ locations }} {% if use_default_location %} location / { {% if access_list_id > 0 %} {% if access_list.items.length > 0 %} # Authorization auth_basic "Authorization required"; auth_basic_user_file /data/access/{{ access_list_id }}; {{ access_list.passauth }} {% endif %} # Access Rules {% for client in access_list.clients %} {{- client.rule -}}; {% endfor %}deny all; # Access checks must... {% if access_list.satisfy %} {{ access_list.satisfy }}; {% endif %} {% endif %} {% include "_hsts.conf" %} {% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %} proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_http_version 1.1; {% endif %} # Proxy! include conf.d/include/proxy.conf; } {% endif %} # Custom include /data/nginx/custom/server_proxy[.]conf; } {% endif %}