automation/deployer/roles/build/templates/synapse/nginx.host.j2

65 lines
No EOL
1.6 KiB
Django/Jinja

# Generated by ansible for site {{ site.url }}
# At {{ site.subnet_site_ip }} on {{ site.subnet_cidr_address }}
server {
listen 80;
listen [::]:80;
server_name {{ site.url }} www.{{ site.url }};
# Let's Encrypt
include snippets/letsencrypt.conf;
location / {
return 301 https://{{ site.url }}$request_uri;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name {{ site.url }};
access_log /var/log/nginx/{{ site.slug }}-access.log;
error_log /var/log/nginx/{{ site.slug }}-error.log;
# Let's Encrypt
include snippets/letsencrypt.conf;
include snippets/ssl-params.conf;
ssl_certificate /etc/letsencrypt/live/{{ site.url }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ site.url }}/privkey.pem;
include snippets/header-params_server.conf;
location ~* ^(\/_matrix|\/_synapse\/client) {
include snippets/header-params_location.conf;
client_max_body_size {{ site.max_upload_size }};
proxy_pass http://{{ site.subnet_site_ip }}:8008;
}
location /.well-known/ {
log_not_found off;
}
{% if site.custom_landing %}
location / {
root {{ site.custom_landing }};
}
{% endif %}
}
server {
listen 8448 ssl;
listen [::]:8448 ssl;
server_name {{ site.url }};
include snippets/ssl-params.conf;
ssl_certificate /etc/letsencrypt/live/zinz.dev/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/zinz.dev/privkey.pem;
include snippets/header-params_server.conf;
location / {
include snippets/header-params_location.conf;
proxy_pass http://{{ site.subnet_site_ip }}:8008;
}
}