server { listen 80; server_name %%managerWebName; return 301 https://$host$request_uri; } server { listen 443; ssl on; %if %%cert_type == "letsencrypt" ssl_certificate %%le_config_dir/live/%%managerWebName/cert.pem; ssl_certificate_key %%le_config_dir/live/%%managerWebName/privkey.pem; %else ssl_certificate %%server_cert; ssl_certificate_key %%server_key; %end if ssl_client_certificate /etc/ssl/certs/ca.crt; access_log /var/log/nginx/manager-lemon-ldap.access-ssl.log; server_name %%managerWebName; error_page 403 404 502 503 504 /nginx.html; location = /nginx.html{ root /usr/share/nginx/www; } if ($uri !~ ^/(manager\.psgi|static|doc|fr-doc|lib|javascript|favicon)) { rewrite ^/(.*)$ /manager.psgi/$1 break; } location /manager.psgi { include /etc/nginx/fastcgi_params; fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock; fastcgi_param LLTYPE manager; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_split_path_info ^(.*\.psgi)(/.*)$; fastcgi_param PATH_INFO $fastcgi_path_info; # Uncomment this if you use https only #add_header Strict-Transport-Security "15768000"; } location / { index manager.psgi; allow 127.0.0.0/8; deny all; try_files $uri $uri/ =404; } location /doc/ { alias /usr/share/doc/lemonldap-ng-doc/; index index.html start.html; } location /lib/ { alias /usr/share/doc/lemonldap-ng-doc/pages/documentation/current/lib/; } location /fr-doc/ { alias /usr/share/doc/lemonldap-ng-fr-doc/; index index.html start.html; } location /static/ { alias /usr/share/lemonldap-ng/manager/static/; } # DEBIAN # If install was made with USEDEBIANLIBS (official releases), uncomment this #location /javascript/ { # alias /usr/share/javascript/; #} }