eole-lemonldap/tmpl/manager-nginx.conf

78 lines
2.0 KiB
Plaintext

server {
listen 80;
server_name %%managerWebName;
return 301 https://$host$request_uri;
}
server {
listen 443;
ssl on;
%if %%cert_type == "letsencrypt"
ssl_certificate %%le_config_dir/live/%%managerWebName/cert.pem;
ssl_certificate_key %%le_config_dir/live/%%managerWebName/privkey.pem;
%else
ssl_certificate %%server_cert;
ssl_certificate_key %%server_key;
%end if
ssl_client_certificate /etc/ssl/certs/ca.crt;
access_log /var/log/nginx/manager-lemon-ldap.access-ssl.log;
server_name %%managerWebName;
error_page 403 404 502 503 504 /nginx.html;
location = /nginx.html{
root /usr/share/nginx/www;
}
root /usr/share/lemonldap-ng/manager/htdocs/;
if ($uri !~ ^/(.*\.psgi|static|doc|lib|javascript|favicon)) {
rewrite ^/(.*)$ /manager.psgi/$1 break;
}
location ~ ^(?<sc>/.*\.psgi)(?:$|/) {
# FastCGI configuration
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
fastcgi_param LLTYPE psgi;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_split_path_info ^(.*\.psgi)(/.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
# OR TO USE uWSGI
#include /etc/nginx/uwsgi_params;
#uwsgi_pass 127.0.0.1:5000;
#uwsgi_param LLTYPE psgi;
#uwsgi_param SCRIPT_FILENAME $document_root$sc;
#uwsgi_param SCRIPT_NAME $sc;
# Uncomment this if you use https only
#add_header Strict-Transport-Security "max-age=15768000";
}
location / {
index manager.psgi;
try_files $uri $uri/ =404;
allow 127.0.0.0/8;
deny all;
}
location /doc/ {
alias /usr/share/doc/lemonldap-ng-doc/;
index index.html start.html;
}
location /lib/ {
alias /usr/share/doc/lemonldap-ng-doc/pages/documentation/current/lib/;
}
location /static/ {
alias /usr/share/lemonldap-ng/manager/htdocs/static/;
}
# DEBIAN
# If install was made with USEDEBIANLIBS (official releases), uncomment this
#location /javascript/ {
# alias /usr/share/javascript/;
#}
}