3 server_name <%=$domain%>;
7 fastcgi_param QUERY_STRING $query_string;
8 fastcgi_param REQUEST_METHOD $request_method;
9 fastcgi_param CONTENT_TYPE $content_type;
10 fastcgi_param CONTENT_LENGTH $content_length;
11 fastcgi_param REQUEST_URI $request_uri;
12 fastcgi_param PATH_INFO $document_uri;
13 fastcgi_param REMOTE_ADDR $remote_addr;
14 fastcgi_param REMOTE_PORT $remote_port;
15 fastcgi_param SERVER_NAME $host;
16 fastcgi_param SERVER_PORT '80';
17 fastcgi_param SERVER_PROTOCOL 'http';
18 fastcgi_param USER_ROLES 'anonymous/void:*';
19 fastcgi_pass <%=$socket%>;
21 location ~* /.well-known/someca-challenge/.* {
27 listen 0.0.0.0:443 ssl;
28 server_name <%=$domain%>;
30 ssl_certificate <%=$cert_stem%>.crt;
31 ssl_certificate_key <%=$cert_stem%>.key;
33 ssl_client_certificate /etc/ssl/<%=$name%>-roots.pem;
36 access_log /tmp/<%=$name%>-certs.log motion-cert;
39 fastcgi_param QUERY_STRING $query_string;
40 fastcgi_param REQUEST_METHOD $request_method;
41 fastcgi_param CONTENT_TYPE $content_type;
42 fastcgi_param CONTENT_LENGTH $content_length;
43 fastcgi_param REQUEST_URI $request_uri;
44 fastcgi_param PATH_INFO $document_uri;
45 fastcgi_param REMOTE_ADDR $remote_addr;
46 fastcgi_param REMOTE_PORT $remote_port;
47 fastcgi_param SERVER_NAME $host;
48 fastcgi_param SERVER_PORT '443';
49 fastcgi_param SERVER_PROTOCOL 'https';
50 fastcgi_param USER_ROLES $motion_user_role;
51 fastcgi_pass <%=$socket%>;
53 <% if($protected != 'no') { %>
54 auth_basic "closed site";
55 auth_basic_user_file /etc/nginx/access.txt;
58 location ~* /.well-known/someca-challenge/.* {
projects / infra.git / blob