{{ ansible_managed | comment }} include "/etc/nginx/snippets/connection_upgrade.conf"; server { listen 80; listen [::]:80; server_name {{ item.from }}; # Redirect to https location / { return 302 https://$host$request_uri; } include /etc/nginx/mime.types; default_type application/octet-stream; # "A man is not dead while his name is still spoken." -- Going Postal add_header X-Clacks-Overhead "GNU {{ ', '.join(in_memoriam) }}"; } server { listen 443 ssl http2; listen [::]:443 ssl http2; ssl_certificate /etc/nginx/certs/{{ item.from }}.crt; ssl_certificate_key /etc/nginx/certs/{{ item.from }}.key; server_name {{ item.from }}; # Logs access_log /var/log/nginx/{{ item.from }}.log; error_log /var/log/nginx/{{ item.from }}_error.log; location / { proxy_pass {{ item.to }}; include "/etc/nginx/snippets/options-proxypass.conf"; } include /etc/nginx/mime.types; default_type application/octet-stream; # "A man is not dead while his name is still spoken." -- Going Postal add_header X-Clacks-Overhead "GNU {{ ', '.join(in_memoriam) }}"; }