server { server_name {{ item.from }}; include "snippets/proxy-common.conf"; location / { return 302 https://$host$request_uri; } # On redirige tout ce qui concerne le challenge letsencrypt vers le meme dossier # pour pouvoir utiliser le plugin webroot de letsencrypt location /.well-known/acme-challenge { alias /usr/share/nginx/html/.well-known/acme-challenge; } } server { include "snippets/proxy-common-ssl.conf"; server_name {{ item.from }}; # Separate log files access_log /var/log/nginx/{{ item.name }}.access.log; error_log /var/log/nginx/{{ item.name }}.error.log; # Use LetsEncrypt SSL ssl_certificate /etc/letsencrypt/live/auro.re/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/auro.re/privkey.pem; ssl_trusted_certificate /etc/letsencrypt/live/auro.re/chain.pem; location / { proxy_redirect off; proxy_pass http://{{ item.to }}; proxy_set_header Host {{ item.from }}; proxy_set_header P-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; # "A man is not dead while his name is still spoken." -- Going Postal add_header X-Clacks-Overhead "GNU Terry Pratchett"; } # On redirige tout ce qui concerne le challenge letsencrypt vers le meme dossier # pour pouvoir utiliser le plugin webroot de letsencrypt location /.well-known/acme-challenge { alias /usr/share/nginx/html/.well-known/acme-challenge; } }