kalepail/custom.conf

## custom.conf
{# Let folks know this wasn't a manual configuration #}
# This configuration file was generated with mechanic.

{% macro server(site, settings, options) %}

  include "{{ settings.overrides }}/{{ site.shortname }}/top";

  server {

    gzip on;
    gzip_types text/css text/javascript image/svg+xml
      application/vnd.ms-fontobject application/x-font-ttf
      application/x-javascript application/javascript;

    listen {{ settings.bind }}:{{ options.port }}{% if options.https %} ssl{% endif %}{% if site.default and not site.canonical %} default_server{% endif %};

    server_name {{ site.host }}{% if site.aliases and (not site.canonical) %} {{ site.aliases | join(" ") }}{% endif %};

    {% if options.https %}
      ssl on;
      ssl_session_cache builtin:1000 shared:SSL:10m;
      ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
      ssl_prefer_server_ciphers on;
      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      ssl_certificate {{ settings.conf }}/../certs/{{ site.shortname }}.cer;
      ssl_certificate_key {{ settings.conf }}/../certs/{{ site.shortname }}.key;
    {% endif %}

    client_max_body_size 32M;

    access_log {{ settings.logs }}/{{ site.shortname }}.access.log;
    error_log {{ settings.logs }}/{{ site.shortname }}.error.log;

    {% if site.https and site['redirect-to-https'] and not options.https %}
      location / {
        rewrite ^(.*)$ https://{{ site.host }}$1;
      }
    {% else %}

      include "{{ settings.overrides }}/{{ site.shortname }}/server";

      {# We need a named location block in order to use try_files. #}
      {% if site.backends.length %}
        location @proxy-{{ site.shortname }}-{{ options.port }} {
          proxy_pass http://upstream-{{ site.shortname }};

          proxy_next_upstream error timeout invalid_header http_500 http_502
        http_503 http_504;
          proxy_redirect off;
          proxy_buffering off;
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Proto $scheme;
          include "{{ settings.overrides }}/{{ site.shortname }}/proxy";
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection "upgrade";
          proxy_set_header X-NginX-Proxy true;
        }
      {% endif %}

      location / {
        {%- if site.static %}root {{ site.static }};{% endif %}
        {% if site.autoindex %}
          autoindex on;
          {% if site.backends.length %}
            try_files $uri $uri/ @proxy-{{ site.shortname }}-{{ options.port }};
          {% endif %}
        {% else %}
          {% if site.backends.length %}
            try_files $uri @proxy-{{ site.shortname }}-{{ options.port }};
          {% endif %}
        {% endif %}
        expires 7d;
        include "{{ settings.overrides }}/{{ site.shortname }}/location";
      }
    {% endif %}
  }

  {% if not options.https %}
    {% if site.default or (site.canonical and site.aliases) %}
      server {
        listen {{ settings.bind }}:{{ options.port }}{% if site.default and site.canonical %} default_server{% endif %};
        server_name _{{ site.shortname }}_{{ options.port }}{% if site.aliases %} {{ site.aliases | join(' ') }}{% endif %};
        # canonicalize
        location / {
          rewrite ^(.*)$ http://{{ site.host }}$1;
        }
      }
    {% endif %}
  {% endif %}
{% endmacro %}

{% macro renderSite(site, settings) %}
  {% if site.backends.length %}
    upstream upstream-{{ site.shortname }} {
      {% for backend in site.backends -%}
        server {{ backend }};
      {%- endfor %}
    }
  {% endif %}

  {{ server(site, settings, { port: 80 }) }}

  {% if (site.https) %}
    {{ server(site, settings, { port: 443, https: true }) }}
  {% endif %}
{% endmacro %}

{% for site in sites %}
  {{ renderSite(site, settings) }}
{% endfor %}
	{# Let folks know this wasn't a manual configuration #}
	# This configuration file was generated with mechanic.

	{% macro server(site, settings, options) %}

	include "{{ settings.overrides }}/{{ site.shortname }}/top";

	server {

	gzip on;
	gzip_types text/css text/javascript image/svg+xml
	application/vnd.ms-fontobject application/x-font-ttf
	application/x-javascript application/javascript;

	listen {{ settings.bind }}:{{ options.port }}{% if options.https %} ssl{% endif %}{% if site.default and not site.canonical %} default_server{% endif %};

	server_name {{ site.host }}{% if site.aliases and (not site.canonical) %} {{ site.aliases \| join(" ") }}{% endif %};

	{% if options.https %}
	ssl on;
	ssl_session_cache builtin:1000 shared:SSL:10m;
	ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
	ssl_prefer_server_ciphers on;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_certificate {{ settings.conf }}/../certs/{{ site.shortname }}.cer;
	ssl_certificate_key {{ settings.conf }}/../certs/{{ site.shortname }}.key;
	{% endif %}

	client_max_body_size 32M;

	access_log {{ settings.logs }}/{{ site.shortname }}.access.log;
	error_log {{ settings.logs }}/{{ site.shortname }}.error.log;

	{% if site.https and site['redirect-to-https'] and not options.https %}
	location / {
	rewrite ^(.*)$ https://{{ site.host }}$1;
	}
	{% else %}

	include "{{ settings.overrides }}/{{ site.shortname }}/server";

	{# We need a named location block in order to use try_files. #}
	{% if site.backends.length %}
	location @proxy-{{ site.shortname }}-{{ options.port }} {
	proxy_pass http://upstream-{{ site.shortname }};

	proxy_next_upstream error timeout invalid_header http_500 http_502
	http_503 http_504;
	proxy_redirect off;
	proxy_buffering off;
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	include "{{ settings.overrides }}/{{ site.shortname }}/proxy";
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "upgrade";
	proxy_set_header X-NginX-Proxy true;
	}
	{% endif %}

	location / {
	{%- if site.static %}root {{ site.static }};{% endif %}
	{% if site.autoindex %}
	autoindex on;
	{% if site.backends.length %}
	try_files $uri $uri/ @proxy-{{ site.shortname }}-{{ options.port }};
	{% endif %}
	{% else %}
	{% if site.backends.length %}
	try_files $uri @proxy-{{ site.shortname }}-{{ options.port }};
	{% endif %}
	{% endif %}
	expires 7d;
	include "{{ settings.overrides }}/{{ site.shortname }}/location";
	}
	{% endif %}
	}

	{% if not options.https %}
	{% if site.default or (site.canonical and site.aliases) %}
	server {
	listen {{ settings.bind }}:{{ options.port }}{% if site.default and site.canonical %} default_server{% endif %};
	server_name _{{ site.shortname }}_{{ options.port }}{% if site.aliases %} {{ site.aliases \| join(' ') }}{% endif %};
	# canonicalize
	location / {
	rewrite ^(.*)$ http://{{ site.host }}$1;
	}
	}
	{% endif %}
	{% endif %}
	{% endmacro %}

	{% macro renderSite(site, settings) %}
	{% if site.backends.length %}
	upstream upstream-{{ site.shortname }} {
	{% for backend in site.backends -%}
	server {{ backend }};
	{%- endfor %}
	}
	{% endif %}

	{{ server(site, settings, { port: 80 }) }}

	{% if (site.https) %}
	{{ server(site, settings, { port: 443, https: true }) }}
	{% endif %}
	{% endmacro %}

	{% for site in sites %}
	{{ renderSite(site, settings) }}
	{% endfor %}