|
@@ -138,6 +138,8 @@ proxy_set_header X-Forwarded-Port $proxy_x_forwarded_port;
|
|
|
proxy_set_header Proxy "";
|
|
|
{{ end }}
|
|
|
|
|
|
+{{ $access_log := (or (and (not $.Env.DISABLE_ACCESS_LOGS) "access_log /var/log/nginx/access.log vhost;") "") }}
|
|
|
+
|
|
|
{{ $enable_ipv6 := eq (or ($.Env.ENABLE_IPV6) "") "true" }}
|
|
|
server {
|
|
|
server_name _; # This is just an invalid value which will never trigger on a real hostname.
|
|
@@ -145,7 +147,7 @@ server {
|
|
|
{{ if $enable_ipv6 }}
|
|
|
listen [::]:{{ $external_http_port }};
|
|
|
{{ end }}
|
|
|
- access_log /var/log/nginx/access.log vhost;
|
|
|
+ {{ $access_log }}
|
|
|
return 503;
|
|
|
}
|
|
|
|
|
@@ -156,7 +158,7 @@ server {
|
|
|
{{ if $enable_ipv6 }}
|
|
|
listen [::]:{{ $external_https_port }} ssl http2;
|
|
|
{{ end }}
|
|
|
- access_log /var/log/nginx/access.log vhost;
|
|
|
+ {{ $access_log }}
|
|
|
return 503;
|
|
|
|
|
|
ssl_session_cache shared:SSL:50m;
|
|
@@ -248,7 +250,7 @@ server {
|
|
|
{{ if $enable_ipv6 }}
|
|
|
listen [::]:{{ $external_http_port }} {{ $default_server }};
|
|
|
{{ end }}
|
|
|
- access_log /var/log/nginx/access.log vhost;
|
|
|
+ {{ $access_log }}
|
|
|
|
|
|
# Do not HTTPS redirect Let'sEncrypt ACME challenge
|
|
|
location /.well-known/acme-challenge/ {
|
|
@@ -271,7 +273,7 @@ server {
|
|
|
{{ if $enable_ipv6 }}
|
|
|
listen [::]:{{ $external_https_port }} ssl http2 {{ $default_server }};
|
|
|
{{ end }}
|
|
|
- access_log /var/log/nginx/access.log vhost;
|
|
|
+ {{ $access_log }}
|
|
|
|
|
|
{{ if eq $network_tag "internal" }}
|
|
|
# Only allow traffic from internal clients
|
|
@@ -343,7 +345,7 @@ server {
|
|
|
{{ if $enable_ipv6 }}
|
|
|
listen [::]:80 {{ $default_server }};
|
|
|
{{ end }}
|
|
|
- access_log /var/log/nginx/access.log vhost;
|
|
|
+ {{ $access_log }}
|
|
|
|
|
|
{{ if eq $network_tag "internal" }}
|
|
|
# Only allow traffic from internal clients
|
|
@@ -388,7 +390,7 @@ server {
|
|
|
{{ if $enable_ipv6 }}
|
|
|
listen [::]:{{ $external_https_port }} ssl http2 {{ $default_server }};
|
|
|
{{ end }}
|
|
|
- access_log /var/log/nginx/access.log vhost;
|
|
|
+ {{ $access_log }}
|
|
|
return 500;
|
|
|
|
|
|
ssl_certificate /etc/nginx/certs/default.crt;
|