Custom nginx vhost template

Discussion in 'ISPConfig 3 Priority Support' started by nvidian, May 21, 2015.

  1. nvidian

    nvidian Member

    Hi, could you help me - I want to add http >> https redirect to my custom vhost.

    I already tested successfully with current vhost (but it will be overwriten by ispconfig). I add this to the first line of current vhost:
    Code:
    server {
                   listen 1.2.3.4;
                   server_name domain.tld www.domain.tld;
                   return 301 https://domain.tld$request_uri;
    }
    So based on above code I want to add that line to custom nginx_vhost.conf.master. But Is it allowed to have 2 'if ssl_enabled' ?
    Is this template below is correct ?
    Code:
    <tmpl_if name='ssl_enabled'>
    server {
      listen  ip_address;
           server_name <tmpl_var name='domain'> <tmpl_var name='alias'>;
           return 301 https://<tmpl_var name='domain'>$request_uri;
    }
    </tmpl_if>
    
    server {
      listen <tmpl_var name='ip_address'>:80;
    <tmpl_if name='ipv6_enabled'>
      listen [<tmpl_var name='ipv6_address'>]:80;
    </tmpl_if>
    
    <tmpl_if name='ssl_enabled'>
      listen <tmpl_var name='ip_address'>:443 ssl;
      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ..................
     
    Last edited: May 21, 2015
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    yes, you ca use the if statements as many times as you need them in a template.

    You should not add an additional server directive, just add:

    <tmpl_if name='ssl_enabled'>
    if ($scheme != "https") {
    rewrite ^ https://www.yourdoamin.tld$request_uri? permanent;
    }
    </tmpl_if>

    inside the existing server { .... } part of the vhost template. if you want a ssl redirect only fro some sites, then simply put:

    if ($scheme != "https") {
    rewrite ^ https://<tmpl_var name='domain'>$request_uri? permanent;
    }

    in the nginx directives field of the website.
     
    nvidian likes this.
  3. nvidian

    nvidian Member

    Thanks TIll. Your solution works great.

    But may I know why we should not add another server directive in nginx vhost ?
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    There is a server for port 80 and 443 already in each ssl enabled website, why do you want a duplicate third server when it is not nescessary.
     

Share This Page