#
# SPDX-License-Identifier: AGPL-3.0
+{%- import_yaml "ssl_key_encrypted.sls" as ssl_key_encrypted_pillar %}
+
### NGINX
nginx:
### SERVER
### STREAMS
http:
upstream webshell_upstream:
- - server: 'localhost:4200 fail_timeout=10s'
+ - server: 'shell.__CLUSTER__.__DOMAIN__:4200 fail_timeout=10s'
### SITES
servers:
- include: snippets/ssl_hardening_default.conf
- ssl_certificate: __CERT_PEM__
- ssl_certificate_key: __CERT_KEY__
+ {%- if ssl_key_encrypted_pillar.ssl_key_encrypted.enabled %}
+ - ssl_password_file: {{ ssl_key_encrypted_pillar.ssl_key_encrypted.ssl_password_file | yaml_dquote }}
+ {%- endif %}
- access_log: /var/log/nginx/webshell.__CLUSTER__.__DOMAIN__.access.log combined
- error_log: /var/log/nginx/webshell.__CLUSTER__.__DOMAIN__.error.log