ansible/test/utils/docker/httptester/nginx.sites.conf
2018-03-21 11:21:39 -07:00

72 lines
1.6 KiB
Text

server {
listen 80 default_server;
listen 443 ssl default_server;
server_name ansible.http.tests _;
ssl_certificate /root/ca/ansible.http.tests-cert.pem;
ssl_certificate_key /root/ca/private/ansible.http.tests-key.pem;
ssl_client_certificate /root/ca/cacert.pem;
ssl_verify_client optional;
location =/cacert.pem {
alias /usr/share/nginx/html/cacert.pem;
}
location =/client.key {
alias /usr/share/nginx/html/client.key;
}
location =/client.pem {
alias /usr/share/nginx/html/client.pem;
}
location =/ssl_client_verify {
return 200 "ansible.http.tests:$ssl_client_verify";
}
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_redirect off;
}
}
server {
listen 80;
listen 443 ssl;
server_name sni1.ansible.http.tests;
ssl_certificate /root/ca/sni1.ansible.http.tests-cert.pem;
ssl_certificate_key /root/ca/private/sni1.ansible.http.tests-key.pem;
location / {
return 200 "sni1.ansible.http.tests";
}
}
server {
listen 80;
listen 443 ssl;
server_name sni2.ansible.http.tests;
ssl_certificate /root/ca/sni2.ansible.http.tests-cert.pem;
ssl_certificate_key /root/ca/private/sni2.ansible.http.tests-key.pem;
location / {
return 200 "sni2.ansible.http.tests";
}
}
server {
listen 80;
server_name fail.ansible.http.tests;
rewrite /(.*) https://$host/$1 permanent;
}