summaryrefslogtreecommitdiff
path: root/data/templates/https
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates/https')
-rw-r--r--data/templates/https/nginx.default.j210
1 files changed, 9 insertions, 1 deletions
diff --git a/data/templates/https/nginx.default.j2 b/data/templates/https/nginx.default.j2
index dbb08e187..b541ff309 100644
--- a/data/templates/https/nginx.default.j2
+++ b/data/templates/https/nginx.default.j2
@@ -16,6 +16,8 @@ server {
server_name {{ name }};
{% endfor %}
+ root /srv/localui;
+
{% if server.certbot %}
ssl_certificate {{ server.certbot_dir }}/live/{{ server.certbot_domain_dir }}/fullchain.pem;
ssl_certificate_key {{ server.certbot_dir }}/live/{{ server.certbot_domain_dir }}/privkey.pem;
@@ -34,7 +36,7 @@ server {
ssl_protocols TLSv1.2 TLSv1.3;
# proxy settings for HTTP API, if enabled; 503, if not
- location ~ /(retrieve|configure|config-file|image|generate|show|reset|docs|openapi.json|redoc|graphql) {
+ location ~ ^/(retrieve|configure|config-file|image|container-image|generate|show|reset|docs|openapi.json|redoc|graphql) {
{% if server.api %}
{% if server.api.socket %}
proxy_pass http://unix:/run/api.sock;
@@ -48,6 +50,12 @@ server {
{% else %}
return 503;
{% endif %}
+{% if server.allow_client %}
+{% for client in server.allow_client %}
+ allow {{ client }};
+{% endfor %}
+ deny all;
+{% endif %}
}
error_page 497 =301 https://$host:{{ server.port }}$request_uri;
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-01 15:24:30 +0000