diff --git a/README.md b/README.md index d80e828..4799666 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,10 @@ If you need to support multiple virtual hosts for a container, you can separate You can also use wildcards at the beginning and the end of host name, like `*.bar.com` or `foo.bar.*`. Or even a regular expression, which can be very useful in conjunction with a wildcard DNS service like [xip.io](http://xip.io), using `~^foo\.bar\..*\.xip\.io` will match `foo.bar.127.0.0.1.xip.io`, `foo.bar.10.0.2.2.xip.io` and all other given IPs. More information about this topic can be found in the nginx documentation about [`server_names`](http://nginx.org/en/docs/http/server_names.html). +### SSL Backends + +If you would like to connect to your backend using HTTPS instead of HTTP, set `VIRTUAL_PROTO=https` on the backend container. + ### Separate Containers nginx-proxy can also be run as two separate containers using the [jwilder/docker-gen](https://index.docker.io/u/jwilder/docker-gen/) diff --git a/nginx.tmpl b/nginx.tmpl index d373ce3..b694a31 100644 --- a/nginx.tmpl +++ b/nginx.tmpl @@ -68,6 +68,9 @@ upstream {{ $host }} { {{ end }} } +{{/* Get the VIRTUAL_PROTO defined by containers w/ the same vhost, falling back to "http" */}} +{{ $proto := or (first (groupByKeys $containers "Env.VIRTUAL_PROTO")) "http" }} + {{/* Get the first cert name defined by containers w/ the same vhost */}} {{ $certName := (first (groupByKeys $containers "Env.CERT_NAME")) }} @@ -105,7 +108,7 @@ server { add_header Strict-Transport-Security "max-age=31536000; includeSubdomains"; location / { - proxy_pass http://{{ $host }}; + proxy_pass {{ $proto }}://{{ $host }}; {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} auth_basic "Restricted {{ $host }}"; auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }}; @@ -118,7 +121,7 @@ server { server_name {{ $host }}; location / { - proxy_pass http://{{ $host }}; + proxy_pass {{ $proto }}://{{ $host }}; {{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }} auth_basic "Restricted {{ $host }}"; auth_basic_user_file {{ (printf "/etc/nginx/htpasswd/%s" $host) }};