server { listen <%= @listen_port %>; <% if @nagios_url %> server_name <%= @nagios_url %>; <% else %> server_name <%= node['nagios']['server']['name'] %> <%= node['nagios']['server']['name'] %>.<%= @chef_env %>.<%= @public_domain %> <%= @fqdn %>; <% end %> access_log <%= File.join(@log_dir, 'nginx_access.log') %>; error_log <%= File.join(@log_dir, 'nginx_error.log') %>; root <%= @docroot %>; <% unless node['nagios']['allowed_ips'].empty? -%> satisfy any; <%= node['nagios']['allowed_ips'].join(";\n")%>; deny all; <% end -%> auth_basic "Nagios Server"; auth_basic_user_file <%= @htpasswd_file %>; index index.php index.html index.cgi; <% if @https %> ssl on; ssl_certificate <%= @ssl_cert_file %>; ssl_certificate_key <%= @ssl_cert_key %>; ssl_ciphers HIGH; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; <% end %> <% if @cgi %> <%= nginx_dispatch(:cgi, :custom => %q( fastcgi_param AUTH_USER $remote_user; fastcgi_param REMOTE_USER $remote_user; ) ) %> <% end %> <% if @php %> <%= nginx_dispatch(:php, :docroot => @docroot, :custom => %q( fastcgi_param AUTH_USER $remote_user; fastcgi_param REMOTE_USER $remote_user; ) ) %> <% end %> <% if node['platform_family'] == 'debian' && node['nagios']['server']['install_method'] == 'package'-%> location /stylesheets { alias /etc/<%= node['nagios']['server']['vname'] %>/stylesheets; } <% end -%> location / { root <%= @docroot %>; } }