From 279c16f8240eef53ca6e9c3a7f7d2a9a403aaa26 Mon Sep 17 00:00:00 2001
From: Gabe Anzelini <me@gabeanzelini.com>
Date: Fri, 22 Aug 2014 13:51:20 -0700
Subject: [PATCH] add the ability to add ssl certificates per container via env
 variables

---
 nginx.tmpl | 43 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)

diff --git a/nginx.tmpl b/nginx.tmpl
index 2f1eac4..aa975b1 100644
--- a/nginx.tmpl
+++ b/nginx.tmpl
@@ -40,6 +40,48 @@ upstream {{ $host }} {
 {{ end }}
 }
 
+{{ $crt := groupBy $containers "Env.SSL_CRT" }}
+{{ $key := groupBy $containers "Env.SSL_KEY" }}
+
+{{ if and (eq (len $crt) 1) (eq (len $key) 1) }}
+
+server {
+    listen 80;
+    server_name {{ $host }};
+    rewrite ^(.*) https://{{ $host }}$1 permanent;
+}
+
+server {
+	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
+    listen 443;
+    server_name {{ $host }};
+    ssl      on;
+    {{ range $crt, $value := $crt }}
+    ssl_certificate /ssl/{{ $crt }};
+    {{ end }}
+
+    {{ range $key, $value := $key }}
+    ssl_certificate_key /ssl/{{ $key }};
+    {{ end }}
+
+	proxy_buffering off;
+	error_log /proc/self/fd/2;
+	access_log /proc/self/fd/1;
+
+	location / {
+		proxy_pass http://{{ $host }};
+		include /etc/nginx/proxy_params;
+
+		# HTTP 1.1 support
+		proxy_http_version 1.1;
+		proxy_set_header Connection "";
+	}
+
+}
+
+{{/* if there is not a ssl_crt env variable */}}
+{{ else }}
+
 server {
 	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
 
@@ -58,3 +100,4 @@ server {
 	}
 }
 {{ end }}
+{{ end }}