caddy-frontend: Drop-in dummy of nginx with Caddy

Dummy site is setup for Caddy to run.

software/caddy-frontend/buildout.hash.cfg

@@ -19,7 +19,7 @@ md5sum = f686f765e55d1dce2e55a400f0714b3e
 
 [template-apache-frontend]
 filename = instance-apache-frontend.cfg
-md5sum = 8a4883472d6401bc7669ae70c9bafc43
+md5sum = df34d8398a5f19ac7a828e1c85c22867
 
 [template-apache-replicate]
 filename = instance-apache-replicate.cfg.in
@@ -83,15 +83,15 @@ md5sum = 117238225b3fc3c5b5be381815f44c67
 
 [template-nginx-configuration]
 filename = templates/nginx.cfg.in
-md5sum = 18633ce55e53340efa1ba7693aac4152
+md5sum = e85e5ebc2cea6f48af90601ed9bd2d84
 
 [template-nginx-eventsource-slave-virtualhost]
 filename = templates/nginx-eventsource-slave.conf.in
-md5sum = a5186f666acb2f040ede04c91e60408f
+md5sum = 7fb09bb130dc463a6736c1f319e798d6
 
 [template-nginx-notebook-slave-virtualhost]
 filename = templates/nginx-notebook-slave.conf.in
-md5sum = 82d74a7f2aceb2b4a7acc6259291b7f2
+md5sum = afa11dda952b2317227e5c72508aeda2
 
 [template-apache-lazy-script-call]
 filename = templates/apache-lazy-script-call.sh.in

software/caddy-frontend/instance-apache-frontend.cfg

@@ -704,6 +704,15 @@ curl_path = ${curl:location}/bin/curl
 recipe = slapos.cookbook:wrapper
 command-line = ${caddy:output}
   -conf $${nginx-configuration:output}
+  -host $${instance-parameter:configuration.domain}
+  -root $${caddy-directory:document-root}
+  -http-port $${nginx-configuration:plain_port}
+  -https-port $${nginx-configuration:port}
+  -log $${nginx-configuration:error_log}
+  -http2=$${instance-parameter:configuration.enable-http2-by-default}
+  -pidfile $${nginx-configuration:pid-file}
+  -disable-http-challenge
+  -disable-tls-sni-challenge
 wrapper-path = $${directory:service}/frontend_nginx
 
 [nginx-configuration]
@@ -723,6 +732,8 @@ slave-configuration-directory = $${caddy-directory:nginx-slave-configuration}
 pid-file = $${directory:run}/nginx.pid 
 nginx-graceful-command = $${:nginx-configuration-verification}; if [ $? -eq 0 ]; then kill -HUP $(cat $${:pid-file}); fi
 nginx-configuration-verification = $${nginx-frontend:wrapper-path} -validate
+ssl_certificate = $${ca-frontend:cert-file}
+ssl_key = $${ca-frontend:key-file}
 
 [frontend-nginx-graceful]
 < = jinja2-template-base

software/caddy-frontend/templates/nginx-eventsource-slave.conf.in

@@ -11,105 +11,105 @@
                                  ('ssl_certificate_key', 'path_to_ssl_key')] -%}
 
 
-upstream {{ slave_parameter.get('slave_reference') }} {
-  server {{ upstream }};
-}
-
-upstream https_{{ slave_parameter.get('slave_reference') }} {
-  server {{ https_upstream }};
-}
-
-
-server {
-  listen [{{ global_ipv6 }}]:{{ nginx_http_port }};
-  listen {{ local_ipv4 }}:{{ nginx_http_port }};
-
-  server_name {{ slave_parameter.get('custom_domain') }};
-
-  error_log {{ slave_parameter.get('error_log') }} error; 
-  access_log {{ slave_parameter.get('access_log') }} custom;
-  
-  location /pub {
-    push_stream_publisher;
-    push_stream_channels_path $arg_id;
-    # store messages in memory
-    push_stream_store_messages  off;
-
-    # Message size limit
-    # client_max_body_size MUST be equal to client_body_buffer_size or
-    # you will be sorry.
-    client_max_body_size 16k;
-    client_body_buffer_size 16k;
-
-   }
-
-   location ~ /sub/(.*) {
-     # activate subscriber mode for this location
-     add_header "Access-Control-Allow-Origin" "*";
-     add_header 'Access-Control-Allow-Credentials' 'false';
-     add_header 'Access-Control-Allow-Methods' 'GET, HEAD, OPTIONS';
-     add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
-
-     push_stream_subscriber eventsource;
-     # positional channel path
-     push_stream_channels_path $1;
-
-     # content-type
-     default_type "text/event-stream; charset=utf-8";
-  }
-
-}
-
-server {
-  listen [{{ global_ipv6 }}]:{{ nginx_https_port }} ssl;
-  listen {{ local_ipv4 }}:{{ nginx_https_port }} ssl;
-
-  server_name {{ slave_parameter.get('custom_domain') }};
-
-  error_log {{ slave_parameter.get('error_log') }} error;
-  access_log {{ slave_parameter.get('access_log') }} custom;
-
-  ssl on;
-  
-  ssl_session_timeout 5m;
-  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-  ssl_ciphers 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5';
-  ssl_prefer_server_ciphers on;
-  ssl_session_cache shared:SSL:10m;
+# TODO-Caddy upstream {{ slave_parameter.get('slave_reference') }} {
+# TODO-Caddy  server {{ upstream }};
+# TODO-Caddy 
+
+# TODO-Caddy pstream https_{{ slave_parameter.get('slave_reference') }} {
+# TODO-Caddy  server {{ https_upstream }};
+# TODO-Caddy 
+
+
+# TODO-Caddy server {
+# TODO-Caddy  listen [{{ global_ipv6 }}]:{{ nginx_http_port }};
+# TODO-Caddy  listen {{ local_ipv4 }}:{{ nginx_http_port }};
+# TODO-Caddy 
+# TODO-Caddy  server_name {{ slave_parameter.get('custom_domain') }};
+# TODO-Caddy 
+# TODO-Caddy  error_log {{ slave_parameter.get('error_log') }} error; 
+# TODO-Caddy  access_log {{ slave_parameter.get('access_log') }} custom;
+# TODO-Caddy  
+# TODO-Caddy  location /pub {
+# TODO-Caddy    push_stream_publisher;
+# TODO-Caddy    push_stream_channels_path $arg_id;
+# TODO-Caddy    # store messages in memory
+# TODO-Caddy    push_stream_store_messages  off;
+# TODO-Caddy 
+# TODO-Caddy    # Message size limit
+# TODO-Caddy    # client_max_body_size MUST be equal to client_body_buffer_size or
+# TODO-Caddy    # you will be sorry.
+# TODO-Caddy    client_max_body_size 16k;
+# TODO-Caddy    client_body_buffer_size 16k;
+# TODO-Caddy 
+# TODO-Caddy   }
+# TODO-Caddy 
+# TODO-Caddy   location ~ /sub/(.*) {
+# TODO-Caddy     # activate subscriber mode for this location
+# TODO-Caddy     add_header "Access-Control-Allow-Origin" "*";
+# TODO-Caddy     add_header 'Access-Control-Allow-Credentials' 'false';
+# TODO-Caddy     add_header 'Access-Control-Allow-Methods' 'GET, HEAD, OPTIONS';
+# TODO-Caddy     add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
+# TODO-Caddy 
+# TODO-Caddy     push_stream_subscriber eventsource;
+# TODO-Caddy     # positional channel path
+# TODO-Caddy     push_stream_channels_path $1;
+# TODO-Caddy 
+# TODO-Caddy     # content-type
+# TODO-Caddy     default_type "text/event-stream; charset=utf-8";
+# TODO-Caddy  }
+# TODO-Caddy 
+# TODO-Caddy 
+
+# TODO-Caddy server {
+# TODO-Caddy  listen [{{ global_ipv6 }}]:{{ nginx_https_port }} ssl;
+# TODO-Caddy  listen {{ local_ipv4 }}:{{ nginx_https_port }} ssl;
+# TODO-Caddy 
+# TODO-Caddy  server_name {{ slave_parameter.get('custom_domain') }};
+# TODO-Caddy 
+# TODO-Caddy  error_log {{ slave_parameter.get('error_log') }} error;
+# TODO-Caddy  access_log {{ slave_parameter.get('access_log') }} custom;
+# TODO-Caddy 
+# TODO-Caddy  ssl on;
+# TODO-Caddy  
+# TODO-Caddy  ssl_session_timeout 5m;
+# TODO-Caddy  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+# TODO-Caddy  ssl_ciphers 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5';
+# TODO-Caddy  ssl_prefer_server_ciphers on;
+# TODO-Caddy  ssl_session_cache shared:SSL:10m;
 
 {% for key, value in ssl_configuration_list -%}
 {%   if value in slave_parameter -%}
-{{ '  %s' % key }} {{ slave_parameter.get(value) }};
+# TODO-Caddy {{ '  %s' % key }} {{ slave_parameter.get(value) }};
 {% endif -%}
 {% endfor %}
 
-  location /pub {
-    push_stream_publisher;
-    push_stream_channels_path $arg_id;
-    # store messages in memory
-    push_stream_store_messages  off;
-
-    # Message size limit
-    # client_max_body_size MUST be equal to client_body_buffer_size or
-    # you will be sorry.
-    client_max_body_size 16k;
-    client_body_buffer_size 16k;
-
-   }
-
-   location ~ /sub/(.*) {
-     # activate subscriber mode for this location
-     add_header "Access-Control-Allow-Origin" "*";
-     add_header 'Access-Control-Allow-Credentials' 'false';
-     add_header 'Access-Control-Allow-Methods' 'GET, HEAD, OPTIONS';
-     add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
-
-     push_stream_subscriber eventsource;
-     # positional channel path
-     push_stream_channels_path $1;
-
-     # content-type
-     default_type "text/event-stream; charset=utf-8";
-  }
-}
+# TODO-Caddy  location /pub {
+# TODO-Caddy    push_stream_publisher;
+# TODO-Caddy    push_stream_channels_path $arg_id;
+# TODO-Caddy    # store messages in memory
+# TODO-Caddy    push_stream_store_messages  off;
+# TODO-Caddy 
+# TODO-Caddy    # Message size limit
+# TODO-Caddy    # client_max_body_size MUST be equal to client_body_buffer_size or
+# TODO-Caddy    # you will be sorry.
+# TODO-Caddy    client_max_body_size 16k;
+# TODO-Caddy    client_body_buffer_size 16k;
+# TODO-Caddy 
+# TODO-Caddy   }
+# TODO-Caddy 
+# TODO-Caddy   location ~ /sub/(.*) {
+# TODO-Caddy     # activate subscriber mode for this location
+# TODO-Caddy     add_header "Access-Control-Allow-Origin" "*";
+# TODO-Caddy     add_header 'Access-Control-Allow-Credentials' 'false';
+# TODO-Caddy     add_header 'Access-Control-Allow-Methods' 'GET, HEAD, OPTIONS';
+# TODO-Caddy     add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
+# TODO-Caddy 
+# TODO-Caddy     push_stream_subscriber eventsource;
+# TODO-Caddy     # positional channel path
+# TODO-Caddy     push_stream_channels_path $1;
+# TODO-Caddy 
+# TODO-Caddy     # content-type
+# TODO-Caddy     default_type "text/event-stream; charset=utf-8";
+# TODO-Caddy  }
+# TODO-Caddy}
 {% endif -%}

software/caddy-frontend/templates/nginx-notebook-slave.conf.in

@@ -11,96 +11,96 @@
                                  ('ssl_certificate_key', 'path_to_ssl_key')] -%}
 
 
-upstream {{ slave_parameter.get('slave_reference') }} {
-  server {{ upstream }};
-}
-
-upstream https_{{ slave_parameter.get('slave_reference') }} {
-  server {{ https_upstream }};
-}
-
-
-server {
-  listen [{{ global_ipv6 }}]:{{ nginx_http_port }};
-  listen {{ local_ipv4 }}:{{ nginx_http_port }};
-
-  server_name {{ slave_parameter.get('custom_domain') }};
-
-  error_log {{ slave_parameter.get('error_log') }} error; 
-  access_log {{ slave_parameter.get('access_log') }} custom;
-
-  location / {
-        proxy_pass            {{ proxy_pass }};
-        proxy_set_header      Host $host;
-  }
-
-  location ~ /api/kernels/ {
-        proxy_pass            {{ proxy_pass }};
-        proxy_set_header      Host $host;
-        # websocket support
-        proxy_http_version    1.1;
-        proxy_set_header      Upgrade "websocket";
-        proxy_set_header      Connection "Upgrade";
-        proxy_read_timeout    86400;
-   }
-
-  location ~ /terminals/ {
-        proxy_pass            {{ proxy_pass }};
-        proxy_set_header      Host $host;
-        # websocket support
-        proxy_http_version    1.1;
-        proxy_set_header      Upgrade "websocket";
-        proxy_set_header      Connection "Upgrade";
-        proxy_read_timeout    86400;
-  }
-}
-
-server {
-  listen [{{ global_ipv6 }}]:{{ nginx_https_port }} ssl;
-  listen {{ local_ipv4 }}:{{ nginx_https_port }} ssl;
-
-  server_name {{ slave_parameter.get('custom_domain') }};
-
-  error_log {{ slave_parameter.get('error_log') }} error;
-  access_log {{ slave_parameter.get('access_log') }} custom;
-
-  ssl on;
-  
-  ssl_session_timeout 5m;
-  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-  ssl_ciphers 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5';
-  ssl_prefer_server_ciphers on;
-  ssl_session_cache shared:SSL:10m;
+# TODO-Caddy upstream {{ slave_parameter.get('slave_reference') }} {
+# TODO-Caddy   server {{ upstream }};
+# TODO-Caddy }
+
+# TODO-Caddy upstream https_{{ slave_parameter.get('slave_reference') }} {
+# TODO-Caddy   server {{ https_upstream }};
+# TODO-Caddy }
+
+
+# TODO-Caddy server {
+# TODO-Caddy   listen [{{ global_ipv6 }}]:{{ nginx_http_port }};
+# TODO-Caddy   listen {{ local_ipv4 }}:{{ nginx_http_port }};
+# TODO-Caddy 
+# TODO-Caddy   server_name {{ slave_parameter.get('custom_domain') }};
+# TODO-Caddy 
+# TODO-Caddy   error_log {{ slave_parameter.get('error_log') }} error; 
+# TODO-Caddy   access_log {{ slave_parameter.get('access_log') }} custom;
+# TODO-Caddy 
+# TODO-Caddy   location / {
+# TODO-Caddy         proxy_pass            {{ proxy_pass }};
+# TODO-Caddy         proxy_set_header      Host $host;
+# TODO-Caddy   }
+# TODO-Caddy 
+# TODO-Caddy   location ~ /api/kernels/ {
+# TODO-Caddy         proxy_pass            {{ proxy_pass }};
+# TODO-Caddy         proxy_set_header      Host $host;
+# TODO-Caddy         # websocket support
+# TODO-Caddy         proxy_http_version    1.1;
+# TODO-Caddy         proxy_set_header      Upgrade "websocket";
+# TODO-Caddy         proxy_set_header      Connection "Upgrade";
+# TODO-Caddy         proxy_read_timeout    86400;
+# TODO-Caddy    }
+# TODO-Caddy 
+# TODO-Caddy   location ~ /terminals/ {
+# TODO-Caddy         proxy_pass            {{ proxy_pass }};
+# TODO-Caddy         proxy_set_header      Host $host;
+# TODO-Caddy         # websocket support
+# TODO-Caddy         proxy_http_version    1.1;
+# TODO-Caddy         proxy_set_header      Upgrade "websocket";
+# TODO-Caddy         proxy_set_header      Connection "Upgrade";
+# TODO-Caddy         proxy_read_timeout    86400;
+# TODO-Caddy   }
+# TODO-Caddy }
+
+# TODO-Caddy server {
+# TODO-Caddy   listen [{{ global_ipv6 }}]:{{ nginx_https_port }} ssl;
+# TODO-Caddy   listen {{ local_ipv4 }}:{{ nginx_https_port }} ssl;
+# TODO-Caddy 
+# TODO-Caddy   server_name {{ slave_parameter.get('custom_domain') }};
+# TODO-Caddy 
+# TODO-Caddy   error_log {{ slave_parameter.get('error_log') }} error;
+# TODO-Caddy   access_log {{ slave_parameter.get('access_log') }} custom;
+# TODO-Caddy 
+# TODO-Caddy   ssl on;
+# TODO-Caddy   
+# TODO-Caddy   ssl_session_timeout 5m;
+# TODO-Caddy   ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+# TODO-Caddy   ssl_ciphers 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5';
+# TODO-Caddy   ssl_prefer_server_ciphers on;
+# TODO-Caddy   ssl_session_cache shared:SSL:10m;
 
 {% for key, value in ssl_configuration_list -%}
 {%   if value in slave_parameter -%}
-{{ '  %s' % key }} {{ slave_parameter.get(value) }};
+# TODO-Caddy {{ '  %s' % key }} {{ slave_parameter.get(value) }};
 {% endif -%}
 {% endfor %}
 
-  location / {
-        proxy_pass            {{ https_proxy_pass }};
-        proxy_set_header      Host $host;
-  }
-
-  location ~ /api/kernels/ {
-        proxy_pass            {{ https_proxy_pass }};
-        proxy_set_header      Host $host;
-        # websocket support
-        proxy_http_version    1.1;
-        proxy_set_header      Upgrade "websocket";
-        proxy_set_header      Connection "Upgrade";
-        proxy_read_timeout    86400;
-   }
-
-  location ~ /terminals/ {
-        proxy_pass            {{ https_proxy_pass }};
-        proxy_set_header      Host $host;
-        # websocket support
-        proxy_http_version    1.1;
-        proxy_set_header      Upgrade "websocket";
-        proxy_set_header      Connection "Upgrade";
-        proxy_read_timeout    86400;
-  }
-}
+# TODO-Caddy   location / {
+# TODO-Caddy         proxy_pass            {{ https_proxy_pass }};
+# TODO-Caddy         proxy_set_header      Host $host;
+# TODO-Caddy   }
+# TODO-Caddy 
+# TODO-Caddy   location ~ /api/kernels/ {
+# TODO-Caddy         proxy_pass            {{ https_proxy_pass }};
+# TODO-Caddy         proxy_set_header      Host $host;
+# TODO-Caddy         # websocket support
+# TODO-Caddy         proxy_http_version    1.1;
+# TODO-Caddy         proxy_set_header      Upgrade "websocket";
+# TODO-Caddy         proxy_set_header      Connection "Upgrade";
+# TODO-Caddy         proxy_read_timeout    86400;
+# TODO-Caddy    }
+# TODO-Caddy 
+# TODO-Caddy   location ~ /terminals/ {
+# TODO-Caddy         proxy_pass            {{ https_proxy_pass }};
+# TODO-Caddy         proxy_set_header      Host $host;
+# TODO-Caddy         # websocket support
+# TODO-Caddy         proxy_http_version    1.1;
+# TODO-Caddy         proxy_set_header      Upgrade "websocket";
+# TODO-Caddy         proxy_set_header      Connection "Upgrade";
+# TODO-Caddy         proxy_read_timeout    86400;
+# TODO-Caddy   }
+# TODO-Caddy }
 {% endif -%}

software/caddy-frontend/templates/nginx.cfg.in

-daemon off; # run in the foreground so supervisord can look after it
-
-worker_processes $${nginx-configuration:worker_processes};
-pid $${nginx-configuration:pid-file};
+# Dummy site for starting Caddy correctly
+https://www.example.org:$${nginx-configuration:port} {
+  tls $${nginx-configuration:ssl_certificate} $${nginx-configuration:ssl_key}
+  bind $${nginx-configuration:local_ip}
+# TODO-Caddy  bind {{ ipv6_addr }}
+# Serve an error 204 (No Content) for favicon.ico
+status 204 /favicon.ico
+status 404 /
+}
 
-events {
-  worker_connections $${nginx-configuration:worker_connections};
-  # multi_accept on;
+http://www.example.org:$${nginx-configuration:plain_port} {
+  bind $${nginx-configuration:local_ip}
+# TODO-Caddy  bind {{ ipv6_addr }}
+# Serve an error 204 (No Content) for favicon.ico
+status 204 /favicon.ico
+status 404 /
 }
+# TODO-Caddy daemon off; # run in the foreground so supervisord can look after it
 
-error_log $${nginx-configuration:error_log};
+# TODO-Caddy worker_processes $${nginx-configuration:worker_processes};
 
-http {
+# TODO-Caddy events {
+# TODO-Caddy   worker_connections $${nginx-configuration:worker_connections};
+# TODO-Caddy   # multi_accept on;
+# TODO-Caddy }
+
+# TODO-Caddy http {
 
   ##
   # Basic Settings
   ##
 
-  sendfile on;
-  tcp_nopush on;
-  tcp_nodelay on;
-  keepalive_timeout 65;
-  types_hash_max_size 2048;
-  server_tokens off;
+# TODO-Caddy   sendfile on;
+# TODO-Caddy   tcp_nopush on;
+# TODO-Caddy   tcp_nodelay on;
+# TODO-Caddy   keepalive_timeout 65;
+# TODO-Caddy   types_hash_max_size 2048;
+# TODO-Caddy   server_tokens off;
 
-  error_log $${nginx-configuration:error_log};
-  log_format custom '$remote_addr - $remote_user $time_local $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time';
-  access_log $${nginx-configuration:access_log} custom;
+# TODO-Caddy   log_format custom '$remote_addr - $remote_user $time_local $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time';
+# TODO-Caddy   access_log $${nginx-configuration:access_log} custom;
 
   # server_names_hash_bucket_size 64;
   # server_name_in_redirect off;
 
-  default_type application/octet-stream;
+# TODO-Caddy   default_type application/octet-stream;
 
-  ssl_certificate $${ca-frontend:cert-file};
-  ssl_certificate_key $${ca-frontend:key-file};
+# TODO-Caddy   ssl_certificate $${ca-frontend:cert-file};
+# TODO-Caddy   ssl_certificate_key $${ca-frontend:key-file};
 
   ##
   # Gzip Settings
   ##
-  gzip on;
-  gzip_disable "msie6";
-
-  gzip_vary on;
-  gzip_proxied any;
-  gzip_comp_level 6;
-  gzip_buffers 16 8k;
-  gzip_http_version 1.1;
-  gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
+# TODO-Caddy   gzip on;
+# TODO-Caddy   gzip_disable "msie6";
+
+# TODO-Caddy   gzip_vary on;
+# TODO-Caddy   gzip_proxied any;
+# TODO-Caddy   gzip_comp_level 6;
+# TODO-Caddy   gzip_buffers 16 8k;
+# TODO-Caddy   gzip_http_version 1.1;
+# TODO-Caddy   gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
   
   ##
   # Push stream Settings
   ##
-  push_stream_shared_memory_size                32m;
-
-  fastcgi_temp_path  $${directory:varnginx} 1 2;
-  uwsgi_temp_path  $${directory:varnginx} 1 2;
-  scgi_temp_path  $${directory:varnginx} 1 2;
-
-  client_body_temp_path $${directory:varnginx} 1 2;
-  proxy_temp_path $${directory:varnginx} 1 2;
-
-  include $${nginx-configuration:slave-configuration-directory}/*.conf;
+# TODO-Caddy   push_stream_shared_memory_size                32m;
 
-  server {
-    listen [$${nginx-configuration:ip}]:$${nginx-configuration:plain_port};
-    listen $${nginx-configuration:local_ip}:$${nginx-configuration:plain_port};
+# TODO-Caddy   fastcgi_temp_path  $${directory:varnginx} 1 2;
+# TODO-Caddy   uwsgi_temp_path  $${directory:varnginx} 1 2;
+# TODO-Caddy   scgi_temp_path  $${directory:varnginx} 1 2;
 
+# TODO-Caddy   client_body_temp_path $${directory:varnginx} 1 2;
+# TODO-Caddy   proxy_temp_path $${directory:varnginx} 1 2;
+# TODO-Caddy }
 
-    ## Serve an error 204 (No Content) for favicon.ico
-    location = /favicon.ico {
-      return 204;
-    }
-
-    location / {
-      root $${apache-directory:document-root};
-      index notfound.html;
-    }
-  }
-
-  server {
-    listen [$${nginx-configuration:ip}]:$${nginx-configuration:port} ssl;
-    listen $${nginx-configuration:local_ip}:$${nginx-configuration:port} ssl;
-
-    ssl on;
-  
-    ssl_session_timeout 5m;
-    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-    ssl_ciphers 'ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:HIGH:!aNULL:!MD5';
-    ssl_prefer_server_ciphers on;
-    ssl_session_cache shared:SSL:10m;
-
-    ## Serve an error 204 (No Content) for favicon.ico
-    location = /favicon.ico {
-      return 204;
-    }
-
-    location / {
-      root $${apache-directory:document-root};
-      index notfound.html;
-    }
-  }
-}
+import $${nginx-configuration:slave-configuration-directory}/*.conf