software/nginx

Here are some templates for reverse-proxy + wildcard SSL hosting.

/etc/nginx/sites-enabled/default:

server {
        listen   80 default; ## listen for ipv4; this line is default and implied
        listen   [::]:80 default ipv6only=on; ## listen for ipv6

        access_log  /var/log/nginx/access.log;

        location / {
                root /srv/http/default/www;
                index  index.html index.htm feed.xml;
        }

        # redirect server error pages to the static page /50x.html, /404.html
        error_page  404  /404.html;
        error_page   500 502 503 504  /50x.html;
        location = /404.html {
                root   /srv/http/default/www;
        }
        location = /50x.html {
                root   /srv/http/default/www;
        }
}

server {
    listen 443;
    listen [::]:443 ipv6only=on;
    server_name *.YOURDOMAIN.HERE;

    ssl on;
    ssl_certificate /etc/ssl/certs/YOUR_CERT_HERE.combined.crt;
    ssl_certificate_key /etc/ssl/private/YOUR_KEY_HERE.key;

    location / {
        proxy_pass http://localhost:80/;
        proxy_set_header host $host;
    }
}

/etc/nginx/sites-available/example_static:

server {
        listen   80; ## listen for ipv4; this line is default and implied
        listen   [::]:80; ## listen for ipv6
        server_name STATIC.YOURDOMAIN.HERE;

        access_log /var/log/nginx/static.access.log;
        error_log /var/log/nginx/static.error.log;

        location / {
                root /srv/http/YOUR_STATIC_PATH_HERE;
                #index  index.html index.htm;
                autoindex on;
                #autoindex_exact_size off;
        }

        location /SOME_USER {
                alias /home/SOME_USER/www;
                index  index.html index.htm;
                autoindex on;
        }
}

/etc/nginx/sites-available/example_proxy:

server {
        listen   80; ## listen for ipv4; this line is default and implied
        listen   [::]:80; ## listen for ipv6
        server_name mailman mailman.YOUR_DOMAIN.HERE;

        access_log  /var/log/nginx/mailman.access.log;
        error_log  /var/log/nginx/mailman.error.log;

        location = / {
                rewrite ^ /mailman/listinfo permanent;
        }

        location / {
                rewrite ^ /mailman$uri?$args;
        }

        location /mailman/ {
                include proxy_params;
                proxy_pass http://127.0.0.1:5001/;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
        }
}