From 6c3b3c87befefdb181e3ca212bcaacb69ecb9e21 Mon Sep 17 00:00:00 2001
From: Mike Dillon <mike.dillon@synctree.com>
Date: Sat, 14 Feb 2015 16:02:39 -0800
Subject: [PATCH 1/2] Support VIRTUAL_PROTO=https for HTTPS backends

---
 nginx.tmpl | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/nginx.tmpl b/nginx.tmpl
index d373ce3..b694a31 100644
--- a/nginx.tmpl
+++ b/nginx.tmpl
@@ -68,6 +68,9 @@ upstream {{ $host }} {
 {{ end }}
 }
 
+{{/* Get the VIRTUAL_PROTO defined by containers w/ the same vhost, falling back to "http" */}}
+{{ $proto := or (first (groupByKeys $containers "Env.VIRTUAL_PROTO")) "http" }}
+
 {{/* Get the first cert name defined by containers w/ the same vhost */}}
 {{ $certName := (first (groupByKeys $containers "Env.CERT_NAME")) }}
 
@@ -105,7 +108,7 @@ server {
 	add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
 
 	location / {
-		proxy_pass http://{{ $host }};
+		proxy_pass {{ $proto }}://{{ $host }};
 		{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
 		auth_basic	"Restricted {{ $host }}";
 		auth_basic_user_file	{{ (printf "/etc/nginx/htpasswd/%s" $host) }};
@@ -118,7 +121,7 @@ server {
 	server_name {{ $host }};
 
 	location / {
-		proxy_pass http://{{ $host }};
+		proxy_pass {{ $proto }}://{{ $host }};
 		{{ if (exists (printf "/etc/nginx/htpasswd/%s" $host)) }}
 		auth_basic	"Restricted {{ $host }}";
 		auth_basic_user_file	{{ (printf "/etc/nginx/htpasswd/%s" $host) }};

From 3f199d56c114b187d837656eadad91098e757111 Mon Sep 17 00:00:00 2001
From: Mike Dillon <mike.dillon@synctree.com>
Date: Sat, 14 Feb 2015 16:19:27 -0800
Subject: [PATCH 2/2] Add VIRTUAL_PROTO to README.md

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index d80e828..4799666 100644
--- a/README.md
+++ b/README.md
@@ -31,6 +31,10 @@ If you need to support multiple virtual hosts for a container, you can separate
 
 You can also use wildcards at the beginning and the end of host name, like `*.bar.com` or `foo.bar.*`. Or even a regular expression, which can be very useful in conjunction with a wildcard DNS service like [xip.io](http://xip.io), using `~^foo\.bar\..*\.xip\.io` will match `foo.bar.127.0.0.1.xip.io`, `foo.bar.10.0.2.2.xip.io` and all other given IPs. More information about this topic can be found in the nginx documentation about [`server_names`](http://nginx.org/en/docs/http/server_names.html).
 
+### SSL Backends
+
+If you would like to connect to your backend using HTTPS instead of HTTP, set `VIRTUAL_PROTO=https` on the backend container.
+
 ### Separate Containers
 
 nginx-proxy can also be run as two separate containers using the [jwilder/docker-gen](https://index.docker.io/u/jwilder/docker-gen/)