diff --git a/README.md b/README.md index 6b6771e..c0ff3ac 100644 --- a/README.md +++ b/README.md @@ -355,8 +355,10 @@ nginx_main_template: cache: false rate_limit: false keyval: false - stream_enable: false http_global_autoindex: false + #http_custom_options: [] + stream_enable: false + #stream_custom_options: [] #auth_request_http: /auth #auth_request_set_http: #name: $auth_user @@ -449,6 +451,7 @@ nginx_http_template: #return302: #code: 302 #url: https://sso.somehost.local/?url=https://$http_host$request_uri + #custom_options: [] http_demo_conf: false reverse_proxy: proxy_cache_path: @@ -556,6 +559,7 @@ nginx_http_template: #return302: #code: 302 #url: https://sso.somehost.local/?url=https://$http_host$request_uri + #custom_options: [] health_check_plus: false proxy_cache: proxy_cache_path: @@ -578,11 +582,14 @@ nginx_http_template: port: 8081 weight: 1 health_check: max_fails=1 fail_timeout=10s + #custom_options: [] returns: return301: location: / code: 301 value: http://$host$request_uri + #http_custom_options: [] + #server_custom_options: [] # Enable NGINX status data. # Will enable 'stub_status' in NGINX Open Source and 'status' in NGINX Plus. @@ -629,6 +636,7 @@ nginx_stream_template: verify_depth: 1 session_reuse: true health_check_plus: false + #custom_options: [] upstreams: upstream1: name: backend @@ -642,6 +650,8 @@ nginx_stream_template: port: 8080 weight: 1 health_check: max_fails=1 fail_timeout=10s + #custom_options: [] + #custom_options: [] ``` Dependencies diff --git a/defaults/main.yml b/defaults/main.yml index dc92873..5f87c96 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -166,8 +166,10 @@ nginx_main_template: cache: false rate_limit: false keyval: false - stream_enable: false http_global_autoindex: false + #http_custom_options: [] + stream_enable: false + #stream_custom_options: [] #auth_request_http: /auth #auth_request_set_http: #name: $auth_user @@ -260,6 +262,7 @@ nginx_http_template: #return302: #code: 302 #url: https://sso.somehost.local/?url=https://$http_host$request_uri + #custom_options: [] http_demo_conf: false reverse_proxy: proxy_cache_path: @@ -367,6 +370,7 @@ nginx_http_template: #return302: #code: 302 #url: https://sso.somehost.local/?url=https://$http_host$request_uri + #custom_options: [] health_check_plus: false proxy_cache: proxy_cache_path: @@ -389,11 +393,14 @@ nginx_http_template: port: 8081 weight: 1 health_check: max_fails=1 fail_timeout=10s + #custom_options: [] returns: return301: location: / code: 301 value: http://$host$request_uri + #http_custom_options: [] + #server_custom_options: [] # Enable NGINX status data. # Will enable 'stub_status' in NGINX Open Source and 'status' in NGINX Plus. @@ -440,6 +447,7 @@ nginx_stream_template: verify_depth: 1 session_reuse: true health_check_plus: false + #custom_options: [] upstreams: upstream1: name: backend @@ -453,3 +461,5 @@ nginx_stream_template: port: 8080 weight: 1 health_check: max_fails=1 fail_timeout=10s + #custom_options: [] + #custom_options: [] diff --git a/molecule/template_module/playbook.yml b/molecule/template_module/playbook.yml index 347fa04..1e3ed48 100644 --- a/molecule/template_module/playbook.yml +++ b/molecule/template_module/playbook.yml @@ -227,6 +227,16 @@ html_file_location: /usr/share/nginx/html html_file_name: backend_index.html autoindex: false + php: + location: ~ \.php$ + html_file_location: /usr/share/nginx/html + autoindex: false + custom_options: + - fastcgi_split_path_info ^(.+\.php)(/.+)$ + - fastcgi_pass unix:/run/php/php7.2-fpm.sock + - fastcgi_index index.php + - include fastcgi_params + - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name http_demo_conf: true nginx_html_demo_template_enable: true nginx_html_demo_template: diff --git a/templates/http/default.conf.j2 b/templates/http/default.conf.j2 index bff4abf..4e3855c 100644 --- a/templates/http/default.conf.j2 +++ b/templates/http/default.conf.j2 @@ -11,6 +11,11 @@ upstream {{ item.value.upstreams[upstream].name }} { {% if item.value.upstreams[upstream].sticky_cookie %} sticky cookie srv_id expires=1h path=/; {% endif %} +{% if item.value.upstreams[upstream].custom_options is defined and item.value.upstreams[upstream].custom_options | length %} +{% for inline_option in item.value.upstreams[upstream].custom_options %} + {{ inline_option }}; +{% endfor %} +{% endif %} } {% endfor %} {% endif %} @@ -52,6 +57,12 @@ auth_request {{ item.value.auth_request_http }}; auth_request_set {{ item.value.auth_request_set_http.name }} {{ item.value.auth_request_set_http.value }}; {% endif %} +{% if item.value.http_custom_options is defined and item.value.http_custom_options | length %} +{% for inline_option in item.value.http_custom_options %} +{{ inline_option }}; +{% endfor %} +{% endif %} + server { {% for listen in item.value.listen %} listen {% if item.value.listen[listen].ip is defined and item.value.listen[listen].ip | length %}{{ item.value.listen[listen].ip }}:{% endif %}{{ item.value.listen[listen].port }}{% if item.value.ssl is defined and item.value.ssl %} ssl{% endif %}{% if item.value.listen[listen].opts is defined and item.value.listen[listen].opts | length %} {{ item.value.listen[listen].opts | join(" ") }}{% endif %}; @@ -133,6 +144,11 @@ server { {% if item.value.client_max_body_size is defined and item.value.client_max_body_size %} client_max_body_size {{ item.value.client_max_body_size }}; {% endif %} +{% if item.value.server_custom_options is defined and item.value.server_custom_options | length %} +{% for inline_option in item.value.server_custom_options %} + {{ inline_option }}; +{% endfor %} +{% endif %} {% if item.value.reverse_proxy is defined and item.value.reverse_proxy %} {% for location in item.value.reverse_proxy.locations %} @@ -289,6 +305,11 @@ server { {% if item.value.reverse_proxy.locations[location].proxy_buffering is defined %} proxy_buffering {{ item.value.reverse_proxy.locations[location].proxy_buffering | ternary("on", "off") }}; {% endif %} +{% if item.value.reverse_proxy.locations[location].custom_options is defined and item.value.reverse_proxy.locations[location].custom_options | length %} +{% for inline_option in item.value.reverse_proxy.locations[location].custom_options %} + {{ inline_option }}; +{% endfor %} +{% endif %} {% if (item.value.reverse_proxy.health_check_plus is defined) and item.value.reverse_proxy.health_check_plus %} health_check; {% endif %} @@ -317,6 +338,11 @@ server { include "{{ file }}"; {% endfor %} {% endif %} +{% if item.value.web_server.locations[location].custom_options is defined and item.value.web_server.locations[location].custom_options | length %} +{% for inline_option in item.value.web_server.locations[location].custom_options %} + {{ inline_option }}; +{% endfor %} +{% endif %} {% if item.value.web_server.locations[location].proxy_hide_headers is defined %} {% for header in item.value.web_server.locations[location].proxy_hide_headers %} proxy_hide_header {{ header }}; diff --git a/templates/nginx.conf.j2 b/templates/nginx.conf.j2 index 3c41901..c0dd7bc 100644 --- a/templates/nginx.conf.j2 +++ b/templates/nginx.conf.j2 @@ -38,12 +38,23 @@ worker_processes {{ nginx_main_template.worker_processes }}; worker_rlimit_nofile {{ nginx_main_template.worker_rlimit_nofile }}; {% endif %} +{% if nginx_main_template.custom_options is defined and nginx_main_template.custom_options | length %} +{% for inline_option in nginx_main_template.custom_options %} +{{ inline_option }}; +{% endfor %} +{% endif %} + error_log {{ nginx_main_template.error_log.location }} {{ nginx_main_template.error_log.level }}; pid /var/run/nginx.pid; events { worker_connections {{ nginx_main_template.worker_connections }}; +{% if nginx_main_template.events_custom_options is defined and nginx_main_template.events_custom_options | length %} +{% for inline_option in nginx_main_template.events_custom_options %} + {{ inline_option }}; +{% endfor %} +{% endif %} } {% if nginx_main_template.http_enable %} @@ -77,6 +88,11 @@ http { {% endif %} {% if nginx_main_template.http_global_autoindex | default(false) %} autoindex on; +{% endif %} +{% if nginx_main_template.http_custom_options is defined and nginx_main_template.http_custom_options | length %} +{% for inline_option in nginx_main_template.http_custom_options %} + {{ inline_option }}; +{% endfor %} {% endif %} include /etc/nginx/conf.d/*.conf; } @@ -84,6 +100,11 @@ http { {% if nginx_main_template.stream_enable %} stream { +{% if nginx_main_template.stream_custom_options is defined and nginx_main_template.stream_custom_options | length %} +{% for inline_option in nginx_main_template.stream_custom_options %} + {{ inline_option }}; +{% endfor %} +{% endif %} include /etc/nginx/conf.d/stream/*.conf; } {% endif %} diff --git a/templates/stream/default.conf.j2 b/templates/stream/default.conf.j2 index 048dbc7..1a64999 100644 --- a/templates/stream/default.conf.j2 +++ b/templates/stream/default.conf.j2 @@ -15,10 +15,21 @@ upstream {{ item.value.upstreams[upstream].name }} { sticky cookie srv_id expires=1h path=/; {% endif %} {% endif %} +{% if item.value.upstreams[upstream].custom_options is defined and item.value.upstreams[upstream].custom_options | length %} +{% for inline_option in item.value.upstreams[upstream].custom_options %} + {{ inline_option }}; +{% endfor %} +{% endif %} } {% endfor %} {% endif %} +{% if item.value.custom_options is defined and item.value.custom_options | length %} +{% for inline_option in item.value.custom_options %} +{{ inline_option }}; +{% endfor %} +{% endif %} + {% if item.value.network_streams is defined %} {% for stream in item.value.network_streams %} server { @@ -92,6 +103,11 @@ server { {% if item.value.network_streams[stream].health_check_plus %} health_check; {% endif %} +{% if item.value.network_streams[stream].custom_options is defined and item.value.network_streams[stream].custom_options | length %} +{% for inline_option in item.value.network_streams[stream].custom_options %} + {{ inline_option }}; +{% endfor %} +{% endif %} } {% endfor %} {% endif %}