Add IPv6 listener support; Make listen options configurable (#147)
* Add IPv6 listener support; Make options (besides 'ssl' and 'ipv6only=on' for IPv6 listeners) configurable. * Combine listen directives for ssl and non ssl listeners and add the ssl option automatically when it is needed. * Add comment from README also to defaults/main.yml * Add support for multiple listen directives
This commit is contained in:
parent
5416fb28e0
commit
ea1a3626db
@ -358,7 +358,11 @@ nginx_http_template:
|
|||||||
template_file: http/default.conf.j2
|
template_file: http/default.conf.j2
|
||||||
conf_file_name: default.conf
|
conf_file_name: default.conf
|
||||||
conf_file_location: /etc/nginx/conf.d/
|
conf_file_location: /etc/nginx/conf.d/
|
||||||
port: 8081
|
listen:
|
||||||
|
listen_localhost:
|
||||||
|
ip: localhost # Wrap in square brackets for IPv6 addresses
|
||||||
|
port: 8081
|
||||||
|
opts: [] # Listen opts like http2 which will be added (ssl is automatically added if you specify 'ssl:').
|
||||||
server_name: localhost
|
server_name: localhost
|
||||||
include_files: []
|
include_files: []
|
||||||
error_page: /usr/share/nginx/html
|
error_page: /usr/share/nginx/html
|
||||||
|
@ -170,7 +170,11 @@ nginx_http_template:
|
|||||||
template_file: http/default.conf.j2
|
template_file: http/default.conf.j2
|
||||||
conf_file_name: default.conf
|
conf_file_name: default.conf
|
||||||
conf_file_location: /etc/nginx/conf.d/
|
conf_file_location: /etc/nginx/conf.d/
|
||||||
port: 8081
|
listen:
|
||||||
|
listen_localhost:
|
||||||
|
ip: localhost # Wrap in square brackets for IPv6 addresses
|
||||||
|
port: 8081
|
||||||
|
opts: [] # Listen opts like http2 which will be added (ssl is automatically added if you specify 'ssl:').
|
||||||
server_name: localhost
|
server_name: localhost
|
||||||
include_files: []
|
include_files: []
|
||||||
error_page: /usr/share/nginx/html
|
error_page: /usr/share/nginx/html
|
||||||
|
@ -53,8 +53,11 @@ auth_request_set {{ item.value.auth_request_set_http.name }} {{ item.value.auth_
|
|||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
server {
|
server {
|
||||||
|
{% for listen in item.value.listen %}
|
||||||
|
listen {% if item.value.listen[listen].ip is defined and item.value.listen[listen].ip | length %}{{ item.value.listen[listen].ip }}:{% endif %}{{ item.value.listen[listen].port }}{% if item.value.ssl is defined and item.value.ssl %} ssl{% endif %}{% if item.value.listen[listen].opts is defined and item.value.listen[listen].opts | length %} {{ item.value.listen[listen].opts | join(" ") }}{% endif %};
|
||||||
|
{% endfor %}
|
||||||
|
server_name {{ item.value.server_name | default('localhost') }};
|
||||||
{% if item.value.ssl is defined and item.value.ssl %}
|
{% if item.value.ssl is defined and item.value.ssl %}
|
||||||
listen {{ item.value.port }} ssl;
|
|
||||||
ssl_certificate {{ item.value.ssl.cert }};
|
ssl_certificate {{ item.value.ssl.cert }};
|
||||||
ssl_certificate_key {{ item.value.ssl.key }};
|
ssl_certificate_key {{ item.value.ssl.key }};
|
||||||
{% if item.value.ssl.trusted_cert is defined %}
|
{% if item.value.ssl.trusted_cert is defined %}
|
||||||
@ -87,10 +90,7 @@ server {
|
|||||||
{% if item.value.ssl.stapling_verify is defined and item.value.ssl.stapling_verify %}
|
{% if item.value.ssl.stapling_verify is defined and item.value.ssl.stapling_verify %}
|
||||||
ssl_stapling_verify on;
|
ssl_stapling_verify on;
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% else %}
|
|
||||||
listen {{ item.value.port }};
|
|
||||||
{% endif %}
|
{% endif %}
|
||||||
server_name {{ item.value.server_name | default('localhost') }};
|
|
||||||
{% if item.value.include_files is defined and item.value.include_files | length %}
|
{% if item.value.include_files is defined and item.value.include_files | length %}
|
||||||
{% for file in item.value.include_files %}
|
{% for file in item.value.include_files %}
|
||||||
include "{{ file }}";
|
include "{{ file }}";
|
||||||
|
@ -12,7 +12,12 @@
|
|||||||
template_file: http/default.conf.j2
|
template_file: http/default.conf.j2
|
||||||
conf_file_name: default.conf
|
conf_file_name: default.conf
|
||||||
conf_file_location: /etc/nginx/conf.d/
|
conf_file_location: /etc/nginx/conf.d/
|
||||||
port: 80
|
listen:
|
||||||
|
listen_localhost:
|
||||||
|
ip: 0.0.0.0
|
||||||
|
port: 80
|
||||||
|
opts:
|
||||||
|
- default_server
|
||||||
server_name: localhost
|
server_name: localhost
|
||||||
error_page: /usr/share/nginx/html
|
error_page: /usr/share/nginx/html
|
||||||
proxy_hide_headers:
|
proxy_hide_headers:
|
||||||
@ -131,7 +136,7 @@
|
|||||||
sticky_cookie: false
|
sticky_cookie: false
|
||||||
servers:
|
servers:
|
||||||
frontend_server_1:
|
frontend_server_1:
|
||||||
address: localhost
|
address: 0.0.0.0
|
||||||
port: 8081
|
port: 8081
|
||||||
weight: 1
|
weight: 1
|
||||||
health_check: max_fails=3 fail_timeout=5s
|
health_check: max_fails=3 fail_timeout=5s
|
||||||
@ -143,7 +148,7 @@
|
|||||||
sticky_cookie: false
|
sticky_cookie: false
|
||||||
servers:
|
servers:
|
||||||
backend_server_1:
|
backend_server_1:
|
||||||
address: localhost
|
address: 0.0.0.0
|
||||||
port: 8082
|
port: 8082
|
||||||
weight: 1
|
weight: 1
|
||||||
health_check: max_fails=3 fail_timeout=5s
|
health_check: max_fails=3 fail_timeout=5s
|
||||||
@ -156,7 +161,10 @@
|
|||||||
template_file: http/default.conf.j2
|
template_file: http/default.conf.j2
|
||||||
conf_file_name: frontend_default.conf
|
conf_file_name: frontend_default.conf
|
||||||
conf_file_location: /etc/nginx/conf.d/
|
conf_file_location: /etc/nginx/conf.d/
|
||||||
port: 8081
|
listen:
|
||||||
|
listen_localhost:
|
||||||
|
port: 8081
|
||||||
|
opts: []
|
||||||
server_name: localhost
|
server_name: localhost
|
||||||
error_page: /usr/share/nginx/html
|
error_page: /usr/share/nginx/html
|
||||||
autoindex: false
|
autoindex: false
|
||||||
@ -174,7 +182,10 @@
|
|||||||
template_file: http/default.conf.j2
|
template_file: http/default.conf.j2
|
||||||
conf_file_name: backend_default.conf
|
conf_file_name: backend_default.conf
|
||||||
conf_file_location: /etc/nginx/conf.d/
|
conf_file_location: /etc/nginx/conf.d/
|
||||||
port: 8082
|
listen:
|
||||||
|
listen_localhost:
|
||||||
|
port: 8082
|
||||||
|
opts: []
|
||||||
server_name: localhost
|
server_name: localhost
|
||||||
error_page: /usr/share/nginx/html
|
error_page: /usr/share/nginx/html
|
||||||
autoindex: false
|
autoindex: false
|
||||||
|
Loading…
Reference in New Issue
Block a user