Upload simple/templated configuration files
This commit is contained in:
parent
c06b7320ad
commit
f6f1e0907c
33
README.md
33
README.md
@ -78,6 +78,7 @@ Role Variables
|
||||
|
||||
This role has multiple variables. The defaults for all these variables are the following:
|
||||
|
||||
---
|
||||
# Specify which version of NGINX you want to install.
|
||||
# Options are 'opensource' or 'plus'.
|
||||
# Default is 'opensource'.
|
||||
@ -101,7 +102,7 @@ This role has multiple variables. The defaults for all these variables are the f
|
||||
# Default is false.
|
||||
status: false
|
||||
# Enable NGINX Plus REST API and dashboard.
|
||||
# Default is false.
|
||||
# Default is false for all three variables.
|
||||
api:
|
||||
enable: false
|
||||
write: false
|
||||
@ -109,8 +110,34 @@ This role has multiple variables. The defaults for all these variables are the f
|
||||
# Location of your NGINX Plus license in your local machine.
|
||||
# Default is the files folder within the NGINX Ansible role.
|
||||
license:
|
||||
certificate: nginx-repo.crt
|
||||
key: nginx-repo.key
|
||||
certificate: license/nginx-repo.crt
|
||||
key: license/nginx-repo.key
|
||||
# Location of the configuration files you wish to upload to NGINX.
|
||||
# Default is the files folder within the NGINX Ansible role.
|
||||
configuration_files:
|
||||
enable: false
|
||||
main: conf/nginx.conf
|
||||
http: conf/http/*.conf
|
||||
# Configuration variables to create a templated NGINX configuration.
|
||||
# Defaults are the values found in a fresh NGINX installation.
|
||||
configuration_templates:
|
||||
enable: false
|
||||
opensource:
|
||||
user: nginx
|
||||
worker_processes: 1
|
||||
error_level: warn
|
||||
worker_connections: 1024
|
||||
keepalive_timeout: 65
|
||||
listen: 80
|
||||
server_name: localhost
|
||||
plus:
|
||||
user: nginx
|
||||
worker_processes: auto
|
||||
error_level: notice
|
||||
worker_connections: 1024
|
||||
keepalive_timeout: 65
|
||||
listen: 80
|
||||
server_name: localhost
|
||||
|
||||
|
||||
Dependencies
|
||||
|
@ -22,7 +22,7 @@ amplify: null
|
||||
# Default is false.
|
||||
status: false
|
||||
# Enable NGINX Plus REST API and dashboard.
|
||||
# Default is false.
|
||||
# Default is false for all three variables.
|
||||
api:
|
||||
enable: false
|
||||
write: false
|
||||
@ -30,5 +30,31 @@ api:
|
||||
# Location of your NGINX Plus license in your local machine.
|
||||
# Default is the files folder within the NGINX Ansible role.
|
||||
license:
|
||||
certificate: nginx-repo.crt
|
||||
key: nginx-repo.key
|
||||
certificate: license/nginx-repo.crt
|
||||
key: license/nginx-repo.key
|
||||
# Location of the configuration files you wish to upload to NGINX.
|
||||
# Default is the files folder within the NGINX Ansible role.
|
||||
configuration_files:
|
||||
enable: false
|
||||
main: conf/nginx.conf
|
||||
http: conf/http/*.conf
|
||||
# Configuration variables to create a templated NGINX configuration.
|
||||
# Defaults are the values found in a fresh NGINX installation.
|
||||
configuration_templates:
|
||||
enable: false
|
||||
opensource:
|
||||
user: nginx
|
||||
worker_processes: 1
|
||||
error_level: warn
|
||||
worker_connections: 1024
|
||||
keepalive_timeout: 65
|
||||
listen: 80
|
||||
server_name: localhost
|
||||
plus:
|
||||
user: nginx
|
||||
worker_processes: auto
|
||||
error_level: notice
|
||||
worker_connections: 1024
|
||||
keepalive_timeout: 65
|
||||
listen: 80
|
||||
server_name: localhost
|
||||
|
45
files/conf/http/default.conf
Normal file
45
files/conf/http/default.conf
Normal file
@ -0,0 +1,45 @@
|
||||
#test
|
||||
server {
|
||||
listen 80;
|
||||
server_name localhost;
|
||||
|
||||
#charset koi8-r;
|
||||
#access_log /var/log/nginx/host.access.log main;
|
||||
|
||||
location / {
|
||||
root /usr/share/nginx/html;
|
||||
index index.html index.htm;
|
||||
}
|
||||
|
||||
#error_page 404 /404.html;
|
||||
|
||||
# redirect server error pages to the static page /50x.html
|
||||
#
|
||||
error_page 500 502 503 504 /50x.html;
|
||||
location = /50x.html {
|
||||
root /usr/share/nginx/html;
|
||||
}
|
||||
|
||||
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
|
||||
#
|
||||
#location ~ \.php$ {
|
||||
# proxy_pass http://127.0.0.1;
|
||||
#}
|
||||
|
||||
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
|
||||
#
|
||||
#location ~ \.php$ {
|
||||
# root html;
|
||||
# fastcgi_pass 127.0.0.1:9000;
|
||||
# fastcgi_index index.php;
|
||||
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
|
||||
# include fastcgi_params;
|
||||
#}
|
||||
|
||||
# deny access to .htaccess files, if Apache's document root
|
||||
# concurs with nginx's one
|
||||
#
|
||||
#location ~ /\.ht {
|
||||
# deny all;
|
||||
#}
|
||||
}
|
31
files/conf/nginx.conf
Normal file
31
files/conf/nginx.conf
Normal file
@ -0,0 +1,31 @@
|
||||
#test
|
||||
user nginx;
|
||||
worker_processes 1;
|
||||
|
||||
error_log /var/log/nginx/error.log warn;
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
sendfile on;
|
||||
#tcp_nopush on;
|
||||
|
||||
keepalive_timeout 65;
|
||||
|
||||
#gzip on;
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
}
|
@ -1,12 +1,12 @@
|
||||
---
|
||||
# Start NGINX
|
||||
- name: "(All OSs) Start NGINX"
|
||||
- name: "(Handler: All OSs) Start NGINX"
|
||||
service:
|
||||
name: nginx
|
||||
state: started
|
||||
|
||||
# Reload NGINX
|
||||
- name: "(All OSs) Reload NGINX"
|
||||
- name: "(Handler: All OSs) Reload NGINX"
|
||||
service:
|
||||
name: nginx
|
||||
state: reloaded
|
||||
|
@ -1,10 +1,10 @@
|
||||
---
|
||||
- import_tasks: ../conf/setup-status.yml
|
||||
|
||||
- name: "(All OSs) Download NGINX Amplify Script"
|
||||
- name: "(Install: All NGINX) Download NGINX Amplify Script"
|
||||
get_url:
|
||||
url: https://github.com/nginxinc/nginx-amplify-agent/raw/master/packages/install.sh
|
||||
dest: /tmp/install.sh
|
||||
|
||||
- name: "(All OSs) Install NGINX Amplify"
|
||||
- name: "(Install: All NGINX) Install NGINX Amplify"
|
||||
shell: API_KEY='{{ amplify }}' sh /tmp/install.sh -y
|
||||
|
@ -1,6 +1,6 @@
|
||||
---
|
||||
- name: "(All OSs) Setup NGINX Plus API"
|
||||
- name: "(Setup: NGINX Plus) Setup NGINX Plus API"
|
||||
template:
|
||||
src: api.j2
|
||||
dest: /etc/nginx/conf.d/api.conf
|
||||
notify: "(All OSs) Reload NGINX"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- name: "(All OSs) Enable Open Source NGINX Status"
|
||||
- name: "(Setup: Open Source NGINX) Enable Open Source NGINX Status"
|
||||
blockinfile:
|
||||
path: /etc/nginx/conf.d/stub_status.conf
|
||||
create: yes
|
||||
@ -13,9 +13,9 @@
|
||||
}
|
||||
}
|
||||
when: type == "opensource"
|
||||
notify: "(All OSs) Reload NGINX"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(All OSs) Enable NGINX Plus Status"
|
||||
- name: "(Setup: NGINX Plus) Enable NGINX Plus Status"
|
||||
blockinfile:
|
||||
path: /etc/nginx/conf.d/status.conf
|
||||
create: yes
|
||||
@ -29,4 +29,4 @@
|
||||
}
|
||||
}
|
||||
when: type == "plus"
|
||||
notify: "(All OSs) Reload NGINX"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
14
tasks/conf/upload-files.yml
Normal file
14
tasks/conf/upload-files.yml
Normal file
@ -0,0 +1,14 @@
|
||||
---
|
||||
- name: "(Setup: All NGINX) Upload NGINX Main Configuration File"
|
||||
copy:
|
||||
src: conf/nginx.conf
|
||||
dest: /etc/nginx/nginx.conf
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: All NGINX) Upload NGINX HTTP Configuration Files"
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/nginx/conf.d/
|
||||
with_fileglob:
|
||||
- "conf/http/*.conf"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
32
tasks/conf/upload-templates.yml
Normal file
32
tasks/conf/upload-templates.yml
Normal file
@ -0,0 +1,32 @@
|
||||
---
|
||||
- name: "(Setup: Open Source NGINX) Upload Open Source NGINX Main Configuration File"
|
||||
template:
|
||||
src: opensource/nginx.conf.j2
|
||||
dest: /etc/nginx/nginx.conf
|
||||
when: type == "opensource"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: Open Source NGINX) Upload Open Source NGINX HTTP Configuration Files"
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }}
|
||||
with_fileglob:
|
||||
- "../templates/opensource/http/*.j2"
|
||||
when: type == "opensource"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: NGINX Plus) Upload NGINX Plus Main Configuration File"
|
||||
template:
|
||||
src: plus/nginx.conf.j2
|
||||
dest: /etc/nginx/nginx.conf
|
||||
when: type == "plus"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: NGINX Plus) Upload NGINX Plus HTTP Configuration Files"
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }}
|
||||
with_fileglob:
|
||||
- "../templates/plus/http/*.j2"
|
||||
when: type == "plus"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- name: "(APT OSs) Add APT NGINX Signing Key"
|
||||
- name: "(Install: APT OSs) Add APT NGINX Signing Key"
|
||||
apt_key:
|
||||
id: 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
|
||||
keyserver: ha.pool.sks-keyservers.net
|
||||
|
@ -1,4 +1,4 @@
|
||||
---
|
||||
- name: "(RPM OSs) Add RPM NGINX Signing Key"
|
||||
- name: "(Install: RPM OSs) Add RPM NGINX Signing Key"
|
||||
rpm_key:
|
||||
key: http://nginx.org/keys/nginx_signing.key
|
||||
|
@ -20,6 +20,12 @@
|
||||
- import_tasks: modules/install-waf.yml
|
||||
when: modules.waf and type == "plus"
|
||||
|
||||
- import_tasks: conf/upload-files.yml
|
||||
when: configuration_files.enable
|
||||
|
||||
- import_tasks: conf/upload-templates.yml
|
||||
when: configuration_templates.enable
|
||||
|
||||
- import_tasks: conf/setup-status.yml
|
||||
when: status
|
||||
|
||||
|
@ -1,21 +1,21 @@
|
||||
---
|
||||
- name: "(All OSs) Install NGINX NJS Module"
|
||||
- name: "(Install: All OSs) Install NGINX NJS Module"
|
||||
package:
|
||||
name: nginx-module-njs
|
||||
state: present
|
||||
when: type == "opensource"
|
||||
|
||||
- name: "(All OSs) Install NGINX NJS Module"
|
||||
- name: "(Install: All OSs) Install NGINX NJS Module"
|
||||
package:
|
||||
name: nginx-plus-module-njs
|
||||
state: present
|
||||
when: type == "plus"
|
||||
|
||||
- name: "(All OSs) Load NGINX NJS Module"
|
||||
- name: "(Setup: All NGINX) Load NGINX NJS Module"
|
||||
blockinfile:
|
||||
path: /etc/nginx/nginx.conf
|
||||
insertbefore: BOF
|
||||
block: |
|
||||
load_module modules/ngx_http_js_module.so;
|
||||
load_module modules/ngx_stream_js_module.so;
|
||||
notify: "(All OSs) Reload NGINX"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
@ -1,19 +1,19 @@
|
||||
---
|
||||
- name: "(All OSs) Install NGINX Perl Module"
|
||||
- name: "(Install: All OSs) Install NGINX Perl Module"
|
||||
package:
|
||||
name: nginx-module-perl
|
||||
state: present
|
||||
when: type == "opensource"
|
||||
|
||||
- name: "(All OSs) Install NGINX Perl Module"
|
||||
- name: "(Install: All OSs) Install NGINX Perl Module"
|
||||
package:
|
||||
name: nginx-plus-module-perl
|
||||
state: present
|
||||
when: type == "plus"
|
||||
|
||||
- name: "(All OSs) Load NGINX Perl Module"
|
||||
- name: "(Setup: All NGINX) Load NGINX Perl Module"
|
||||
lineinfile:
|
||||
path: /etc/nginx/nginx.conf
|
||||
insertbefore: BOF
|
||||
line: load_module modules/ngx_http_perl.so;
|
||||
notify: "(All OSs) Reload NGINX"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
@ -1,13 +1,13 @@
|
||||
---
|
||||
- name: "(All OSs) Install NGINX Plus WAF Module"
|
||||
- name: "(Install: All OSs) Install NGINX Plus WAF Module"
|
||||
package:
|
||||
name: nginx-plus-module-modsecurity
|
||||
state: present
|
||||
when: waf
|
||||
|
||||
- name: "(All OSs) Load NGINX Plus WAF Module"
|
||||
- name: "(Setup: NGINX Plus) Load NGINX Plus WAF Module"
|
||||
lineinfile:
|
||||
path: /etc/nginx/nginx.conf
|
||||
insertbefore: BOF
|
||||
line: load_module modules/ngx_http_modsecurity_module.so;
|
||||
notify: "(All OSs) Reload NGINX"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
@ -8,8 +8,8 @@
|
||||
- import_tasks: setup-suse.yml
|
||||
when: ansible_os_family == "Suse"
|
||||
|
||||
- name: "(All OSs) Install NGINX"
|
||||
- name: "(Install: All OSs) Install NGINX"
|
||||
package:
|
||||
name: nginx
|
||||
state: present
|
||||
notify: "(All OSs) Start NGINX"
|
||||
notify: "(Handler: All OSs) Start NGINX"
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- name: "(Debian/Ubuntu) Add Mainline NGINX Repository"
|
||||
- name: "(Install: Debian/Ubuntu) Add Mainline NGINX Repository"
|
||||
apt_repository:
|
||||
repo: "{{ item }}"
|
||||
with_items:
|
||||
@ -7,7 +7,7 @@
|
||||
- deb-src https://nginx.org/packages/mainline/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx
|
||||
when: branch == "mainline"
|
||||
|
||||
- name: "(Debian/Ubuntu) Add Stable NGINX Repository"
|
||||
- name: "(Install: Debian/Ubuntu) Add Stable NGINX Repository"
|
||||
apt_repository:
|
||||
repo: "{{ item }}"
|
||||
with_items:
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- name: "(CentOS/RedHat) Add Mainline NGINX Repository"
|
||||
- name: "(Install: CentOS/RedHat) Add Mainline NGINX Repository"
|
||||
yum_repository:
|
||||
name: nginx
|
||||
baseurl: https://nginx.org/packages/mainline/{{ item }}/{{ ansible_distribution_major_version|int }}/$basearch/
|
||||
@ -11,7 +11,7 @@
|
||||
- rhel
|
||||
when: branch == "mainline"
|
||||
|
||||
- name: "(CentOS/RedHat) Add Stable NGINX Repository"
|
||||
- name: "(Install: CentOS/RedHat) Add Stable NGINX Repository"
|
||||
yum_repository:
|
||||
name: nginx
|
||||
baseurl: https://nginx.org/packages/{{ item }}/{{ ansible_distribution_major_version|int }}/$basearch/
|
||||
|
@ -1,11 +1,11 @@
|
||||
---
|
||||
- name: "(SUSE) Add Mainline NGINX Repository"
|
||||
- name: "(Install: SUSE) Add Mainline NGINX Repository"
|
||||
zypper_repository:
|
||||
name: nginx
|
||||
repo: https://nginx.org/packages/mainline/sles/12
|
||||
when: branch == "mainline"
|
||||
|
||||
- name: "(SUSE) Add Stable NGINX Repository"
|
||||
- name: "(Install: SUSE) Add Stable NGINX Repository"
|
||||
zypper_repository:
|
||||
name: nginx
|
||||
repo: https://nginx.org/packages/sles/12
|
||||
|
@ -13,8 +13,8 @@
|
||||
- import_tasks: setup-freebsd.yml
|
||||
when: ansible_os_family == "FreeBSD"
|
||||
|
||||
- name: "(All OSs) Install NGINX Plus"
|
||||
- name: "(Install: All OSs) Install NGINX Plus"
|
||||
package:
|
||||
name: nginx-plus
|
||||
state: present
|
||||
notify: "(All OSs) Start NGINX"
|
||||
notify: "(Handler: All OSs) Start NGINX"
|
||||
|
@ -1,12 +1,12 @@
|
||||
---
|
||||
- name: "(Debian/Ubuntu) Add NGINX Plus Repository"
|
||||
- name: "(Install: Debian/Ubuntu) Add NGINX Plus Repository"
|
||||
shell: printf "deb https://plus-pkgs.nginx.com/{{ ansible_distribution|lower }} `lsb_release -cs` nginx-plus\n" | sudo tee /etc/apt/sources.list.d/nginx-plus.list
|
||||
|
||||
- name: "(Debian/Ubuntu) Verify NGINX Plus License"
|
||||
- name: "(Install: Debian/Ubuntu) Verify NGINX Plus License"
|
||||
get_url:
|
||||
url: https://cs.nginx.com/static/files/90nginx
|
||||
dest: /etc/apt/apt.conf.d/90nginx
|
||||
|
||||
- name: "(Debian/Ubuntu) Update APT Cache"
|
||||
- name: "(Install: Debian/Ubuntu) Update APT Cache"
|
||||
apt:
|
||||
update_cache: yes
|
||||
|
@ -1,10 +1,10 @@
|
||||
---
|
||||
- name: "(FreeBSD) Add NGINX Plus Repository"
|
||||
- name: "(Install: FreeBSD) Add NGINX Plus Repository"
|
||||
get_url:
|
||||
url: https://cs.nginx.com/static/files/nginx-plus.conf
|
||||
dest: /etc/pkg/nginx-plus.conf
|
||||
|
||||
- name: "(FreeBSD) Verify NGINX Plus License"
|
||||
- name: "(Install: FreeBSD) Verify NGINX Plus License"
|
||||
blockinfile:
|
||||
path: /usr/local/etc/pkg.conf
|
||||
block: |
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- name: "(All OSs) Create SSL directory"
|
||||
- name: "(All OSs) Create SSL Directory"
|
||||
file:
|
||||
path: /etc/ssl/nginx
|
||||
state: directory
|
||||
|
@ -1,25 +1,25 @@
|
||||
---
|
||||
- name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
|
||||
- name: "(Install: CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
|
||||
set_fact:
|
||||
version: "6"
|
||||
when: ansible_distribution_major_version|int == 6
|
||||
|
||||
- name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
|
||||
- name: "(Install: CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
|
||||
set_fact:
|
||||
version: "7"
|
||||
when: ansible_distribution_major_version|float >= 7.0 and ansible_distribution_major_version|float <= 7.3
|
||||
|
||||
- name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
|
||||
- name: "(Install: CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
|
||||
set_fact:
|
||||
version: "7.4"
|
||||
when: ansible_distribution_major_version|float == 7.4
|
||||
|
||||
- name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
|
||||
- name: "(Install: CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
|
||||
set_fact:
|
||||
version: "amazon"
|
||||
when: ansible_distribution == "Amazon"
|
||||
|
||||
- name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Add NGINX Plus Repository"
|
||||
- name: "(Install: CentOS/RedHat/Amazon Linux/Oracle Linux) Add NGINX Plus Repository"
|
||||
get_url:
|
||||
url: https://cs.nginx.com/static/files/nginx-plus-{{ version }}.repo
|
||||
dest: /etc/yum.repos.d/nginx-plus-{{ version }}.repo
|
||||
|
@ -1,8 +1,8 @@
|
||||
---
|
||||
- name: "(SUSE) Combine NGINX Plus Certificate and License Keys"
|
||||
- name: "(Install: SUSE) Combine NGINX Plus Certificate and License Keys"
|
||||
shell: cat /etc/ssl/nginx/nginx-repo.crt /etc/ssl/nginx/nginx-repo.key > /etc/ssl/nginx/nginx-repo-bundle.crt
|
||||
|
||||
- name: "(SUSE) Add NGINX Plus Repository"
|
||||
- name: "(Install: SUSE) Add NGINX Plus Repository"
|
||||
zypper_repository:
|
||||
name: nginx-plus
|
||||
repo: https://plus-pkgs.nginx.com/sles/12?ssl_clientcert=/etc/ssl/nginx/nginx-repo-bundle.crt&ssl_verify=host
|
||||
|
44
templates/opensource/http/default.conf.j2
Normal file
44
templates/opensource/http/default.conf.j2
Normal file
@ -0,0 +1,44 @@
|
||||
server {
|
||||
listen {{ configuration_templates.opensource.listen }};
|
||||
server_name {{ configuration_templates.opensource.server_name }};
|
||||
|
||||
#charset koi8-r;
|
||||
#access_log /var/log/nginx/host.access.log main;
|
||||
|
||||
location / {
|
||||
root /usr/share/nginx/html;
|
||||
index index.html index.htm;
|
||||
}
|
||||
|
||||
#error_page 404 /404.html;
|
||||
|
||||
# redirect server error pages to the static page /50x.html
|
||||
#
|
||||
error_page 500 502 503 504 /50x.html;
|
||||
location = /50x.html {
|
||||
root /usr/share/nginx/html;
|
||||
}
|
||||
|
||||
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
|
||||
#
|
||||
#location ~ \.php$ {
|
||||
# proxy_pass http://127.0.0.1;
|
||||
#}
|
||||
|
||||
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
|
||||
#
|
||||
#location ~ \.php$ {
|
||||
# root html;
|
||||
# fastcgi_pass 127.0.0.1:9000;
|
||||
# fastcgi_index index.php;
|
||||
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
|
||||
# include fastcgi_params;
|
||||
#}
|
||||
|
||||
# deny access to .htaccess files, if Apache's document root
|
||||
# concurs with nginx's one
|
||||
#
|
||||
#location ~ /\.ht {
|
||||
# deny all;
|
||||
#}
|
||||
}
|
31
templates/opensource/nginx.conf.j2
Normal file
31
templates/opensource/nginx.conf.j2
Normal file
@ -0,0 +1,31 @@
|
||||
user {{ configuration_templates.opensource.user }};
|
||||
worker_processes {{ configuration_templates.opensource.worker_processes }};
|
||||
|
||||
error_log /var/log/nginx/error.log {{ configuration_templates.opensource.error_level }};
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
|
||||
events {
|
||||
worker_connections {{ configuration_templates.opensource.worker_connections }};
|
||||
}
|
||||
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
sendfile on;
|
||||
#tcp_nopush on;
|
||||
|
||||
keepalive_timeout {{ configuration_templates.opensource.keepalive_timeout }};
|
||||
|
||||
#gzip on;
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
}
|
60
templates/plus/http/default.conf.j2
Normal file
60
templates/plus/http/default.conf.j2
Normal file
@ -0,0 +1,60 @@
|
||||
server {
|
||||
listen {{ configuration_templates.plus.listen }} default_server;
|
||||
server_name {{ configuration_templates.plus.server_name }};
|
||||
|
||||
#charset koi8-r;
|
||||
#access_log /var/log/nginx/host.access.log main;
|
||||
|
||||
location / {
|
||||
root /usr/share/nginx/html;
|
||||
index index.html index.htm;
|
||||
}
|
||||
|
||||
#error_page 404 /404.html;
|
||||
|
||||
# redirect server error pages to the static page /50x.html
|
||||
#
|
||||
error_page 500 502 503 504 /50x.html;
|
||||
location = /50x.html {
|
||||
root /usr/share/nginx/html;
|
||||
}
|
||||
|
||||
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
|
||||
#
|
||||
#location ~ \.php$ {
|
||||
# proxy_pass http://127.0.0.1;
|
||||
#}
|
||||
|
||||
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
|
||||
#
|
||||
#location ~ \.php$ {
|
||||
# root html;
|
||||
# fastcgi_pass 127.0.0.1:9000;
|
||||
# fastcgi_index index.php;
|
||||
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
|
||||
# include fastcgi_params;
|
||||
#}
|
||||
|
||||
# deny access to .htaccess files, if Apache's document root
|
||||
# concurs with nginx's one
|
||||
#
|
||||
#location ~ /\.ht {
|
||||
# deny all;
|
||||
#}
|
||||
|
||||
# enable /api/ location with appropriate access control in order
|
||||
# to make use of NGINX Plus API
|
||||
#
|
||||
#location /api/ {
|
||||
# api write=on;
|
||||
# allow 127.0.0.1;
|
||||
# deny all;
|
||||
#}
|
||||
|
||||
# enable NGINX Plus Dashboard; requires /api/ location to be
|
||||
# enabled and appropriate access control for remote access
|
||||
#
|
||||
#location = /dashboard.html {
|
||||
# root /usr/share/nginx/html;
|
||||
#}
|
||||
}
|
50
templates/plus/nginx.conf.j2
Normal file
50
templates/plus/nginx.conf.j2
Normal file
@ -0,0 +1,50 @@
|
||||
user {{ configuration_templates.plus.user }};
|
||||
worker_processes {{ configuration_templates.plus.worker_processes }};
|
||||
|
||||
error_log /var/log/nginx/error.log {{ configuration_templates.plus.error_level }};
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
|
||||
events {
|
||||
worker_connections {{ configuration_templates.plus.worker_connections }};
|
||||
}
|
||||
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
sendfile on;
|
||||
#tcp_nopush on;
|
||||
|
||||
keepalive_timeout {{ configuration_templates.plus.keepalive_timeout }};
|
||||
|
||||
#gzip on;
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
}
|
||||
|
||||
|
||||
# TCP/UDP proxy and load balancing block
|
||||
#
|
||||
#stream {
|
||||
# Example configuration for TCP load balancing
|
||||
|
||||
#upstream stream_backend {
|
||||
# zone tcp_servers 64k;
|
||||
# server backend1.example.com:12345;
|
||||
# server backend2.example.com:12345;
|
||||
#}
|
||||
|
||||
#server {
|
||||
# listen 12345;
|
||||
# status_zone tcp_server;
|
||||
# proxy_pass stream_backend;
|
||||
#}
|
||||
#}
|
Loading…
Reference in New Issue
Block a user