Upload simple/templated configuration files

README.md

@@ -78,6 +78,7 @@ Role Variables
 
 This role has multiple variables. The defaults for all these variables are the following:
 
+    ---
     # Specify which version of NGINX you want to install.
     # Options are 'opensource' or 'plus'.
     # Default is 'opensource'.
@@ -101,7 +102,7 @@ This role has multiple variables. The defaults for all these variables are the f
     # Default is false.
     status: false
     # Enable NGINX Plus REST API and dashboard.
-    # Default is false.
+    # Default is false for all three variables.
     api:
       enable: false
       write: false
@@ -109,8 +110,34 @@ This role has multiple variables. The defaults for all these variables are the f
     # Location of your NGINX Plus license in your local machine.
     # Default is the files folder within the NGINX Ansible role.
     license:
-      certificate: nginx-repo.crt
+      certificate: license/nginx-repo.crt
-      key: nginx-repo.key
+      key: license/nginx-repo.key
+    # Location of the configuration files you wish to upload to NGINX.
+    # Default is the files folder within the NGINX Ansible role.
+    configuration_files:
+      enable: false
+      main: conf/nginx.conf
+      http: conf/http/*.conf
+    # Configuration variables to create a templated NGINX configuration.
+    # Defaults are the values found in a fresh NGINX installation.
+    configuration_templates:
+      enable: false
+      opensource:
+        user: nginx
+        worker_processes: 1
+        error_level: warn
+        worker_connections: 1024
+        keepalive_timeout: 65
+        listen: 80
+        server_name: localhost
+      plus:
+        user: nginx
+        worker_processes: auto
+        error_level: notice
+        worker_connections: 1024
+        keepalive_timeout: 65
+        listen: 80
+        server_name: localhost
 
 
 Dependencies

defaults/main.yml

@@ -22,7 +22,7 @@ amplify: null
 # Default is false.
 status: false
 # Enable NGINX Plus REST API and dashboard.
-# Default is false.
+# Default is false for all three variables.
 api:
   enable: false
   write: false
@@ -30,5 +30,31 @@ api:
 # Location of your NGINX Plus license in your local machine.
 # Default is the files folder within the NGINX Ansible role.
 license:
-  certificate: nginx-repo.crt
+  certificate: license/nginx-repo.crt
-  key: nginx-repo.key
+  key: license/nginx-repo.key
+# Location of the configuration files you wish to upload to NGINX.
+# Default is the files folder within the NGINX Ansible role.
+configuration_files:
+  enable: false
+  main: conf/nginx.conf
+  http: conf/http/*.conf
+# Configuration variables to create a templated NGINX configuration.
+# Defaults are the values found in a fresh NGINX installation.
+configuration_templates:
+  enable: false
+  opensource:
+    user: nginx
+    worker_processes: 1
+    error_level: warn
+    worker_connections: 1024
+    keepalive_timeout: 65
+    listen: 80
+    server_name: localhost
+  plus:
+    user: nginx
+    worker_processes: auto
+    error_level: notice
+    worker_connections: 1024
+    keepalive_timeout: 65
+    listen: 80
+    server_name: localhost

files/conf/http/default.conf

@@ -0,0 +1,45 @@
+#test
+server {
+    listen       80;
+    server_name  localhost;
+
+    #charset koi8-r;
+    #access_log  /var/log/nginx/host.access.log  main;
+
+    location / {
+        root   /usr/share/nginx/html;
+        index  index.html index.htm;
+    }
+
+    #error_page  404              /404.html;
+
+    # redirect server error pages to the static page /50x.html
+    #
+    error_page   500 502 503 504  /50x.html;
+    location = /50x.html {
+        root   /usr/share/nginx/html;
+    }
+
+    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
+    #
+    #location ~ \.php$ {
+    #    proxy_pass   http://127.0.0.1;
+    #}
+
+    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+    #
+    #location ~ \.php$ {
+    #    root           html;
+    #    fastcgi_pass   127.0.0.1:9000;
+    #    fastcgi_index  index.php;
+    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
+    #    include        fastcgi_params;
+    #}
+
+    # deny access to .htaccess files, if Apache's document root
+    # concurs with nginx's one
+    #
+    #location ~ /\.ht {
+    #    deny  all;
+    #}
+}

files/conf/nginx.conf

@@ -0,0 +1,31 @@
+#test
+user  nginx;
+worker_processes  1;
+
+error_log  /var/log/nginx/error.log warn;
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+}

handlers/main.yml

@@ -1,12 +1,12 @@
 ---
 # Start NGINX
-- name: "(All OSs) Start NGINX"
+- name: "(Handler: All OSs) Start NGINX"
   service:
     name: nginx
     state: started
 
 # Reload NGINX
-- name: "(All OSs) Reload NGINX"
+- name: "(Handler: All OSs) Reload NGINX"
   service:
     name: nginx
     state: reloaded

tasks/amplify/install-amplify.yml

@@ -1,10 +1,10 @@
 ---
 - import_tasks: ../conf/setup-status.yml
 
-- name: "(All OSs) Download NGINX Amplify Script"
+- name: "(Install: All NGINX) Download NGINX Amplify Script"
   get_url:
     url: https://github.com/nginxinc/nginx-amplify-agent/raw/master/packages/install.sh
     dest: /tmp/install.sh
 
-- name: "(All OSs) Install NGINX Amplify"
+- name: "(Install: All NGINX) Install NGINX Amplify"
   shell: API_KEY='{{ amplify }}' sh /tmp/install.sh -y

tasks/conf/setup-api.yml

@@ -1,6 +1,6 @@
 ---
-- name: "(All OSs) Setup NGINX Plus API"
+- name: "(Setup: NGINX Plus) Setup NGINX Plus API"
   template:
     src: api.j2
     dest: /etc/nginx/conf.d/api.conf
-  notify: "(All OSs) Reload NGINX"
+  notify: "(Handler: All OSs) Reload NGINX"

tasks/conf/setup-status.yml

@@ -1,5 +1,5 @@
 ---
-- name: "(All OSs) Enable Open Source NGINX Status"
+- name: "(Setup: Open Source NGINX) Enable Open Source NGINX Status"
   blockinfile:
     path: /etc/nginx/conf.d/stub_status.conf
     create: yes
@@ -13,9 +13,9 @@
           }
       }
   when: type == "opensource"
-  notify: "(All OSs) Reload NGINX"
+  notify: "(Handler: All OSs) Reload NGINX"
 
-- name: "(All OSs) Enable NGINX Plus Status"
+- name: "(Setup: NGINX Plus) Enable NGINX Plus Status"
   blockinfile:
     path: /etc/nginx/conf.d/status.conf
     create: yes
@@ -29,4 +29,4 @@
           }
       }
   when: type == "plus"
-  notify: "(All OSs) Reload NGINX"
+  notify: "(Handler: All OSs) Reload NGINX"

tasks/conf/upload-files.yml

@@ -0,0 +1,14 @@
+---
+- name: "(Setup: All NGINX) Upload NGINX Main Configuration File"
+  copy:
+    src: conf/nginx.conf
+    dest: /etc/nginx/nginx.conf
+  notify: "(Handler: All OSs) Reload NGINX"
+
+- name: "(Setup: All NGINX) Upload NGINX HTTP Configuration Files"
+  copy:
+    src: "{{ item }}"
+    dest: /etc/nginx/conf.d/
+  with_fileglob:
+    - "conf/http/*.conf"
+  notify: "(Handler: All OSs) Reload NGINX"

tasks/conf/upload-templates.yml

@@ -0,0 +1,32 @@
+---
+- name: "(Setup: Open Source NGINX) Upload Open Source NGINX Main Configuration File"
+  template:
+    src: opensource/nginx.conf.j2
+    dest: /etc/nginx/nginx.conf
+  when: type == "opensource"
+  notify: "(Handler: All OSs) Reload NGINX"
+
+- name: "(Setup: Open Source NGINX) Upload Open Source NGINX HTTP Configuration Files"
+  template:
+    src: "{{ item }}"
+    dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }}
+  with_fileglob:
+    - "../templates/opensource/http/*.j2"
+  when: type == "opensource"
+  notify: "(Handler: All OSs) Reload NGINX"
+
+- name: "(Setup: NGINX Plus) Upload NGINX Plus Main Configuration File"
+  template:
+    src: plus/nginx.conf.j2
+    dest: /etc/nginx/nginx.conf
+  when: type == "plus"
+  notify: "(Handler: All OSs) Reload NGINX"
+
+- name: "(Setup: NGINX Plus) Upload NGINX Plus HTTP Configuration Files"
+  template:
+    src: "{{ item }}"
+    dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }}
+  with_fileglob:
+    - "../templates/plus/http/*.j2"
+  when: type == "plus"
+  notify: "(Handler: All OSs) Reload NGINX"

tasks/keys/apt-key.yml

@@ -1,5 +1,5 @@
 ---
-- name: "(APT OSs) Add APT NGINX Signing Key"
+- name: "(Install: APT OSs) Add APT NGINX Signing Key"
   apt_key:
     id: 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
     keyserver: ha.pool.sks-keyservers.net

tasks/keys/rpm-key.yml

@@ -1,4 +1,4 @@
 ---
-- name: "(RPM OSs) Add RPM NGINX Signing Key"
+- name: "(Install: RPM OSs) Add RPM NGINX Signing Key"
   rpm_key:
     key: http://nginx.org/keys/nginx_signing.key

tasks/main.yml

@@ -20,6 +20,12 @@
 - import_tasks: modules/install-waf.yml
   when: modules.waf and type == "plus"
 
+- import_tasks: conf/upload-files.yml
+  when: configuration_files.enable
+
+- import_tasks: conf/upload-templates.yml
+  when: configuration_templates.enable
+
 - import_tasks: conf/setup-status.yml
   when: status
 

tasks/modules/install-njs.yml

@@ -1,21 +1,21 @@
 ---
-- name: "(All OSs) Install NGINX NJS Module"
+- name: "(Install: All OSs) Install NGINX NJS Module"
   package:
     name: nginx-module-njs
     state: present
   when: type == "opensource"
 
-- name: "(All OSs) Install NGINX NJS Module"
+- name: "(Install: All OSs) Install NGINX NJS Module"
   package:
     name: nginx-plus-module-njs
     state: present
   when: type == "plus"
 
-- name: "(All OSs) Load NGINX NJS Module"
+- name: "(Setup: All NGINX) Load NGINX NJS Module"
   blockinfile:
     path: /etc/nginx/nginx.conf
     insertbefore: BOF
     block: |
       load_module modules/ngx_http_js_module.so;
       load_module modules/ngx_stream_js_module.so;
-  notify: "(All OSs) Reload NGINX"
+  notify: "(Handler: All OSs) Reload NGINX"

tasks/modules/install-perl.yml

@@ -1,19 +1,19 @@
 ---
-- name: "(All OSs) Install NGINX Perl Module"
+- name: "(Install: All OSs) Install NGINX Perl Module"
   package:
     name: nginx-module-perl
     state: present
   when: type == "opensource"
 
-- name: "(All OSs) Install NGINX Perl Module"
+- name: "(Install: All OSs) Install NGINX Perl Module"
   package:
     name: nginx-plus-module-perl
     state: present
   when: type == "plus"
 
-- name: "(All OSs) Load NGINX Perl Module"
+- name: "(Setup: All NGINX) Load NGINX Perl Module"
   lineinfile:
     path: /etc/nginx/nginx.conf
     insertbefore: BOF
     line: load_module modules/ngx_http_perl.so;
-  notify: "(All OSs) Reload NGINX"
+  notify: "(Handler: All OSs) Reload NGINX"

tasks/modules/install-waf.yml

@@ -1,13 +1,13 @@
 ---
-- name: "(All OSs) Install NGINX Plus WAF Module"
+- name: "(Install: All OSs) Install NGINX Plus WAF Module"
   package:
     name: nginx-plus-module-modsecurity
     state: present
   when: waf
 
-- name: "(All OSs) Load NGINX Plus WAF Module"
+- name: "(Setup: NGINX Plus) Load NGINX Plus WAF Module"
   lineinfile:
     path: /etc/nginx/nginx.conf
     insertbefore: BOF
     line: load_module modules/ngx_http_modsecurity_module.so;
-  notify: "(All OSs) Reload NGINX"
+  notify: "(Handler: All OSs) Reload NGINX"

tasks/opensource/install-oss.yml

@@ -8,8 +8,8 @@
 - import_tasks: setup-suse.yml
   when: ansible_os_family == "Suse"
 
-- name: "(All OSs) Install NGINX"
+- name: "(Install: All OSs) Install NGINX"
   package:
     name: nginx
     state: present
-  notify: "(All OSs) Start NGINX"
+  notify: "(Handler: All OSs) Start NGINX"

tasks/opensource/setup-debian.yml

@@ -1,5 +1,5 @@
 ---
-- name: "(Debian/Ubuntu) Add Mainline NGINX Repository"
+- name: "(Install: Debian/Ubuntu) Add Mainline NGINX Repository"
   apt_repository:
     repo: "{{ item }}"
   with_items:
@@ -7,7 +7,7 @@
     - deb-src https://nginx.org/packages/mainline/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx
   when: branch == "mainline"
 
-- name: "(Debian/Ubuntu) Add Stable NGINX Repository"
+- name: "(Install: Debian/Ubuntu) Add Stable NGINX Repository"
   apt_repository:
     repo: "{{ item }}"
   with_items:

tasks/opensource/setup-redhat.yml

@@ -1,5 +1,5 @@
 ---
-- name: "(CentOS/RedHat) Add Mainline NGINX Repository"
+- name: "(Install: CentOS/RedHat) Add Mainline NGINX Repository"
   yum_repository:
     name: nginx
     baseurl: https://nginx.org/packages/mainline/{{ item }}/{{ ansible_distribution_major_version|int }}/$basearch/
@@ -11,7 +11,7 @@
     - rhel
   when: branch == "mainline"
 
-- name: "(CentOS/RedHat) Add Stable NGINX Repository"
+- name: "(Install: CentOS/RedHat) Add Stable NGINX Repository"
   yum_repository:
     name: nginx
     baseurl: https://nginx.org/packages/{{ item }}/{{ ansible_distribution_major_version|int }}/$basearch/

tasks/opensource/setup-suse.yml

@@ -1,11 +1,11 @@
 ---
-- name: "(SUSE) Add Mainline NGINX Repository"
+- name: "(Install: SUSE) Add Mainline NGINX Repository"
   zypper_repository:
     name: nginx
     repo: https://nginx.org/packages/mainline/sles/12
   when: branch == "mainline"
 
-- name: "(SUSE) Add Stable NGINX Repository"
+- name: "(Install: SUSE) Add Stable NGINX Repository"
   zypper_repository:
     name: nginx
     repo: https://nginx.org/packages/sles/12

tasks/plus/install-plus.yml

@@ -13,8 +13,8 @@
 - import_tasks: setup-freebsd.yml
   when: ansible_os_family == "FreeBSD"
 
-- name: "(All OSs) Install NGINX Plus"
+- name: "(Install: All OSs) Install NGINX Plus"
   package:
     name: nginx-plus
     state: present
-  notify: "(All OSs) Start NGINX"
+  notify: "(Handler: All OSs) Start NGINX"

tasks/plus/setup-debian.yml

@@ -1,12 +1,12 @@
 ---
-- name: "(Debian/Ubuntu) Add NGINX Plus Repository"
+- name: "(Install: Debian/Ubuntu) Add NGINX Plus Repository"
   shell: printf "deb https://plus-pkgs.nginx.com/{{ ansible_distribution|lower }} `lsb_release -cs` nginx-plus\n" | sudo tee /etc/apt/sources.list.d/nginx-plus.list
 
-- name: "(Debian/Ubuntu) Verify NGINX Plus License"
+- name: "(Install: Debian/Ubuntu) Verify NGINX Plus License"
   get_url:
     url: https://cs.nginx.com/static/files/90nginx
     dest: /etc/apt/apt.conf.d/90nginx
 
-- name: "(Debian/Ubuntu) Update APT Cache"
+- name: "(Install: Debian/Ubuntu) Update APT Cache"
   apt:
     update_cache: yes

tasks/plus/setup-freebsd.yml

@@ -1,10 +1,10 @@
 ---
-- name: "(FreeBSD) Add NGINX Plus Repository"
+- name: "(Install: FreeBSD) Add NGINX Plus Repository"
   get_url:
     url: https://cs.nginx.com/static/files/nginx-plus.conf
     dest: /etc/pkg/nginx-plus.conf
 
-- name: "(FreeBSD) Verify NGINX Plus License"
+- name: "(Install: FreeBSD) Verify NGINX Plus License"
   blockinfile:
     path: /usr/local/etc/pkg.conf
     block: |

tasks/plus/setup-license.yml

@@ -1,5 +1,5 @@
 ---
-- name: "(All OSs) Create SSL directory"
+- name: "(All OSs) Create SSL Directory"
   file:
     path: /etc/ssl/nginx
     state: directory

tasks/plus/setup-redhat.yml

@@ -1,25 +1,25 @@
 ---
-- name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
+- name: "(Install: CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
   set_fact:
     version: "6"
   when: ansible_distribution_major_version|int == 6
 
-- name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
+- name: "(Install: CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
   set_fact:
     version: "7"
   when: ansible_distribution_major_version|float >= 7.0 and ansible_distribution_major_version|float <= 7.3
 
-- name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
+- name: "(Install: CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
   set_fact:
     version: "7.4"
   when: ansible_distribution_major_version|float == 7.4
 
-- name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
+- name: "(Install: CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
   set_fact:
     version: "amazon"
   when: ansible_distribution == "Amazon"
 
-- name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Add NGINX Plus Repository"
+- name: "(Install: CentOS/RedHat/Amazon Linux/Oracle Linux) Add NGINX Plus Repository"
   get_url:
     url: https://cs.nginx.com/static/files/nginx-plus-{{ version }}.repo
     dest: /etc/yum.repos.d/nginx-plus-{{ version }}.repo

tasks/plus/setup-suse.yml

@@ -1,8 +1,8 @@
 ---
-- name: "(SUSE) Combine NGINX Plus Certificate and License Keys"
+- name: "(Install: SUSE) Combine NGINX Plus Certificate and License Keys"
   shell: cat /etc/ssl/nginx/nginx-repo.crt /etc/ssl/nginx/nginx-repo.key > /etc/ssl/nginx/nginx-repo-bundle.crt
 
-- name: "(SUSE) Add NGINX Plus Repository"
+- name: "(Install: SUSE) Add NGINX Plus Repository"
   zypper_repository:
     name: nginx-plus
     repo: https://plus-pkgs.nginx.com/sles/12?ssl_clientcert=/etc/ssl/nginx/nginx-repo-bundle.crt&ssl_verify=host

templates/opensource/http/default.conf.j2

@@ -0,0 +1,44 @@
+server {
+    listen       {{ configuration_templates.opensource.listen }};
+    server_name  {{ configuration_templates.opensource.server_name }};
+
+    #charset koi8-r;
+    #access_log  /var/log/nginx/host.access.log  main;
+
+    location / {
+        root   /usr/share/nginx/html;
+        index  index.html index.htm;
+    }
+
+    #error_page  404              /404.html;
+
+    # redirect server error pages to the static page /50x.html
+    #
+    error_page   500 502 503 504  /50x.html;
+    location = /50x.html {
+        root   /usr/share/nginx/html;
+    }
+
+    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
+    #
+    #location ~ \.php$ {
+    #    proxy_pass   http://127.0.0.1;
+    #}
+
+    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+    #
+    #location ~ \.php$ {
+    #    root           html;
+    #    fastcgi_pass   127.0.0.1:9000;
+    #    fastcgi_index  index.php;
+    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
+    #    include        fastcgi_params;
+    #}
+
+    # deny access to .htaccess files, if Apache's document root
+    # concurs with nginx's one
+    #
+    #location ~ /\.ht {
+    #    deny  all;
+    #}
+}

templates/opensource/nginx.conf.j2

@@ -0,0 +1,31 @@
+user  {{ configuration_templates.opensource.user }};
+worker_processes  {{ configuration_templates.opensource.worker_processes }};
+
+error_log  /var/log/nginx/error.log {{ configuration_templates.opensource.error_level }};
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  {{ configuration_templates.opensource.worker_connections }};
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  {{ configuration_templates.opensource.keepalive_timeout }};
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+}

templates/plus/http/default.conf.j2

@@ -0,0 +1,60 @@
+server {
+    listen       {{ configuration_templates.plus.listen }} default_server;
+    server_name  {{ configuration_templates.plus.server_name }};
+
+    #charset koi8-r;
+    #access_log  /var/log/nginx/host.access.log  main;
+
+    location / {
+        root   /usr/share/nginx/html;
+        index  index.html index.htm;
+    }
+
+    #error_page  404              /404.html;
+
+    # redirect server error pages to the static page /50x.html
+    #
+    error_page   500 502 503 504  /50x.html;
+    location = /50x.html {
+        root   /usr/share/nginx/html;
+    }
+
+    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
+    #
+    #location ~ \.php$ {
+    #    proxy_pass   http://127.0.0.1;
+    #}
+
+    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+    #
+    #location ~ \.php$ {
+    #    root           html;
+    #    fastcgi_pass   127.0.0.1:9000;
+    #    fastcgi_index  index.php;
+    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
+    #    include        fastcgi_params;
+    #}
+
+    # deny access to .htaccess files, if Apache's document root
+    # concurs with nginx's one
+    #
+    #location ~ /\.ht {
+    #    deny  all;
+    #}
+
+    # enable /api/ location with appropriate access control in order
+    # to make use of NGINX Plus API
+    #
+    #location /api/ {
+    #    api write=on;
+    #    allow 127.0.0.1;
+    #    deny all;
+    #}
+
+    # enable NGINX Plus Dashboard; requires /api/ location to be
+    # enabled and appropriate access control for remote access
+    #
+    #location = /dashboard.html {
+    #    root /usr/share/nginx/html;
+    #}
+}

templates/plus/nginx.conf.j2

@@ -0,0 +1,50 @@
+user  {{ configuration_templates.plus.user }};
+worker_processes  {{ configuration_templates.plus.worker_processes }};
+
+error_log  /var/log/nginx/error.log {{ configuration_templates.plus.error_level }};
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  {{ configuration_templates.plus.worker_connections }};
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  {{ configuration_templates.plus.keepalive_timeout }};
+
+    #gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+}
+
+
+# TCP/UDP proxy and load balancing block
+#
+#stream {
+    # Example configuration for TCP load balancing
+
+    #upstream stream_backend {
+    #    zone tcp_servers 64k;
+    #    server backend1.example.com:12345;
+    #    server backend2.example.com:12345;
+    #}
+
+    #server {
+    #    listen 12345;
+    #    status_zone tcp_server;
+    #    proxy_pass stream_backend;
+    #}
+#}