155c13c140
* Add `add_header` support for either `server` and `location` block * Add Tests for adding headers to either server and location block
186 lines
6.1 KiB
YAML
186 lines
6.1 KiB
YAML
---
|
|
- hosts: localhost
|
|
become: true
|
|
remote_user: root
|
|
roles:
|
|
- ansible-role-nginx
|
|
vars:
|
|
nginx_debug_output: true
|
|
nginx_http_template_enable: true
|
|
nginx_http_template:
|
|
app:
|
|
template_file: http/default.conf.j2
|
|
conf_file_name: default.conf
|
|
conf_file_location: /etc/nginx/conf.d/
|
|
port: 80
|
|
server_name: localhost
|
|
error_page: /usr/share/nginx/html
|
|
add_headers:
|
|
strict_transport_security:
|
|
name: Strict-Transport-Security
|
|
value: max-age=15768000; includeSubDomains
|
|
always: true
|
|
reverse_proxy:
|
|
proxy_cache_path:
|
|
- path: /var/cache/nginx/proxy/frontend
|
|
keys_zone:
|
|
name: frontend_proxy_cache
|
|
size: 5m
|
|
levels: "1:2"
|
|
max_size: 5g
|
|
inactive: 30m
|
|
use_temp_path: true
|
|
- path: /var/cache/nginx/proxy/backend
|
|
keys_zone:
|
|
name: backend_proxy_cache
|
|
size: 10m
|
|
levels: "1:2"
|
|
max_size: 10g
|
|
inactive: 60m
|
|
use_temp_path: true
|
|
proxy_temp_path:
|
|
path: /var/cache/nginx/proxy/temp
|
|
proxy_cache_lock: true
|
|
proxy_cache_min_uses: 5
|
|
proxy_cache_revalidate: true
|
|
proxy_cache_use_stale:
|
|
- error
|
|
- timeout
|
|
proxy_ignore_headers:
|
|
- Expires
|
|
locations:
|
|
frontend:
|
|
location: /
|
|
add_headers:
|
|
strict_transport_security:
|
|
name: Strict-Transport-Security
|
|
value: max-age=15768000; includeSubDomains
|
|
always: true
|
|
another_header:
|
|
name: Fancy-New-Header-To-Test
|
|
value: testing=true
|
|
always: false
|
|
proxy_pass: http://frontend_servers/
|
|
proxy_cache: frontend_proxy_cache
|
|
proxy_temp_path:
|
|
path: /var/cache/nginx/proxy/frontend/temp
|
|
proxy_cache_lock: false
|
|
proxy_cache_min_uses: 3
|
|
proxy_cache_revalidate: false
|
|
proxy_cache_use_stale:
|
|
- http_403
|
|
- http_404
|
|
proxy_ignore_headers:
|
|
- Vary
|
|
- Cache-Control
|
|
proxy_redirect: false
|
|
proxy_set_header:
|
|
header_host:
|
|
name: Host
|
|
value: $host
|
|
header_x_real_ip:
|
|
name: X-Real-IP
|
|
value: $remote_addr
|
|
header_x_forwarded_for:
|
|
name: X-Forwarded-For
|
|
value: $proxy_add_x_forwarded_for
|
|
header_x_forwarded_proto:
|
|
name: X-Forwarded-Proto
|
|
value: $scheme
|
|
backend:
|
|
location: /backend
|
|
proxy_pass: http://backend_servers/
|
|
proxy_cache: backend_proxy_cache
|
|
proxy_temp_path:
|
|
path: /var/cache/nginx/proxy/backend/temp
|
|
proxy_cache_lock: true
|
|
proxy_cache_min_uses: 2
|
|
proxy_cache_revalidate: true
|
|
proxy_cache_use_stale:
|
|
- http_500
|
|
- http_502
|
|
- http_503
|
|
proxy_redirect: default
|
|
proxy_set_header:
|
|
header_host:
|
|
name: Host
|
|
value: $host
|
|
header_x_real_ip:
|
|
name: X-Real-IP
|
|
value: $remote_addr
|
|
header_x_forwarded_for:
|
|
name: X-Forwarded-For
|
|
value: $proxy_add_x_forwarded_for
|
|
header_x_forwarded_proto:
|
|
name: X-Forwarded-Proto
|
|
value: $scheme
|
|
upstreams:
|
|
frontend_upstream:
|
|
name: frontend_servers
|
|
lb_method: least_conn
|
|
zone_name: frontend_mem_zone
|
|
zone_size: 64k
|
|
sticky_cookie: false
|
|
servers:
|
|
frontend_server_1:
|
|
address: localhost
|
|
port: 8081
|
|
weight: 1
|
|
health_check: max_fails=3 fail_timeout=5s
|
|
backend_upstream:
|
|
name: backend_servers
|
|
lb_method: least_conn
|
|
zone_name: backend_mem_zone
|
|
zone_size: 64k
|
|
sticky_cookie: false
|
|
servers:
|
|
backend_server_1:
|
|
address: localhost
|
|
port: 8082
|
|
weight: 1
|
|
health_check: max_fails=3 fail_timeout=5s
|
|
frontend:
|
|
template_file: http/default.conf.j2
|
|
conf_file_name: frontend_default.conf
|
|
conf_file_location: /etc/nginx/conf.d/
|
|
port: 8081
|
|
server_name: localhost
|
|
error_page: /usr/share/nginx/html
|
|
autoindex: false
|
|
web_server:
|
|
locations:
|
|
frontend_site:
|
|
location: /
|
|
html_file_location: /usr/share/nginx/html
|
|
html_file_name: frontend_index.html
|
|
autoindex: false
|
|
http_demo_conf: true
|
|
backend:
|
|
template_file: http/default.conf.j2
|
|
conf_file_name: backend_default.conf
|
|
conf_file_location: /etc/nginx/conf.d/
|
|
port: 8082
|
|
server_name: localhost
|
|
error_page: /usr/share/nginx/html
|
|
autoindex: false
|
|
web_server:
|
|
locations:
|
|
backend_site:
|
|
location: /
|
|
html_file_location: /usr/share/nginx/html
|
|
html_file_name: backend_index.html
|
|
autoindex: false
|
|
http_demo_conf: true
|
|
nginx_html_demo_template_enable: true
|
|
nginx_html_demo_template:
|
|
frontend:
|
|
template_file: www/index.html.j2
|
|
html_file_name: frontend_index.html
|
|
html_file_location: /usr/share/nginx/html
|
|
web_server_name: Frontend
|
|
backend:
|
|
template_file: www/index.html.j2
|
|
html_file_name: backend_index.html
|
|
html_file_location: /usr/share/nginx/html
|
|
web_server_name: Backend
|