ansible-role-nginx/templates/nginx.conf.j2
2019-10-20 17:52:56 +02:00

111 lines
3.6 KiB
Django/Jinja

{{ ansible_managed | comment }}
{% if nginx_modules.njs %}
{% if nginx_http_template_enable %}
load_module modules/ngx_http_js_module.so;
{% endif %}
{% if nginx_stream_template_enable %}
load_module modules/ngx_stream_js_module.so;
{% endif %}
{% endif %}
{% if nginx_modules.perl %}
load_module modules/ngx_http_perl_module.so;
{% endif %}
{% if nginx_modules.geoip %}
{% if nginx_http_template_enable %}
load_module modules/ngx_http_geoip_module.so;
{% endif %}
{% if nginx_stream_template_enable %}
load_module modules/ngx_stream_geoip_module.so;
{% endif %}
{% endif %}
{% if nginx_modules.image_filter %}
load_module modules/ngx_http_image_filter_module.so;
{% endif %}
{% if nginx_modules.rtmp and nginx_type == "plus" %}
load_module modules/ngx_rtmp_module.so;
{% endif %}
{% if nginx_modules.xslt %}
load_module modules/ngx_http_xslt_filter_module.so;
{% endif %}
{% if nginx_modules.waf and nginx_type == "plus" %}
load_module modules/ngx_http_modsecurity_module.so;
{% endif %}
user {{ nginx_main_template.user }};
worker_processes {{ nginx_main_template.worker_processes }};
{% if nginx_main_template.worker_rlimit_nofile is defined %}
worker_rlimit_nofile {{ nginx_main_template.worker_rlimit_nofile }};
{% endif %}
{% if nginx_main_template.custom_options is defined and nginx_main_template.custom_options | length %}
{% for inline_option in nginx_main_template.custom_options %}
{{ inline_option }};
{% endfor %}
{% endif %}
error_log {{ nginx_main_template.error_log.location }} {{ nginx_main_template.error_log.level }};
pid /var/run/nginx.pid;
events {
worker_connections {{ nginx_main_template.worker_connections }};
{% if nginx_main_template.events_custom_options is defined and nginx_main_template.events_custom_options | length %}
{% for inline_option in nginx_main_template.events_custom_options %}
{{ inline_option }};
{% endfor %}
{% endif %}
}
{% if nginx_main_template.http_enable %}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
{% for access_log in nginx_main_template.http_settings.access_log_format %}
log_format {{ access_log.name }} {{ access_log.format }};
{% endfor %}
{% for access_log in nginx_main_template.http_settings.access_log_location %}
access_log {{ access_log.location }} {{ access_log.name }};
{% endfor %}
sendfile on;
#tcp_nopush on;
keepalive_timeout {{ nginx_main_template.http_settings.keepalive_timeout }};
#gzip on;
{% if nginx_main_template.http_settings.cache %}
proxy_cache_path /tmp/cache keys_zone=one:10m;
{% endif %}
{% if nginx_main_template.http_settings.rate_limit %}
limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;
{% endif %}
{% if nginx_main_template.http_settings.keyval %}
keyval_zone zone={{nginx_main_template.http_settings.keyval.zone}}:32k state=one.keyval;
keyval $arg_text $text zone=one;
{% endif %}
{% if nginx_main_template.http_global_autoindex | default(false) %}
autoindex on;
{% endif %}
{% if nginx_main_template.http_custom_options is defined and nginx_main_template.http_custom_options | length %}
{% for inline_option in nginx_main_template.http_custom_options %}
{{ inline_option }};
{% endfor %}
{% endif %}
include /etc/nginx/conf.d/*.conf;
}
{% endif %}
{% if nginx_main_template.stream_enable %}
stream {
{% if nginx_main_template.stream_custom_options is defined and nginx_main_template.stream_custom_options | length %}
{% for inline_option in nginx_main_template.stream_custom_options %}
{{ inline_option }};
{% endfor %}
{% endif %}
include /etc/nginx/conf.d/stream/*.conf;
}
{% endif %}