diff --git a/README.md b/README.md index f8aad83..b00943f 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,9 @@ -Nginx for Debian Ansible role -============================= +Nginx for Debian/FreeBSD Ansible role +===================================== [![Ansible Galaxy](http://img.shields.io/badge/ansible--galaxy-HanXHX.nginx-blue.svg)](https://galaxy.ansible.com/list#/roles/4399) [![Build Status](https://travis-ci.org/HanXHX/ansible-nginx.svg?branch=master)](https://travis-ci.org/HanXHX/ansible-nginx) -Install and configure Nginx on Debian. +Install and configure Nginx on Debian/FreeBSD. Features: @@ -24,9 +24,15 @@ Role Variables ### Packaging +Debian: + - `nginx_apt_package`: APT nginx package (try: apt-cache search ^nginx) - `nginx_backports`: Install nginx from backport repository (bool) +FreeBSD: + +- `nginx_pkgng_package`: PKGNG nginx package (should be "nginx" or "nginx-devel") + ### Shared - `nginx_root`: root directory where you want to have your files @@ -57,6 +63,15 @@ Fine configuration [Basic Auth](doc/auth.md) +[FreeBSD](doc/freebsd.md) + + +Note +---- + +- Active support for Debian. +- FreeBSD support is experimental (no Travis). I only test (for the moment) 10.2 (but it can work on other versions). +- I don't manage BackupPC for FreeBSD (PR welcome). Dependencies ------------ diff --git a/Vagrantfile b/Vagrantfile index 6051f70..b52c54a 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -6,6 +6,7 @@ Vagrant.configure("2") do |config| vms = [ + [ "freebsd-10.2", "freebsd/FreeBSD-10.2-STABLE" ], [ "debian-wheezy", "debian/wheezy64" ], [ "debian-jessie", "debian/jessie64" ], [ "debian-stretch", "sharlak/debian_stretch_64" ] @@ -21,11 +22,27 @@ Vagrant.configure("2") do |config| m.vm.box = vm[1] m.vm.network "private_network", type: "dhcp" + # See: https://forums.freebsd.org/threads/52717/ + if vm[0] = "freebsd-10.2" + m.vm.guest = :freebsd + m.vm.synced_folder ".", "/vagrant", id: "vagrant-root", disabled: true + m.ssh.shell = "sh" + #m.vm.base_mac = "0800278DFFF5" + m.vm.base_mac = "080027D14C66" + #m.vm.network "public_network", bridge: 'enp4s0', auto_config: false + m.vm.provision "shell", inline: "pkg install -y python bash" + end + m.vm.provision "ansible" do |ansible| ansible.playbook = "tests/test.yml" ansible.groups = { "test" => [ vm[0] ] } ansible.verbose = 'vv' ansible.sudo = true + if vm[0] = "freebsd-10.2" + ansible.extra_vars = { + ansible_python_interpreter: '/usr/local/bin/python' + } + end end end end diff --git a/defaults/main.yml b/defaults/main.yml index 68a5320..8dabf08 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,14 +1,16 @@ --- +# Debian nginx_apt_package: nginx-full nginx_backports: false +# FreeBSD +nginx_pkgng_package: nginx # # Nginx shared variables # nginx_root: "/srv/www" nginx_log_dir: '/var/log/nginx' -nginx_pid: '/run/nginx.pid' nginx_resolver_hosts: ['8.8.8.8', '8.8.4.4'] nginx_resolver_valid: '300s' nginx_resolver_timeout: '5s' @@ -20,9 +22,9 @@ nginx_default_vhost_ssl: null # # Nginx directories # -nginx_htpasswd_dir: '/etc/nginx/htpasswd' -nginx_ssl_dir: '/etc/nginx/ssl' -nginx_helper_dir: '/etc/nginx/helper' +nginx_htpasswd_dir: '{{ nginx_etc_dir }}/htpasswd' +nginx_ssl_dir: '{{ nginx_etc_dir }}/ssl' +nginx_helper_dir: '{{ nginx_etc_dir}}/helper' # # Load upstream @@ -45,7 +47,6 @@ nginx_worker_processes: '{{ ansible_processor_vcpus }}' # nginx_events_worker_connections: '512' nginx_events_multi_accept: 'on' -nginx_events_use: 'epoll' # # Nginx HTTP diff --git a/doc/freebsd.md b/doc/freebsd.md new file mode 100644 index 0000000..ea445c7 --- /dev/null +++ b/doc/freebsd.md @@ -0,0 +1,4 @@ +Freebsd +======= + +Due to Ansible + FreeBSD limitations (`ansible_processor_vcpus`), You must explicitely set `nginx_worker_processes`. diff --git a/meta/main.yml b/meta/main.yml index 8cb1c8e..9ab14aa 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -10,6 +10,9 @@ galaxy_info: versions: - wheezy - jessie + - name: FreeBSD + versions: + - 10.2 categories: - web - proxy diff --git a/tasks/config.yml b/tasks/config.yml index 838ac0f..7aea924 100644 --- a/tasks/config.yml +++ b/tasks/config.yml @@ -3,7 +3,7 @@ - name: TEMPLATE | Deploy nginx.conf template: > src=etc/nginx/nginx.conf.j2 - dest=/etc/nginx/nginx.conf + dest="{{ nginx_etc_dir }}/nginx.conf" notify: reload nginx - name: TEMPLATE | Deploy all helpers @@ -16,6 +16,6 @@ - name: TEMPLATE | Deploy custom http configuration template: > src=etc/nginx/conf.d/custom.conf.j2 - dest=/etc/nginx/conf.d/custom.conf + dest="{{ nginx_etc_dir }}/conf.d/custom.conf" notify: reload nginx diff --git a/tasks/install.yml b/tasks/install_Debian.yml similarity index 92% rename from tasks/install.yml rename to tasks/install_Debian.yml index 1f814c6..8033996 100644 --- a/tasks/install.yml +++ b/tasks/install_Debian.yml @@ -1,6 +1,6 @@ --- -- name: APT | Update cache +- name: APT | Update cache apt: > update_cache=yes cache_valid_time=3600 diff --git a/tasks/install_FreeBSD.yml b/tasks/install_FreeBSD.yml new file mode 100644 index 0000000..a16fba7 --- /dev/null +++ b/tasks/install_FreeBSD.yml @@ -0,0 +1,35 @@ +--- + +- name: PKGNG | Install nginx and related tools + pkgng: name={{ item }} state=present + with_items: + - "{{ nginx_pkgng_package }}" + - py27-passlib + - curl + +- name: FILE | Create configuration dir (like Debian) + file: path="{{ nginx_etc_dir }}/{{ item }}" state=directory + with_items: + - conf.d + - sites-available + - sites-enabled + +- name: STAT | Check fastcgi.conf + stat: path={{ nginx_etc_dir }}/fastcgi.conf + register: conf + +- name: COPY | config + command: "cp {{ nginx_etc_dir }}/fastcgi_params {{ nginx_etc_dir }}/fastcgi.conf" + when: not conf.stat.exists + notify: reload nginx + +- name: LINEINFILE | Add fastcgi config + lineinfile: > + line="fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;" + dest="{{ nginx_etc_dir }}/fastcgi.conf" + notify: reload nginx + +- name: COPY | Populate proxy_params + copy: > + content="proxy_set_header Host $http_host;\nproxy_set_header X-Real-IP $remote_addr;\nproxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $scheme;" + dest="{{ nginx_etc_dir }}/proxy_params" diff --git a/tasks/main.yml b/tasks/main.yml index 9a9e96c..7768d31 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,7 +1,11 @@ --- + +- name: INCLUDE_VARS | Related to OS + include_vars: "{{ ansible_distribution }}.yml" + - name: INCLUDE | Install - include: install.yml + include: install_{{ ansible_distribution }}.yml - name: INCLUDE | Prepare include: prepare.yml diff --git a/tasks/upstream.yml b/tasks/upstream.yml index cda9765..4092630 100644 --- a/tasks/upstream.yml +++ b/tasks/upstream.yml @@ -1,11 +1,15 @@ --- - name: TEMPLATE | Deploy PHP upstream to Nginx - template: src=etc/nginx/upstream/php.conf.j2 dest=/etc/nginx/conf.d/php.conf + template: > + src=etc/nginx/upstream/php.conf.j2 + dest="{{ nginx_etc_dir }}/conf.d/php.conf" when: nginx_php notify: reload nginx - name: TEMPLATE | Deploy other upstreams - template: src=etc/nginx/upstream/upstream.conf.j2 dest=/etc/nginx/conf.d/upstream-{{ item.name }}.conf + template: > + src=etc/nginx/upstream/upstream.conf.j2 + dest={{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf with_items: "{{ nginx_upstreams }}" notify: reload nginx diff --git a/tasks/vhost.yml b/tasks/vhost.yml index e20d82b..ba29240 100644 --- a/tasks/vhost.yml +++ b/tasks/vhost.yml @@ -17,8 +17,8 @@ file: > path={{ nginx_root }}/{{ item.name if item.name is string else item.name[0] }}/public state=directory - owner={{ item.owner | default('www-data') }} - group={{ item.group | default('www-data') }} + owner={{ item.owner | default(nginx_user) }} + group={{ item.group | default(nginx_user) }} mode={{ item.mode | default('0755') }} with_items: "{{ nginx_vhosts }}" when: > @@ -30,21 +30,21 @@ - name: TEMPLATE | Create vhosts template: > src=etc/nginx/sites-available/{{ item.template if item.redirect_to is not defined else '_redirect' }}.j2 - dest=/etc/nginx/sites-available/{{ item.name if item.name is string else item.name[0] }} + dest={{ nginx_etc_dir }}/sites-available/{{ item.name if item.name is string else item.name[0] }} with_items: "{{ nginx_vhosts }}" notify: reload nginx when: item.delete is not defined or not item.delete - name: FILE | Delete vhosts - file: path=/etc/nginx/sites-available/{{ item.name if item.name is string else item.name[0] }} state=absent + file: path={{ nginx_etc_dir }}/sites-available/{{ item.name if item.name is string else item.name[0] }} state=absent with_items: "{{ nginx_vhosts }}" notify: reload nginx when: item.delete is defined and item.delete - name: FILE | Enable vhosts file: > - src=/etc/nginx/sites-available/{{ item.name if item.name is string else item.name[0] }} - dest=/etc/nginx/sites-enabled/{{ item.name if item.name is string else item.name[0] }} + src={{ nginx_etc_dir }}/sites-available/{{ item.name if item.name is string else item.name[0] }} + dest={{ nginx_etc_dir }}/sites-enabled/{{ item.name if item.name is string else item.name[0] }} state=link with_items: "{{ nginx_vhosts }}" notify: reload nginx @@ -54,22 +54,22 @@ (item.delete is not defined or not item.delete) - name: FILE | Disable vhosts - file: path=/etc/nginx/sites-enabled/{{ item.name if item.name is string else item.name[0] }} state=absent + file: path={{ nginx_etc_dir}}/sites-enabled/{{ item.name if item.name is string else item.name[0] }} state=absent with_items: "{{ nginx_vhosts }}" notify: reload nginx when: (item.enable is defined and not item.enable) or (item.delete is defined and item.delete) - name: FILE | Delete default vhost when explicitely defined file: > - path=/etc/nginx/sites-enabled/default + path={{ nginx_etc_dir }}/sites-enabled/default state=absent notify: reload nginx when: nginx_default_vhost is not none - name: FILE | Auto set default vhost file: > - src=/etc/nginx/sites-available/default - dest=/etc/nginx/sites-enabled/default + src={{ nginx_etc_dir }}/sites-available/default + dest={{ nginx_etc_dir }}/sites-enabled/default state=link notify: reload nginx when: nginx_default_vhost is none diff --git a/templates/etc/nginx/nginx.conf.j2 b/templates/etc/nginx/nginx.conf.j2 index 06a97a8..4d21ebc 100644 --- a/templates/etc/nginx/nginx.conf.j2 +++ b/templates/etc/nginx/nginx.conf.j2 @@ -14,7 +14,7 @@ events { http { types_hash_max_size {{ nginx_http_types_hash_max_size }}; - include /etc/nginx/mime.types; + include {{ nginx_etc_dir }}/mime.types; default_type {{ nginx_http_default_type }}; access_log {{ nginx_http_access_log }}; @@ -45,8 +45,8 @@ http { gzip_vary {{ nginx_http_gzip_vary }}; gzip_disable {{ nginx_http_gzip_disable }}; - include /etc/nginx/conf.d/*.conf; - include /etc/nginx/sites-enabled/*; + include {{ nginx_etc_dir }}/conf.d/*.conf; + include {{ nginx_etc_dir }}/sites-enabled/*; } # vim:filetype=nginx diff --git a/templates/etc/nginx/sites-available/_backuppc.j2 b/templates/etc/nginx/sites-available/_backuppc.j2 index c5bb887..9de6a8b 100644 --- a/templates/etc/nginx/sites-available/_backuppc.j2 +++ b/templates/etc/nginx/sites-available/_backuppc.j2 @@ -25,7 +25,7 @@ {% block template_upstream_location %} location ~ \.cgi$ { gzip off; - include /etc/nginx/fastcgi_params; + include {{ nginx_etc_dir }}/fastcgi_params; fastcgi_pass unix:/var/run/fcgiwrap.socket; fastcgi_index BackupPC_Admin; fastcgi_param SCRIPT_FILENAME /usr/share/backuppc/cgi-bin$fastcgi_script_name; diff --git a/templates/etc/nginx/sites-available/_nagios3.j2 b/templates/etc/nginx/sites-available/_nagios3.j2 index cd2a743..e49b0ac 100644 --- a/templates/etc/nginx/sites-available/_nagios3.j2 +++ b/templates/etc/nginx/sites-available/_nagios3.j2 @@ -1,7 +1,7 @@ {% extends "_base.j2" %} {% block root %} - root /usr/share/nagios3/htdocs; + root {{ nginx_nagios_root }}; {% endblock %} {% block template_try_files %} @@ -17,21 +17,27 @@ } location /stylesheets { - alias /etc/nagios3/stylesheets; +{% if nginx_nagios_stylesheets is defined %} + alias {{ nginx_nagios_stylesheets }}; +{% endif %} expires 60d; } {% endblock %} {% block template_upstream_location %} +{% if ansible_distribution == 'Debian' %} location /cgi-bin/nagios3 { root /usr/lib; +{% elif ansible_distribution == 'FreeBSD' %} + location /cgi-bin { +{% endif %} try_files $uri =404; {% if nginx_version.stdout | version_compare('1.6.1', 'lt') %} include fastcgi_params; {% else %} include fastcgi.conf; {% endif %} - fastcgi_pass unix:/var/run/fcgiwrap.socket; + fastcgi_pass unix:{{ nginx_fcgiwrap_sock }}; fastcgi_param AUTH_USER $remote_user; fastcgi_param REMOTE_USER $remote_user; } diff --git a/templates/etc/nginx/sites-available/_proxy.j2 b/templates/etc/nginx/sites-available/_proxy.j2 index 248fed5..724d31a 100644 --- a/templates/etc/nginx/sites-available/_proxy.j2 +++ b/templates/etc/nginx/sites-available/_proxy.j2 @@ -7,7 +7,7 @@ {% endblock %} {% block template_try_files %} - include /etc/nginx/proxy_params; + include {{ nginx_etc_dir }}/proxy_params; proxy_pass http://{{ item.upstream_name }}; {% if item.proxy_params is defined and item.proxy_params is iterable %} {% for param in item.proxy_params %} diff --git a/tests/includes/post_Debian.yml b/tests/includes/post_Debian.yml new file mode 100644 index 0000000..e86270a --- /dev/null +++ b/tests/includes/post_Debian.yml @@ -0,0 +1,10 @@ +--- + +- name: APT | Install web apps + apt: pkg={{ item }} state=present + with_items: + - nagios3 + - backuppc + +- name: SERVICE | Ensure backuppc is started + service: name=backuppc state=started diff --git a/tests/includes/post_FreeBSD.yml b/tests/includes/post_FreeBSD.yml new file mode 100644 index 0000000..f301181 --- /dev/null +++ b/tests/includes/post_FreeBSD.yml @@ -0,0 +1,31 @@ +--- + +- name: APT | Install web apps + pkgng: pkg={{ item }} state=present + with_items: + - nagios + - backuppc + +- name: COMMAND | Activate backuppc config + command: > + cp /usr/local/etc/backuppc/config.pl.sample /usr/local/etc/backuppc/config.pl + creates=/usr/local/etc/backuppc/config.pl + +- name: FILE | Fix backuppc permissions + file: > + path=/usr/local/etc/backuppc/config.pl + owner=backuppc + group=backuppc + +- name: FILE | Fix fcgiwrap permission + file: > + path={{ nginx_fcgiwrap_sock }} + mode=0640 + owner={{ nginx_user }} + group={{ nginx_user }} + +# +# We don't manage BackupPC on FreeBSD... too dirty. :/ +# +#- name: SERVICE | Ensure backuppc is started +# service: name=backuppc state=started enabled=yes diff --git a/tests/includes/pre_Debian.yml b/tests/includes/pre_Debian.yml new file mode 100644 index 0000000..17e6fb4 --- /dev/null +++ b/tests/includes/pre_Debian.yml @@ -0,0 +1,18 @@ +--- + +- name: APT_REPOSITORY | Install backports + apt_repository: repo='deb http://httpredir.debian.org/debian {{ ansible_distribution_release }}-backports main' state=present + +- name: APT | Install needed packages + apt: pkg={{ item }} update_cache=yes cache_valid_time=3600 state=present + with_items: + - php5-fpm + - curl + - fcgiwrap + +- name: SERVICE | Force start services + service: name={{ item }} state=started + register: sf + with_items: + - php5-fpm + - fcgiwrap diff --git a/tests/includes/pre_FreeBSD.yml b/tests/includes/pre_FreeBSD.yml new file mode 100644 index 0000000..6555bf1 --- /dev/null +++ b/tests/includes/pre_FreeBSD.yml @@ -0,0 +1,22 @@ +--- + +- name: SET_FACT | FreeBSD web user + set_fact: + nginx_user: 'www' + nginx_php_sockets: + - host: '127.0.0.1' + port: 9000 + +- name: PKGNG | Install needed packages + pkgng: pkg={{ item }} state=present + with_items: + - php56 + - curl + - fcgiwrap + +- name: SERVICE | Force start services + service: name={{ item }} state=started enabled=yes + register: sf + with_items: + - php-fpm + - fcgiwrap diff --git a/tests/test.yml b/tests/test.yml index 2939ec4..4ba11fe 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -2,23 +2,8 @@ - hosts: all pre_tasks: - - name: APT_REPOSITORY | Install backports - apt_repository: repo='deb http://httpredir.debian.org/debian {{ ansible_distribution_release }}-backports main' state=present - - name: APT | Install needed packages - apt: pkg={{ item }} update_cache=yes cache_valid_time=3600 state=present - with_items: - - php5-fpm - - curl - - fcgiwrap - - name: SERVICE | Force start services - service: name={{ item }} state=started - register: sf - with_items: - - php5-fpm - - fcgiwrap - - name: PAUSE | Prevent bugs (CGI not fully loaded) - pause: seconds=5 - when: sf.changed + - name: INCLUDE | Pre_tasks related to OS version + include: "includes/pre_{{ ansible_distribution }}.yml" - name: FILE | Create an internal SSL dir file: path={{ int_ansible_ssl_dir }} state=directory - name: COPY | Deploy test certificate @@ -29,6 +14,7 @@ # Internal vars int_ansible_ssl_dir: '/etc/ansible-ssl' # Role vars + nginx_worker_processes: 1 # Ansible+FreeBSD can't detect CPU number nginx_backports: true nginx_php: true nginx_upstreams: @@ -141,8 +127,6 @@ location: '/hello': - htpasswd: 'hello' - - 'default_type "text/html; charset=UTF-8";' - - 'echo hello;' - name: 'test-htpasswd-all.local' template: '_base' htpasswd: 'hello' @@ -157,6 +141,8 @@ redirect_from: - 'www.test-php.local' template: '_php' + use_error_log: true + use_access_log: true - name: 'test-php-index.local' template: '_php_index' - name: 'test-proxy.local' @@ -193,14 +179,8 @@ # -------------------------------- # Apps # -------------------------------- - - name: APT | Install web apps - apt: pkg={{ item }} state=present - with_items: - - nagios3 - - backuppc - - name: SERVICE | Ensure backuppc is started - service: name=backuppc state=started - + - name: INCLUDE | Post_tasks related to OS version + include: "includes/post_{{ ansible_distribution }}.yml" # -------------------------------- # Deploy index files # -------------------------------- @@ -210,7 +190,10 @@ - name: -- Add HTML file -- copy: dest="{{ item }}/index.html" content="Index HTML test OK\n" with_items: ['{{ nginx_root }}/test.local/public', '/var/tmp', '{{ nginx_root }}/test-htpasswd-all.local/public', '{{ nginx_root }}/test-ssl.local/public', '{{ nginx_root }}/test-ssl-predeployed.local/public'] - + - name: -- Create directory -- + file: path={{ nginx_root }}/test-htpasswd.local/public/hello state=directory + - name: -- Add HTML file hello -- + copy: dest="{{ nginx_root }}/test-htpasswd.local/public/hello/index.html" content="hello\n" # -------------------------------- # Simple vhosts tests # -------------------------------- @@ -246,17 +229,17 @@ # Basic Auth # -------------------------------- - name: -- VERIFY AUTH BASIC NONE -- - command: "curl -H 'Host: test-htpasswd.local' http://127.0.0.1/hello" + command: "curl -H 'Host: test-htpasswd.local' http://127.0.0.1/hello/" changed_when: false register: authnone failed_when: authnone.stdout.find('401 Authorization Required') == -1 - name: -- VERIFY AUTH BASIC FAIL -- - command: "curl -u fail:fail -H 'Host: test-htpasswd.local' http://127.0.0.1/hello" + command: "curl -u fail:fail -H 'Host: test-htpasswd.local' http://127.0.0.1/hello/" changed_when: false register: authfail failed_when: authfail.stdout.find('401 Authorization Required') == -1 - name: -- VERIFY AUTH BASIC OK -- - command: "curl -u hanx:qwerty -H 'Host: test-htpasswd.local' http://127.0.0.1/hello" + command: "curl -u hanx:qwerty -H 'Host: test-htpasswd.local' http://127.0.0.1/hello/" changed_when: false register: authok failed_when: authok.stdout.find('hello') == -1 @@ -279,6 +262,7 @@ changed_when: false register: authbpc failed_when: authbpc.stdout.find('BackupPC Server Status') == -1 + when: ansible_distribution != 'FreeBSD' # -------------------------------- # Nagios @@ -289,7 +273,7 @@ register: nagios_php failed_when: nagios_php.stdout.find('Nagios Core') == -1 - name: -- VERIFY NAGIOS3 CGI -- - command: "curl -u nagiosadmin:nagios -H 'Host: nagios3.local' http://127.0.0.1/cgi-bin/nagios3/summary.cgi" + command: "curl -u nagiosadmin:nagios -H 'Host: nagios3.local' http://127.0.0.1/cgi-bin{% if ansible_distribution == 'Debian' %}/nagios3{% endif %}/summary.cgi" changed_when: false register: nagios_cgi failed_when: nagios_cgi.stdout.find('Nagios Event Summary') == -1 diff --git a/vars/Debian.yml b/vars/Debian.yml new file mode 100644 index 0000000..ac83d51 --- /dev/null +++ b/vars/Debian.yml @@ -0,0 +1,8 @@ +nginx_events_use: 'epoll' +nginx_pid: '/run/nginx.pid' +nginx_etc_dir: '/etc/nginx' + +# Specific vhosts +nginx_nagios_root: '/usr/share/nagios3/htdocs' +nginx_nagios_stylesheets: '/etc/nagios3/stylesheets' +nginx_fcgiwrap_sock: '/var/run/fcgiwrap.socket' diff --git a/vars/FreeBSD.yml b/vars/FreeBSD.yml new file mode 100644 index 0000000..02c757b --- /dev/null +++ b/vars/FreeBSD.yml @@ -0,0 +1,7 @@ +nginx_events_use: 'kqueue' +nginx_pid: '/var/run/nginx.pid' +nginx_etc_dir: '/usr/local/etc/nginx' + +# Specific vhosts +nginx_nagios_root: '/usr/local/www/nagios' +nginx_fcgiwrap_sock: '/var/run/fcgiwrap/fcgiwrap.sock'