Minor changes on doc
Emilien Mantel
parent
ccba868390
commit
53b9dc078e
32
README.md
32
README.md
|
|
@ -5,7 +5,13 @@ Nginx for Debian Ansible role
|
||||||
|
|
||||||
Install and configure Nginx on Debian.
|
Install and configure Nginx on Debian.
|
||||||
|
|
||||||
SSL management will come later.
|
Features:
|
||||||
|
|
||||||
|
- SSL/TLS "hardened" support
|
||||||
|
- Manage basic auth on vhost / location
|
||||||
|
- Proxy + Upstream
|
||||||
|
- Fast PHP configuration
|
||||||
|
- Preconfigured vhost templates (should work on many app)
|
||||||
|
|
||||||
Requirements
|
Requirements
|
||||||
------------
|
------------
|
||||||
|
|
@ -17,24 +23,24 @@ Role Variables
|
||||||
|
|
||||||
### Packaging
|
### Packaging
|
||||||
|
|
||||||
- `nginx_apt_package`: APT nginx package (try: apt-cache search ^nginx)
|
- `nginx_apt_package`: APT nginx package (try: apt-cache search ^nginx)
|
||||||
- `nginx_backports`: Install nginx from backport repository (bool)
|
- `nginx_backports`: Install nginx from backport repository (bool)
|
||||||
|
|
||||||
### Shared
|
### Shared
|
||||||
|
|
||||||
- `nginx_root`: root directory where you want to have your files
|
- `nginx_root`: root directory where you want to have your files
|
||||||
- `nginx_log_dir`: log directory (if you change it, don't forget to change logrotate config)
|
- `nginx_log_dir`: log directory (if you change it, don't forget to change logrotate config)
|
||||||
- `nginx_resolver`: list of DNS resolver (default: OpenDNS)
|
- `nginx_resolver`: list of DNS resolver (default: OpenDNS)
|
||||||
- `nginx_error_log_level`: default log level
|
- `nginx_error_log_level`: default log level
|
||||||
|
|
||||||
### Nginx Configuration
|
### Nginx Configuration
|
||||||
|
|
||||||
- `nginx_user`
|
- `nginx_user`
|
||||||
- `nginx_worker_processes`
|
- `nginx_worker_processes`
|
||||||
- `nginx_pid`: daemon pid file
|
- `nginx_pid`: daemon pid file
|
||||||
- `nginx_events_*`: all variables in events block
|
- `nginx_events_*`: all variables in events block
|
||||||
- `nginx_http_*`: all variables in http block
|
- `nginx_http_*`: all variables in http block
|
||||||
- `nginx_custom_http`: instructions list (will put data in `/etc/nginx/conf.d/custom.conf`)
|
- `nginx_custom_http`: instructions list (will put data in `/etc/nginx/conf.d/custom.conf`)
|
||||||
|
|
||||||
Fine configuration
|
Fine configuration
|
||||||
------------------
|
------------------
|
||||||
|
|
|
||||||
|
|
@ -15,7 +15,7 @@ Each htpasswd has few keys:
|
||||||
|
|
||||||
`nginx_htpasswd` should be placed in a vaut file.
|
`nginx_htpasswd` should be placed in a vaut file.
|
||||||
|
|
||||||
Exemple
|
Example
|
||||||
-------
|
-------
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
|
||||||
|
|
@ -15,3 +15,4 @@ Each socket have:
|
||||||
- `max_fails`
|
- `max_fails`
|
||||||
- `fail_timeout`
|
- `fail_timeout`
|
||||||
|
|
||||||
|
With default configuration, it works fine with PHP-FPM. But if you install PHP7 with Dotdeb, path changed between version, you must set well this list.
|
||||||
|
|
|
||||||
50
doc/vhost.md
50
doc/vhost.md
|
|
@ -8,19 +8,21 @@ You can see many examples in: [tests/test.yml](../tests/test.yml).
|
||||||
Common
|
Common
|
||||||
------
|
------
|
||||||
|
|
||||||
- `name`: (M) Domain or list of domain used.
|
- `name`: (M) Domain or list of domain used.
|
||||||
- `template`: (D) template used to create vhost. Optional if you set `delete` to true or using `redirect_tor`.
|
- `template`: (D) template used to create vhost. Optional if you set `delete` to true or using `redirect_tor`.
|
||||||
- `enable`: (O) Enable the vhost (default is true)
|
- `enable`: (O) Enable the vhost (default is true)
|
||||||
- `delete`: (O) Delete the vhost (default is false)
|
- `delete`: (O) Delete the vhost (default is false)
|
||||||
- `redirect_from`: (O) Domain list to redirect to the first `name`. You can use this key to redirect non-www to www
|
- `redirect_from`: (O) Domain list to redirect to the first `name`. You can use this key to redirect non-www to www
|
||||||
- `redirect_to`: (O) Redirect all requests to this domain. Please set scheme (http:// or https:// or $sheme).
|
- `redirect_to`: (O) Redirect all requests to this domain. Please set scheme (http:// or https:// or $sheme).
|
||||||
- `redirect_to_code`: Redirect code (default: 302)
|
- `redirect_to_code`: Redirect code (default: 302)
|
||||||
- `location`: (O) Add new custom locations (it does not overwrite!)
|
- `location`: (O) Add new custom locations (it does not overwrite!)
|
||||||
- `more`: (O) Add more custom infos.
|
- `more`: (O) Add more custom infos.
|
||||||
- `upstream_params`: (O) Add upstream params (useful when you want to pass variables to PHP)
|
- `upstream_params`: (O) Add upstream params (useful when you want to pass variables to PHP)
|
||||||
- `override_try_files`: (O) overrides default try\_files defined in template
|
- `override_try_files`: (O) overrides default try\_files defined in template
|
||||||
- `manage_local_content`: (O) Boolean. Set to false if you do not want to manage local content (images, css...). This option is useless if you use `_proxy` template or `redirect_to` feature.
|
- `manage_local_content`: (O) Boolean. Set to false if you do not want to manage local content (images, css...). This option is useless if you use `_proxy` template or `redirect_to` feature.
|
||||||
- `htpasswd`: (0) References name key in `nginx_htpasswd`. Enable auth basic on all vhost.
|
- `htpasswd`: (O) References name key in `nginx_htpasswd`. Enable auth basic on all vhost.
|
||||||
|
- `proto`: (O) list of protocol used. Default is a list with "http". If you need http and https, you must set a list with "http" and "https". You can only set "https" without http support.
|
||||||
|
- `ssl_name`: (D) name of the key used when using TLS/SSL. Mandatory when `proto` contains "https"
|
||||||
|
|
||||||
(O): Optional
|
(O): Optional
|
||||||
(M): Mandatory
|
(M): Mandatory
|
||||||
|
|
@ -29,15 +31,15 @@ Common
|
||||||
Templates
|
Templates
|
||||||
---------
|
---------
|
||||||
|
|
||||||
- `_base`: static template
|
- `_base`: static template
|
||||||
- `_backuppc`: access to [BackupPC](http://backuppc.sourceforge.net/) (be careful: you need to install [fcgiwrap](https://packages.debian.org/jessie/fcgiwrap))
|
- `_backuppc`: access to [BackupPC](http://backuppc.sourceforge.net/) (be careful: you need to install [fcgiwrap](https://packages.debian.org/jessie/fcgiwrap))
|
||||||
- `_dokuwiki`
|
- `_dokuwiki`
|
||||||
- `_redirect`: should not be called explicitly
|
- `_redirect`: should not be called explicitly
|
||||||
- `_phalcon`: Phalcon PHP Framework
|
- `_phalcon`: Phalcon PHP Framework
|
||||||
- `_php`: PHP base template. Can work with many frameworks/tools
|
- `_php`: PHP base template. Can work with many frameworks/tools
|
||||||
- `_php_index`: Same as above. But you can only run index.php
|
- `_php_index`: Same as above. But you can only run index.php
|
||||||
- `_proxy`
|
- `_proxy`
|
||||||
- `_wordpress`
|
- `_wordpress`
|
||||||
|
|
||||||
Templates works as parent-child.
|
Templates works as parent-child.
|
||||||
|
|
||||||
|
|
@ -48,8 +50,8 @@ Proxy template allow you to use Nginx as reverse proxy. Usefull when you have an
|
||||||
|
|
||||||
You have many key added to vhost key:
|
You have many key added to vhost key:
|
||||||
|
|
||||||
- `upstream_name`: (O) upstream name used to pass proxy
|
- `upstream_name`: (O) upstream name used to pass proxy
|
||||||
- `proxy_params`: (M) list of raw params passed to the vhost
|
- `proxy_params`: (M) list of raw params passed to the vhost
|
||||||
|
|
||||||
(O) : Optional
|
(O) : Optional
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue