Merge branch 'master' into debian_11
commit
5e2f988beb
95
doc/site.md
95
doc/site.md
|
@ -9,14 +9,30 @@ Common
|
|||
------
|
||||
|
||||
- `name`: (M) Domain or list of domain used.
|
||||
- `template`: (D) template used to create site. Optional if you set `state`=`absent` or using `redirect_to`.
|
||||
- `filename`: (O) Specify filename in /etc/nginx/sites-*. Do NOT specify default (reserved keyword). It will be used for log filenames and directories creation.
|
||||
- `state`: (O) Site status. Can be "present" (default), "absent" and "disabled".
|
||||
- `filename`: (O) Specify filename in `/etc/nginx/sites-*`. Do NOT specify default (reserved keyword). It will be used for log filenames and directories creation.
|
||||
|
||||
(O): Optional
|
||||
(M): Mandatory
|
||||
(D): Depends other keys...
|
||||
|
||||
You can use 2 config (at the same time time):
|
||||
|
||||
- pre-built: Some configuration are templated (Wordpress, Symfony...), auto create root dir, perform an "A+" on ssllabs for https... etc
|
||||
- custom: Push your own site config template. Usefull when you have a complex configuration.
|
||||
|
||||
|
||||
Pre-built site config
|
||||
---------------------
|
||||
|
||||
# Keys
|
||||
|
||||
- `template`: (M) template used to create site. Optional if you set `state`=`absent` or using `redirect_to`.
|
||||
- `redirect_from`: (O) Domain list to redirect to the first `name`. You can use this key to redirect non-www to www
|
||||
- `redirect_to`: (O) Redirect all requests to this domain. Please set scheme (http:// or https:// or $sheme).
|
||||
- `headers`: (O) Set additionals header as key/value list. You can append "always" to the value. Show [nginx doc](http://nginx.org/en/docs/http/ngx_http_headers_module.html).
|
||||
- `redirect_to_code`: Redirect code (default: 302)
|
||||
- `redirect_https`: (O) Boolean. Redirect HTTP to HTTPS. If "true", you _MUST_ set `proto` to ```['https']```.
|
||||
- `redirect_https`: (O) Boolean. Redirect HTTP to HTTPS. If "true", you _MUST_ set `proto` to `['https']`.
|
||||
- `location`: (O) Add new custom locations (it does not overwrite!)
|
||||
- `location_order`: (O) Due to non preditive `location` order, you can provide the good order (see test-location.local in [tests/test.yml](../tests/test.yml)).
|
||||
- `location_before`: (O) Add new custom locations before generated location by template
|
||||
|
@ -33,12 +49,7 @@ Common
|
|||
- `listen_proxy_protocol_ssl` (O) Enable proxy protocol on https port.
|
||||
- `hsts` (O) overwrite default header for hsts
|
||||
|
||||
(O): Optional
|
||||
(M): Mandatory
|
||||
(D): Depends other keys...
|
||||
|
||||
Templates
|
||||
---------
|
||||
### Templates
|
||||
|
||||
- `_base`: static template
|
||||
- `_dokuwiki`
|
||||
|
@ -51,8 +62,7 @@ Templates
|
|||
|
||||
Templates works as parent-child.
|
||||
|
||||
About proxy template
|
||||
--------------------
|
||||
### About proxy template
|
||||
|
||||
Proxy template allow you to use Nginx as reverse proxy. Usefull when you have an application service such as Redmine, Jenkins...
|
||||
|
||||
|
@ -63,10 +73,69 @@ You have many key added to site key:
|
|||
|
||||
(O) : Optional
|
||||
|
||||
Default sites
|
||||
--------------
|
||||
### Default sites
|
||||
|
||||
You can manage default site by setting domain name to these variables.
|
||||
|
||||
- `nginx_default_site`
|
||||
- `nginx_default_site_ssl`
|
||||
|
||||
*IT WORKS ONLY WITH PRE-BUIT SITES*
|
||||
|
||||
|
||||
### Example
|
||||
|
||||
|
||||
```yaml
|
||||
- nginx_sites:
|
||||
- name: 'mywebsite.com'
|
||||
template: '_wordpress'
|
||||
headers:
|
||||
x-ansibled: '1'
|
||||
manage_local_content: false
|
||||
```
|
||||
|
||||
|
||||
Custom site config
|
||||
------------------
|
||||
|
||||
### Keys
|
||||
|
||||
- `custom_template`: (M) template path used
|
||||
|
||||
You can add some extra infos if needed.
|
||||
|
||||
### Example:
|
||||
|
||||
```yaml
|
||||
- nginx_sites:
|
||||
- name: 'mycustom-website.com'
|
||||
custom_template: 'my/template_dir/the-template.conf.j2'
|
||||
allow_admin: '192.168.0.0/24'
|
||||
```
|
||||
|
||||
In `my/template_dir/the-template.conf.j2`:
|
||||
|
||||
```
|
||||
#
|
||||
# {{ ansible_managed }} - {{ item.name }}
|
||||
#
|
||||
|
||||
server {
|
||||
listen 8080 http2 proxy_protocol;
|
||||
server_name {{ item.name }};
|
||||
index index.html;
|
||||
root /var/www/{{ item.name }};
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
|
||||
location /admin {
|
||||
allow {{ item.allow_admin }};
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
|
||||
|
|
|
@ -50,7 +50,17 @@
|
|||
owner: root
|
||||
group: root
|
||||
notify: ['reload nginx', 'restart nginx freebsd']
|
||||
when: item.state is not defined or item.state != 'absent'
|
||||
when: (item.state is not defined or item.state != 'absent') and item.custom_template is not defined
|
||||
loop: "{{ nginx_sites }}"
|
||||
loop_control:
|
||||
label: "{{ item | nginx_site_name }}"
|
||||
|
||||
- name: TEMPLATE | Create sites with preconfigured template
|
||||
template:
|
||||
src: "{{ item.custom_template }}"
|
||||
dest: "{{ nginx_etc_dir }}/sites-available/{{ item | nginx_site_filename }}"
|
||||
notify: ['reload nginx', 'restart nginx freebsd']
|
||||
when: (item.state is not defined or item.state != 'absent') and item.custom_template is defined
|
||||
loop: "{{ nginx_sites }}"
|
||||
loop_control:
|
||||
label: "{{ item | nginx_site_name }}"
|
||||
|
|
|
@ -17,7 +17,6 @@
|
|||
- cron
|
||||
- curl
|
||||
- daemonize
|
||||
- fcgiwrap
|
||||
- jq
|
||||
- nghttp2
|
||||
- strace
|
||||
|
@ -40,11 +39,6 @@
|
|||
changed_when: false
|
||||
register: cur_php_version
|
||||
|
||||
- name: SERVICE | Force start fcgiwrap
|
||||
service:
|
||||
name: "fcgiwrap"
|
||||
state: started
|
||||
|
||||
# Bypasses Ansible+Docker issue. With service module... php is not really started!
|
||||
- name: COMMAND | Force start PHP
|
||||
command: "service php{{ cur_php_version.stdout }}-fpm start"
|
||||
|
|
|
@ -42,7 +42,6 @@
|
|||
register: sf
|
||||
loop:
|
||||
- php-fpm
|
||||
- fcgiwrap
|
||||
|
||||
- name: STAT | Check ports
|
||||
stat:
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
# {{ ansible_managed }} - custom template
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
listen 8888 http2;
|
||||
listen 9999 http2 proxy_protocol;
|
||||
server_name {{ item.name }};
|
||||
|
||||
index index.html index.htm;
|
||||
|
||||
root {{ item.root }};
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
}
|
|
@ -289,6 +289,9 @@
|
|||
ssl_name: '{{ ngrok.stdout }}'
|
||||
headers:
|
||||
'X-acme': '1'
|
||||
- name: 'test-custom-template.local'
|
||||
custom_template: 'templates/custom_template.conf.j2'
|
||||
root: '/tmp/custom-template'
|
||||
|
||||
nginx_php: "{{ [{'upstream_name': 'manual', 'sockets': [{'host': '127.0.0.1', 'port': '9636' }] }] }}"
|
||||
nginx_dh_length: 1024
|
||||
|
@ -316,6 +319,14 @@
|
|||
- 'test-php-index.local'
|
||||
- 'test-php-index2.local'
|
||||
|
||||
- name: -- Add Directories --
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
loop:
|
||||
- "{{ nginx_root }}/test-htpasswd.local/public/hello"
|
||||
- "/tmp/custom-template"
|
||||
|
||||
- name: -- Add HTML file --
|
||||
ansible.builtin.copy:
|
||||
dest: "{{ item }}/index.html"
|
||||
|
|
|
@ -3,6 +3,3 @@
|
|||
nginx_events_use: 'epoll'
|
||||
nginx_pid: '/run/nginx.pid'
|
||||
nginx_etc_dir: '/etc/nginx'
|
||||
|
||||
# Specific sites
|
||||
nginx_fcgiwrap_sock: '/var/run/fcgiwrap.socket'
|
||||
|
|
|
@ -4,7 +4,4 @@ nginx_events_use: 'kqueue'
|
|||
nginx_pid: '/var/run/nginx.pid'
|
||||
nginx_etc_dir: '/usr/local/etc/nginx'
|
||||
|
||||
# Specific sites
|
||||
nginx_fcgiwrap_sock: '/var/run/fcgiwrap/fcgiwrap.sock'
|
||||
|
||||
nginx_acmesh_bin: '/usr/local/sbin/acme.sh'
|
||||
|
|
Loading…
Reference in New Issue