ansible-nginx/templates/etc/nginx/sites-available/_base.j2

123 lines
3.0 KiB
Django/Jinja

{% set __listen = item.listen | default(['80']) %}
{% set __listen_ssl = item.listen_ssl | default(['443']) %}
{% set __location = item.location | default({}) %}
{% macro htpasswd(htpasswd_name, indent=1) -%}
{% for ht in nginx_htpasswd %}{% if ht.name == htpasswd_name %}
{{ "\t" * indent }}auth_basic "{{ ht.description }}";
{{ "\t" * indent }}auth_basic_user_file {{ nginx_htpasswd_dir }}/{{ ht.name }};
{% endif %}{% endfor%}
{%- endmacro %}
#
# {{ ansible_managed }}
#
#
# HTTP
#
server {
{% for port in __listen %}
listen {{ port }};
{% endfor %}
server_name {% if item.name is string %}{{ item.name }}{% else %}{{ item.name | join(' ') }}{% endif %};
{% block root %}
{% if item.root is defined %}
root {{ item.root }};
{% else %}
root {{ nginx_root }}/{{ item.name if item.name is string else item.name[0] }}/public;
{% endif %}
{% endblock %}
{% block template_index %}
index {{ item.index | default('index.html index.htm') }};
{% endblock %}
{% if item.more is defined and item.more is iterable %}
{% for line in item.more %}
{{ line }}
{% endfor %}
{% endif %}
{% if item.htpasswd is defined %}
{{ htpasswd(item.htpasswd, 1) }}
{% endif %}
{% if not __location.has_key('/') %}
location / {
{% block template_try_files %}
try_files {{ override_try_files | default('$uri $uri/ =404') }};
{% endblock %}
}
{% endif %}
{% block template_upstream_location %}
{% endblock %}
{% block template_custom_location %}
{% endblock %}
{% block template_local_content %}
{% if item.manage_local_content is not defined or item.manage_local_content %}
location ~ /\.ht {
deny all;
}
location = /favicon.ico {
expires 30d;
access_log off;
log_not_found off;
}
location ~* \.(txt|js|css|png|jpe?g|gif|ico|svg)$ {
expires 30d;
log_not_found off;
}
{% endif %}
{% endblock %}
{% if __location is iterable and __location | length > 0 %}
# --> Custom locations
{% for location, opts in __location.iteritems() %}
location {{ location }} {
{% for opt in opts %}
{% if opt.htpasswd is defined %}{{ htpasswd(opt.htpasswd, 2) }}{% else %}
{{ opt }}
{% endif %}
{% endfor %}
}
{% endfor %} # <-- Custom locations
{% endif %}
{% if item.use_access_log is defined and item.use_access_log %}
access_log {{ nginx_log_dir }}/{{ item.name[0] }}_access.log combined;
{% else %}
access_log off;
{% endif %}
{% if item.use_error_log is defined and item.use_error_log %}
error_log {{ nginx_log_dir }}/{{ item.name[0] }}_error.log {{ nginx_error_log_level }};
{% else %}
error_log off;
{% endif %}
}
{#
# HTTPS
#server {
ssl on;
ssl_certificate {{ nginx_ssl_dir }}/{{ item.name }}/{{ item.name }}.crt;
ssl_certificate_key {{ nginx_ssl_dir }}/{{ item.name }}/{{ item.name }}.key;
include {{ nginx_helper_dir }}/ssl-{{ item.ssl.template | default('strong') }};
#}
{% if item.redirect_from is defined and item.redirect_from is iterable %}
#
# Redirect from
#
server {
{% for port in __listen %}
listen {{ port }};
{% endfor %}
server_name {{ item.redirect_from | join(' ') }};
return 301 $scheme://{{ item.name[0] }}$request_uri;
}
{% endif %}
# vim:filetype=nginx