initial commit
This commit is contained in:
HgO
62
roles/common/templates/nginx/default.conf.j2
Normal file
62
roles/common/templates/nginx/default.conf.j2
Normal file
@@ -0,0 +1,62 @@
|
||||
{{ ansible_managed | comment }}
|
||||
# Default server configuration
|
||||
#
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server ipv6only=on;
|
||||
|
||||
root /var/www/default;
|
||||
|
||||
server_name _;
|
||||
|
||||
location ^~ /.well-known/acme-challenge/ {
|
||||
allow all;
|
||||
root /var/www/acme;
|
||||
try_files $uri =404;
|
||||
}
|
||||
|
||||
location / {
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
|
||||
location = /favicon.ico {
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
location = /robots.txt {
|
||||
allow all;
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
location ~* ^.+.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$ {
|
||||
expires 7d;
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
location ~ /\. {
|
||||
deny all;
|
||||
access_log off;
|
||||
log_not_found off;
|
||||
}
|
||||
|
||||
location ~ /nginx_status {
|
||||
stub_status on;
|
||||
access_log off;
|
||||
allow 127.0.0.1;
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 default_server;
|
||||
listen [::]:443 default_server;
|
||||
|
||||
server_name _;
|
||||
|
||||
include snippets/snakeoil.conf;
|
||||
|
||||
return 444;
|
||||
}
|
||||
31
roles/common/templates/nginx/node-exporter.conf.j2
Normal file
31
roles/common/templates/nginx/node-exporter.conf.j2
Normal file
@@ -0,0 +1,31 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
{% if nginx_server_name is defined %}
|
||||
server {
|
||||
listen {{ nginx_port }};
|
||||
|
||||
server_name {{ nginx_server_name }};
|
||||
{% endif %}
|
||||
|
||||
{% for location in nginx_locations %}
|
||||
location {{ location }} {
|
||||
{% if location.proxy_pass is defined %}
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_redirect off;
|
||||
{% endif %}
|
||||
|
||||
{% if location.basic_auth_file is defined %}
|
||||
auth_basic "Authentication required";
|
||||
auth_basic_user_file /etc/nginx/{{ location.basic_auth_file }};
|
||||
{% endif %}
|
||||
|
||||
{% if location.proxy_pass is defined %}
|
||||
proxy_pass http://localhost:{{ location.proxy_pass.port | default('80') }}{{ location.proxy_pass.path }};
|
||||
{% endif %}
|
||||
}
|
||||
{% endif %}
|
||||
{% if nginx_server_name is defined %}
|
||||
}
|
||||
{% endif %}
|
||||
Reference in New Issue
Block a user