[SKIP CI] update readme

This commit is contained in:
Drone Shipper 2019-11-22 23:04:52 +00:00
parent 1c2f584fff
commit 7e97e3e9ef

360
README.md
View File

@ -8,51 +8,51 @@ Role to setup nginx
## Table of content
* [Default Variables](#default-variables)
* [nginx_official_repo_enabled](#nginx_official_repo_enabled)
* [nginx_user](#nginx_user)
* [nginx_group](#nginx_group)
* [nginx_worker_processes](#nginx_worker_processes)
* [nginx_worker_connections](#nginx_worker_connections)
* [nginx_error_log](#nginx_error_log)
* [nginx_access_log](#nginx_access_log)
* [nginx_client_body_buffer_size](#nginx_client_body_buffer_size)
* [nginx_client_header_buffer_size](#nginx_client_header_buffer_size)
* [nginx_client_max_body_size](#nginx_client_max_body_size)
* [nginx_client_body_timeout](#nginx_client_body_timeout)
* [nginx_client_header_buffer_size](#nginx_client_header_buffer_size)
* [nginx_client_header_timeout](#nginx_client_header_timeout)
* [nginx_keepalive_timeout](#nginx_keepalive_timeout)
* [nginx_send_timeout](#nginx_send_timeout)
* [nginx_reset_timedout_connection](#nginx_reset_timedout_connection)
* [nginx_gzip_enabled](#nginx_gzip_enabled)
* [nginx_client_max_body_size](#nginx_client_max_body_size)
* [nginx_csp_enabled](#nginx_csp_enabled)
* [nginx_csp_options](#nginx_csp_options)
* [nginx_error_log](#nginx_error_log)
* [nginx_group](#nginx_group)
* [nginx_gzip_comp_level](#nginx_gzip_comp_level)
* [nginx_gzip_enabled](#nginx_gzip_enabled)
* [nginx_gzip_min_length](#nginx_gzip_min_length)
* [nginx_gzip_proxied](#nginx_gzip_proxied)
* [nginx_gzip_types](#nginx_gzip_types)
* [nginx_tls_enabled](#nginx_tls_enabled)
* [nginx_tls_versions](#nginx_tls_versions)
* [nginx_tls_cert_file](#nginx_tls_cert_file)
* [nginx_tls_key_file](#nginx_tls_key_file)
* [nginx_tls_dhparam_size](#nginx_tls_dhparam_size)
* [nginx_tls_ciphers](#nginx_tls_ciphers)
* [nginx_tls_ocsp_enabled](#nginx_tls_ocsp_enabled)
* [nginx_tls_hsts_enabled](#nginx_tls_hsts_enabled)
* [nginx_hsts_options](#nginx_hsts_options)
* [nginx_keepalive_timeout](#nginx_keepalive_timeout)
* [nginx_official_repo_enabled](#nginx_official_repo_enabled)
* [nginx_reset_timedout_connection](#nginx_reset_timedout_connection)
* [nginx_send_timeout](#nginx_send_timeout)
* [nginx_server_names_hash_bucket_size](#nginx_server_names_hash_bucket_size)
* [nginx_tls_cert_file](#nginx_tls_cert_file)
* [nginx_tls_cert_source](#nginx_tls_cert_source)
* [nginx_tls_ciphers](#nginx_tls_ciphers)
* [nginx_tls_dhparam_file](#nginx_tls_dhparam_file)
* [nginx_tls_dhparam_size](#nginx_tls_dhparam_size)
* [nginx_tls_ecdh_curve](#nginx_tls_ecdh_curve)
* [nginx_tls_enabled](#nginx_tls_enabled)
* [nginx_tls_hsts_enabled](#nginx_tls_hsts_enabled)
* [nginx_tls_key_file](#nginx_tls_key_file)
* [nginx_tls_key_source](#nginx_tls_key_source)
* [nginx_tls_ocsp_enabled](#nginx_tls_ocsp_enabled)
* [nginx_tls_ocsp_trusted_certificate](#nginx_tls_ocsp_trusted_certificate)
* [nginx_tls_versions](#nginx_tls_versions)
* [nginx_user](#nginx_user)
* [nginx_vhosts_default](#nginx_vhosts_default)
* [nginx_vhosts_dir](#nginx_vhosts_dir)
* [nginx_vhosts_extra](#nginx_vhosts_extra)
* [nginx_worker_connections](#nginx_worker_connections)
* [nginx_worker_processes](#nginx_worker_processes)
* [nginx_xcto_enabled](#nginx_xcto_enabled)
* [nginx_xfo_enabled](#nginx_xfo_enabled)
* [nginx_xfo_policy](#nginx_xfo_policy)
* [nginx_xcto_enabled](#nginx_xcto_enabled)
* [nginx_csp_enabled](#nginx_csp_enabled)
* [nginx_xxxsp_enabled](#nginx_xxxsp_enabled)
* [nginx_xxxsp_parameters](#nginx_xxxsp_parameters)
* [nginx_vhosts_dir](#nginx_vhosts_dir)
* [nginx_vhosts_default](#nginx_vhosts_default)
* [nginx_vhosts_extra](#nginx_vhosts_extra)
* [nginx_server_names_hash_bucket_size](#nginx_server_names_hash_bucket_size)
* [nginx_tls_cert_source](#nginx_tls_cert_source)
* [nginx_tls_key_source](#nginx_tls_key_source)
* [nginx_tls_dhparam_file](#nginx_tls_dhparam_file)
* [nginx_tls_ecdh_curve](#nginx_tls_ecdh_curve)
* [nginx_tls_ocsp_trusted_certificate](#nginx_tls_ocsp_trusted_certificate)
* [nginx_csp_options](#nginx_csp_options)
* [Dependencies](#dependencies)
* [License](#license)
* [Author](#author)
@ -61,57 +61,6 @@ Role to setup nginx
## Default Variables
### nginx_official_repo_enabled
#### Default value
```YAML
nginx_official_repo_enabled: true
```
### nginx_user
#### Default value
```YAML
nginx_user: nginx
```
### nginx_group
#### Default value
```YAML
nginx_group: nginx
```
### nginx_worker_processes
#### Default value
```YAML
nginx_worker_processes: 1
```
### nginx_worker_connections
#### Default value
```YAML
nginx_worker_connections: 1024
```
### nginx_error_log
#### Default value
```YAML
nginx_error_log:
enabled: true
file: /var/log/nginx/error.log
level: error
```
### nginx_access_log
#### Default value
@ -131,22 +80,6 @@ nginx_access_log:
nginx_client_body_buffer_size: 10k
```
### nginx_client_header_buffer_size
#### Default value
```YAML
nginx_client_header_buffer_size: 1k
```
### nginx_client_max_body_size
#### Default value
```YAML
nginx_client_max_body_size: 8m
```
### nginx_client_body_timeout
#### Default value
@ -155,6 +88,14 @@ nginx_client_max_body_size: 8m
nginx_client_body_timeout: 60
```
### nginx_client_header_buffer_size
#### Default value
```YAML
nginx_client_header_buffer_size: 1k
```
### nginx_client_header_timeout
#### Default value
@ -163,36 +104,51 @@ nginx_client_body_timeout: 60
nginx_client_header_timeout: 60
```
### nginx_keepalive_timeout
### nginx_client_max_body_size
#### Default value
```YAML
nginx_keepalive_timeout: 65
nginx_client_max_body_size: 8m
```
### nginx_send_timeout
### nginx_csp_enabled
#### Default value
```YAML
nginx_send_timeout: 60
nginx_csp_enabled: false
```
### nginx_reset_timedout_connection
### nginx_csp_options
#### Default value
#### Example usage
```YAML
nginx_reset_timedout_connection: true
nginx_csp_options:
- directive: frame-ancestors
parameters:
- https://example.com
- https://mypage.com
```
### nginx_gzip_enabled
### nginx_error_log
#### Default value
```YAML
nginx_gzip_enabled: true
nginx_error_log:
enabled: true
file: /var/log/nginx/error.log
level: error
```
### nginx_group
#### Default value
```YAML
nginx_group: nginx
```
### nginx_gzip_comp_level
@ -203,6 +159,14 @@ nginx_gzip_enabled: true
nginx_gzip_comp_level: 2
```
### nginx_gzip_enabled
#### Default value
```YAML
nginx_gzip_enabled: true
```
### nginx_gzip_min_length
#### Default value
@ -237,21 +201,54 @@ nginx_gzip_types:
- application/xml
```
### nginx_tls_enabled
### nginx_hsts_options
#### Default value
```YAML
nginx_tls_enabled: false
nginx_hsts_options:
- max-age=63072000
- includeSubDomains
```
### nginx_tls_versions
### nginx_keepalive_timeout
#### Default value
```YAML
nginx_tls_versions:
- TLSv1.2
nginx_keepalive_timeout: 65
```
### nginx_official_repo_enabled
#### Default value
```YAML
nginx_official_repo_enabled: true
```
### nginx_reset_timedout_connection
#### Default value
```YAML
nginx_reset_timedout_connection: true
```
### nginx_send_timeout
#### Default value
```YAML
nginx_send_timeout: 60
```
### nginx_server_names_hash_bucket_size
#### Default value
```YAML
nginx_server_names_hash_bucket_size: 32
```
### nginx_tls_cert_file
@ -264,22 +261,14 @@ Set the destination filename.
nginx_tls_cert_file: mycert.pem
```
### nginx_tls_key_file
### nginx_tls_cert_source
Set the destination filename.
Source has to be a file.
#### Default value
```YAML
nginx_tls_key_file: mykey.pem
```
### nginx_tls_dhparam_size
#### Default value
```YAML
nginx_tls_dhparam_size: 2048
nginx_tls_cert_source: _unset_
```
### nginx_tls_ciphers
@ -295,12 +284,36 @@ nginx_tls_ciphers:
- ECDHE-RSA-AES256-SHA384
```
### nginx_tls_ocsp_enabled
### nginx_tls_dhparam_file
#### Default value
```YAML
nginx_tls_ocsp_enabled: false
nginx_tls_dhparam_file: _unset_
```
### nginx_tls_dhparam_size
#### Default value
```YAML
nginx_tls_dhparam_size: 2048
```
### nginx_tls_ecdh_curve
#### Default value
```YAML
nginx_tls_ecdh_curve: _unset_
```
### nginx_tls_enabled
#### Default value
```YAML
nginx_tls_enabled: false
```
### nginx_tls_hsts_enabled
@ -311,71 +324,57 @@ nginx_tls_ocsp_enabled: false
nginx_tls_hsts_enabled: false
```
### nginx_hsts_options
### nginx_tls_key_file
Set the destination filename.
#### Default value
```YAML
nginx_hsts_options:
- max-age=63072000
- includeSubDomains
nginx_tls_key_file: mykey.pem
```
### nginx_xfo_enabled
### nginx_tls_key_source
Source has to be a file.
#### Default value
```YAML
nginx_xfo_enabled: true
nginx_tls_key_source: _unset_
```
### nginx_xfo_policy
### nginx_tls_ocsp_enabled
#### Default value
```YAML
nginx_xfo_policy: deny
nginx_tls_ocsp_enabled: false
```
### nginx_xcto_enabled
### nginx_tls_ocsp_trusted_certificate
#### Default value
```YAML
nginx_xcto_enabled: true
nginx_tls_ocsp_trusted_certificate: _unset_
```
### nginx_csp_enabled
### nginx_tls_versions
#### Default value
```YAML
nginx_csp_enabled: false
nginx_tls_versions:
- TLSv1.2
```
### nginx_xxxsp_enabled
### nginx_user
#### Default value
```YAML
nginx_xxxsp_enabled: true
```
### nginx_xxxsp_parameters
#### Default value
```YAML
nginx_xxxsp_parameters:
- mode=block
```
### nginx_vhosts_dir
#### Default value
```YAML
nginx_vhosts_dir: /var/www/vhosts
nginx_user: nginx
```
### nginx_vhosts_default
@ -427,6 +426,14 @@ nginx_vhosts_default:
error_page: /usr/share/nginx/html
```
### nginx_vhosts_dir
#### Default value
```YAML
nginx_vhosts_dir: /var/www/vhosts
```
### nginx_vhosts_extra
#### Default value
@ -435,68 +442,61 @@ nginx_vhosts_default:
nginx_vhosts_extra: []
```
### nginx_server_names_hash_bucket_size
### nginx_worker_connections
#### Default value
```YAML
nginx_server_names_hash_bucket_size: 32
nginx_worker_connections: 1024
```
### nginx_tls_cert_source
Source has to be a file.
### nginx_worker_processes
#### Default value
```YAML
nginx_tls_cert_source: _unset_
nginx_worker_processes: 1
```
### nginx_tls_key_source
Source has to be a file.
### nginx_xcto_enabled
#### Default value
```YAML
nginx_tls_key_source: _unset_
nginx_xcto_enabled: true
```
### nginx_tls_dhparam_file
### nginx_xfo_enabled
#### Default value
```YAML
nginx_tls_dhparam_file: _unset_
nginx_xfo_enabled: true
```
### nginx_tls_ecdh_curve
### nginx_xfo_policy
#### Default value
```YAML
nginx_tls_ecdh_curve: _unset_
nginx_xfo_policy: deny
```
### nginx_tls_ocsp_trusted_certificate
### nginx_xxxsp_enabled
#### Default value
```YAML
nginx_tls_ocsp_trusted_certificate: _unset_
nginx_xxxsp_enabled: true
```
### nginx_csp_options
### nginx_xxxsp_parameters
#### Example usage
#### Default value
```YAML
nginx_csp_options:
- directive: frame-ancestors
parameters:
- https://example.com
- https://mypage.com
nginx_xxxsp_parameters:
- mode=block
```
## Dependencies