ansible/xoxys.nginx
1
0
Fork 0
Code Issues Pull Requests Releases Activity

fix jinja formatting; add options for hsts

Browse Source
This commit is contained in:
Robert Kaussow 2018-08-12 01:13:06 +02:00
parent b9800a6a4c
commit aec36e8743
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
templates/etc/nginx/conf.d/header.conf.j2
View File

@ -1,5 +1,8 @@
# {{ ansible_managed }}
# default header settings
{% if nginx_tls_enabled and nginx_hsts_enabled %}
add_header Strict-Transport-Security{% if nginx_hsts_options %} "{{ nginx_hsts_options | join("; ") }}{% endif %};
{% endif %}
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";

5
templates/etc/nginx/nginx.conf.j2
View File

@ -1,3 +1,4 @@
#jinja2: lstrip_blocks: True
# {{ ansible_managed }}
user {{ nginx_user }} {{ nginx_group }};
worker_processes {{ nginx_worker_processes }};
@ -16,12 +17,12 @@ http {
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
{% if nginx_error_log.enabled %}
{% if nginx_error_log.enabled %}
error_log {{ nginx_error_log.file }} {{ nginx_error_log.level }};
{% else %}
error_log off;
{% endif %}
{% if nginx_access_log.enabled %}
{% if nginx_access_log.enabled %}
access_log {{ nginx_access_log.file }} {{ nginx_access_log.format }};
{% else %}
access_log off;