Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.
DroneShipper 7e97e3e9ef [SKIP CI] update readme pirms 2 nedēļām
defaults remove iptables integration pirms 1 mēnesi
handlers fix some standards pirms 1 gada
meta override meta author for readme pirms 1 mēnesi
molecule refactor ci pipeline pirms 1 mēnesi
tasks remove iptables integration pirms 1 mēnesi
templates add missing server options pirms 3 mēnešiem
.drone.jsonnet cleanup pipeline pirms 2 nedēļām
.drone.yml cleanup pipeline pirms 2 nedēļām
.gitignore [SKIP CI] remove pyc files pirms 6 mēnešiem
.later.yml cleanup pipeline pirms 2 nedēļām
HEADER.md refactor ci pipeline pirms 1 mēnesi
LICENSE Initial commit pirms 2 gadiem
README.md [SKIP CI] update readme pirms 2 nedēļām

README.md

xoxys.nginx

Build Status

Role to setup nginx

Table of content


Default Variables

nginx_access_log

Default value

nginx_access_log:
 enabled: true
 file: /var/log/nginx/access.log
 format: main

nginx_client_body_buffer_size

Default value

nginx_client_body_buffer_size: 10k

nginx_client_body_timeout

Default value

nginx_client_body_timeout: 60

nginx_client_header_buffer_size

Default value

nginx_client_header_buffer_size: 1k

nginx_client_header_timeout

Default value

nginx_client_header_timeout: 60

nginx_client_max_body_size

Default value

nginx_client_max_body_size: 8m

nginx_csp_enabled

Default value

nginx_csp_enabled: false

nginx_csp_options

Example usage

nginx_csp_options:
 - directive: frame-ancestors
  parameters:
   - https://example.com
   - https://mypage.com

nginx_error_log

Default value

nginx_error_log:
 enabled: true
 file: /var/log/nginx/error.log
 level: error

nginx_group

Default value

nginx_group: nginx

nginx_gzip_comp_level

Default value

nginx_gzip_comp_level: 2

nginx_gzip_enabled

Default value

nginx_gzip_enabled: true

nginx_gzip_min_length

Default value

nginx_gzip_min_length: 1000

nginx_gzip_proxied

Default value

nginx_gzip_proxied:
 - expired
 - no-cache
 - no-store
 - private
 - auth

nginx_gzip_types

Default value

nginx_gzip_types:
 - text/plain
 - application/x-javascript
 - text/xml
 - text/css
 - application/xml

nginx_hsts_options

Default value

nginx_hsts_options:
 - max-age=63072000
 - includeSubDomains

nginx_keepalive_timeout

Default value

nginx_keepalive_timeout: 65

nginx_official_repo_enabled

Default value

nginx_official_repo_enabled: true

nginx_reset_timedout_connection

Default value

nginx_reset_timedout_connection: true

nginx_send_timeout

Default value

nginx_send_timeout: 60

nginx_server_names_hash_bucket_size

Default value

nginx_server_names_hash_bucket_size: 32

nginx_tls_cert_file

Set the destination filename.

Default value

nginx_tls_cert_file: mycert.pem

nginx_tls_cert_source

Source has to be a file.

Default value

nginx_tls_cert_source: _unset_

nginx_tls_ciphers

Default value

nginx_tls_ciphers:
 - ECDHE-RSA-AES256-GCM-SHA512
 - DHE-RSA-AES256-GCM-SHA512
 - ECDHE-RSA-AES256-GCM-SHA384
 - DHE-RSA-AES256-GCM-SHA384
 - ECDHE-RSA-AES256-SHA384

nginx_tls_dhparam_file

Default value

nginx_tls_dhparam_file: _unset_

nginx_tls_dhparam_size

Default value

nginx_tls_dhparam_size: 2048

nginx_tls_ecdh_curve

Default value

nginx_tls_ecdh_curve: _unset_

nginx_tls_enabled

Default value

nginx_tls_enabled: false

nginx_tls_hsts_enabled

Default value

nginx_tls_hsts_enabled: false

nginx_tls_key_file

Set the destination filename.

Default value

nginx_tls_key_file: mykey.pem

nginx_tls_key_source

Source has to be a file.

Default value

nginx_tls_key_source: _unset_

nginx_tls_ocsp_enabled

Default value

nginx_tls_ocsp_enabled: false

nginx_tls_ocsp_trusted_certificate

Default value

nginx_tls_ocsp_trusted_certificate: _unset_

nginx_tls_versions

Default value

nginx_tls_versions:
 - TLSv1.2

nginx_user

Default value

nginx_user: nginx

nginx_vhosts_default

Default value

nginx_vhosts_default:
 - file: default
  servers:
   - port: 80
    server_name: '{{ ansible_fqdn }}'
    locations:
     - match: /
      root: /var/www/vhosts/default
      index: index.html

Example usage

nginx_vhosts_default:
 - file: default
  upstream:
   name: my_pool
   servers: []
  servers:
   - port: 80
    server_name: demo.example.com
    tls_redirect: False skips locations if enabled
    tls_redirect_url:
    tls:
     cert: /etc/pki/tls/..
     key: /etc/pki/tls/..
     dhparam:
    client_max_body_size:
    send_timeout:
    locations:
     - match: /
      root: /var/www/vhosts/default
      index: index.html
      proxy_pass:
      proxy_http_version: "1.1"
      proxy_buffering: "off"
      proxy_connect_timeout: 3600s
      proxy_read_timeout: 3600s
      proxy_send_timeout: 3600s
      proxy_headers: []
  error_page: /usr/share/nginx/html

nginx_vhosts_dir

Default value

nginx_vhosts_dir: /var/www/vhosts

nginx_vhosts_extra

Default value

nginx_vhosts_extra: []

nginx_worker_connections

Default value

nginx_worker_connections: 1024

nginx_worker_processes

Default value

nginx_worker_processes: 1

nginx_xcto_enabled

Default value

nginx_xcto_enabled: true

nginx_xfo_enabled

Default value

nginx_xfo_enabled: true

nginx_xfo_policy

Default value

nginx_xfo_policy: deny

nginx_xxxsp_enabled

Default value

nginx_xxxsp_enabled: true

nginx_xxxsp_parameters

Default value

nginx_xxxsp_parameters:
 - mode=block

Dependencies

None.

License

MIT

Author

xoxys