Головна сторінка Огляд Довідка
Увійти
fphammerle
/
ansible-role-nginx
дзеркало https://github.com/fphammerle/ansible-role-nginx
1
0
Відгалуження 0
Файли Проблеми 0 Wiki
Дерево: 0658f85322
Гілки Теги
ansible-role-ng...
/
templates
/
vhosts.j2

vhosts.j2 2.2 KB
Історія Запис

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879 
  1. {% for x509 in vhosts_x509.results %}
    2. 

  2. 

  3. {%- set vhost = x509.vhost -%}
    4. 

  4. {%- set ssl = vhost.ssl | default(false) -%}
    5. 

  5. {%- set php_fastcgi = vhost.php_fastcgi | default(false) -%}
    6. 

  6. 

  7. server {
    8. 

  8. 

  9.     listen
    10. 

  10. {%- if ssl %}
    11. 

  11.  {{ vhost.listen | default('443') }} ssl
    12. 

  12. {%- else %}
    13. 

  13.  {{ vhost.listen | default('80') }}
    14. 

  14. {%- endif -%}
    15. 

  15. {%- if vhost.default_server | default(false) %}
    16. 

  16.  default_server
    17. 

  17. {%- endif -%}
    18. 

  18. ;
    19. 

  19. 

  20. {% if vhost.server_name is defined %}
    21. 

  21.     server_name {{ vhost.server_name }};
    22. 

  22. {% endif %}
    23. 

  23. 

  24. {% if ssl %}
    25. 

  25.     ssl_certificate "{{ x509.cert_path }}";
    26. 

  26.     ssl_certificate_key "{{ x509.key_path }}";
    27. 

  27. {% if vhost.strict_transport_security | default(false) %}
    28. 

  28.     add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; ";
    29. 

  29. {% endif %}
    30. 

  30. {% endif %}
    31. 

  31. 

  32. {% if vhost.root is defined %}
    33. 

  33.     root {{ vhost.root }};
    34. 

  34. {% endif %}
    35. 

  35. 

  36. {% if vhost.index is defined %}
    37. 

  37.     index {{ vhost.index }};
    38. 

  38. {% else %}
    39. 

  39.     index {% if php_fastcgi %}index.php {% endif %}index.html;
    40. 

  40. {% endif %}
    41. 

  41. 

  42. {% if vhost.error_page is defined %}
    43. 

  43.     error_page {{ vhost.error_page }};
    44. 

  44. {% endif %}
    45. 

  45. {% if vhost.access_log is defined %}
    46. 

  46.     access_log {{ vhost.access_log }};
    47. 

  47. {% endif %}
    48. 

  48. {% if vhost.error_log is defined %}
    49. 

  49.     error_log {{ vhost.error_log }} error;
    50. 

  50. {% endif %}
    51. 

  51. 

  52. {% if vhost.return is defined %}
    53. 

  53.     return {{ vhost.return }};
    54. 

  54. {% endif %}
    55. 

  55. 

  56. {% if php_fastcgi %}
    57. 

  57.     location ~ [^/]\.php(/|$) {
    58. 

  58.         # correctly handle request like /test.php/foo/blah.php or /test.php/
    59. 

  59.         fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    60. 

  60.         # check whether the *.php does indeed exist to prevent nginx
    61. 

  61.         # to feeding PHP FPM non php script file (like uploaded image)
    62. 

  62.         # (if instead of try_files due to nginx bug #321)
    63. 

  63.         if (!-f $document_root$fastcgi_script_name) {
    64. 

  64.             return 404;
    65. 

  65.         }
    66. 

  66.         # Mitigate https://httpoxy.org/ vulnerabilities
    67. 

  67.         fastcgi_param HTTP_PROXY "";
    68. 

  68.         fastcgi_pass unix:/var/run/php5-fpm.sock;
    69. 

  69.         fastcgi_index index.php;
    70. 

  70.         include fastcgi_params;
    71. 

  71.     }
    72. 

  72.     # https://www.nginx.com/resources/wiki/start/topics/examples/phpfcgi/
    73. 

  73. {% endif %}
    74. 

  74. 

  75. {% if vhost.extra_parameters is defined %}
    76. 

  76.     {{ vhost.extra_parameters|indent(4) }}
    77. 

  77. {% endif %}
    78. 

  78. }
    79. 

  79. {% endfor %}
    80.