forked from ISTI-ansible-roles/ansible-roles
74 lines
2.3 KiB
YAML
74 lines
2.3 KiB
YAML
---
|
|
nginx_enabled: True
|
|
nginx_use_ppa: False
|
|
nginx_ppa_repo: ppa:nginx/stable
|
|
nginx_package_state: installed
|
|
|
|
#nginx_virthosts: []
|
|
|
|
nginx_enable_compression: True
|
|
nginx_gzip_vary: "on"
|
|
nginx_gzip_proxied: any
|
|
nginx_gzip_comp_level: 6
|
|
nginx_gzip_buffers: 16 8k
|
|
nginx_gzip_http_version: 1.1
|
|
nginx_gzip_types: "text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript"
|
|
|
|
nginx_proxy_buffering: "on"
|
|
nginx_proxy_redirect: "off"
|
|
nginx_proxy_buffer_size: 128k
|
|
nginx_proxy_buffers: 4 256k
|
|
nginx_proxy_busy_buffers_size: 256k
|
|
nginx_proxy_connect_timeout: 30s
|
|
nginx_proxy_read_timeout: 480s
|
|
nginx_proxy_send_timeout: 120s
|
|
nginx_client_max_body_size: 32000M
|
|
nginx_client_body_timeout: 240s
|
|
|
|
# Find a set of acceptable defaults for the cache setup
|
|
nginx_cache_enabled: False
|
|
|
|
nginx_use_ldap_pam_auth: False
|
|
nginx_pam_svc_name: nginx
|
|
nginx_ldap_uri: "ldap://ldap.example.org"
|
|
nginx_ldap_base_dn: "dc=example,dc=org"
|
|
|
|
nginx_letsencrypt_managed: True
|
|
|
|
# Virtualhost example
|
|
# nginx_virthosts:
|
|
# - virthost_name: '{{ ansible_fqdn }}'
|
|
# listen: '{{ http_port }}'
|
|
# server_name: '{{ ansible_fqdn }}'
|
|
# server_aliases: ''
|
|
# index: index.html
|
|
# error_page: /path_to_error_page.html
|
|
# ssl_enabled: False
|
|
# ssl_only: False
|
|
# ssl_letsencrypt_certs: '{{ nginx_letsencrypt_managed }}'
|
|
# root: /usr/share/nginx/html/
|
|
# server_tokens: 'off'
|
|
# proxy_standard_setup: True
|
|
# proxy_additional_options:
|
|
# - 'proxy_cache_path /tmp/nginx_cache levels=1:2 keys_zone=cache:30m max_size=250m;'
|
|
# proxies:
|
|
# - location: /
|
|
# target: http://localhost:{{ local_http_port }};
|
|
#
|
|
# extra_parameters: |
|
|
# location ~ \.php$ {
|
|
# fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
|
# fastcgi_pass unix:/var/run/php5-fpm.sock;
|
|
# fastcgi_index index.php;
|
|
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
# include fastcgi_params;
|
|
# }
|
|
|
|
# TODO: ckan, ssl with 80 -> 443 redirection, ssl only (no listening on 80).
|
|
# If nginx via ppa, proxy_protocol e http/2 too
|
|
# php, rewrite rules, acls, ldap auth
|
|
# More robust rules
|
|
# log format personalization (global, inside conf.d)
|
|
#
|
|
# Special cases: mediawiki,...
|