tpiccioli
/
ansible-roles
forked from ISTI-ansible-roles/ansible-roles
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

smartgears nginx template: Move the letsencrypt directives up.

This commit is contained in:
Andrea Dell'Amico 2019-04-01 15:40:24 +02:00
parent 0887586c88
commit 48074a3cbb
2 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
smartgears/smartgears-nginx-frontend/templates/generic-smartgears-virtualhost.j2
View File

@ -1,5 +1,8 @@
server { server {
listen {{ http_port }}; listen {{ http_port }};
{% if letsencrypt_acme_install %}
include /etc/nginx/snippets/letsencrypt-proxy.conf;
{% endif %}
location ~ /\.(?!well-known).* { location ~ /\.(?!well-known).* {
deny all; deny all;
access_log off; access_log off;
@ -14,9 +17,6 @@ server {
server_name _; server_name _;
{% else %} {% else %}
server_name {{ item.servername }} {% if smartgears_nginx_serveraliases is defined %}{% for vh in smartgears_nginx_serveraliases %} {{ vh }}{% endfor %}{% endif %}; server_name {{ item.servername }} {% if smartgears_nginx_serveraliases is defined %}{% for vh in smartgears_nginx_serveraliases %} {{ vh }}{% endfor %}{% endif %};
{% endif %}
{% if letsencrypt_acme_install %}
include /etc/nginx/snippets/letsencrypt-proxy.conf;
{% endif %} {% endif %}
access_log /var/log/nginx/{{ item.servername }}_access.log; access_log /var/log/nginx/{{ item.servername }}_access.log;
error_log /var/log/nginx/{{ item.servername }}_error.log; error_log /var/log/nginx/{{ item.servername }}_error.log;
@ -190,6 +190,13 @@ server {
{% if letsencrypt_acme_install %} {% if letsencrypt_acme_install %}
server { server {
listen {{ https_port }} ssl; listen {{ https_port }} ssl;
location ~ /\.(?!well-known).* {
deny all;
access_log off;
log_not_found off;
return 404;
}
client_max_body_size {{ nginx_client_max_body_size | default('100M') }}; client_max_body_size {{ nginx_client_max_body_size | default('100M') }};
{% if egi_image is defined and egi_image %} {% if egi_image is defined and egi_image %}
# No servername into the EGI images # No servername into the EGI images

15
smartgears/smartgears-nginx-frontend/templates/nginx-smartgears-virtualhost.j2
View File

@ -14,6 +14,10 @@ server {
server_name {{ item.server_name }} {% if item.serveraliases is defined %}{{ item.serveraliases }}{% endif %}; server_name {{ item.server_name }} {% if item.serveraliases is defined %}{{ item.serveraliases }}{% endif %};
{% endif %} {% endif %}
{% if letsencrypt_acme_install %}
include /etc/nginx/snippets/letsencrypt-proxy.conf;
{% endif %}
location ~ /\.(?!well-known).* { location ~ /\.(?!well-known).* {
deny all; deny all;
access_log off; access_log off;
@ -21,10 +25,6 @@ server {
return 404; return 404;
} }
{% if letsencrypt_acme_install %}
include /etc/nginx/snippets/letsencrypt-proxy.conf;
{% endif %}
{% if item.access_log is defined %} {% if item.access_log is defined %}
access_log {{ item.access_log }}; access_log {{ item.access_log }};
{% else %} {% else %}
@ -347,6 +347,13 @@ server {
server_name {{ item.server_name }} {% if item.serveraliases is defined %}{{ item.serveraliases }}{% endif %}; server_name {{ item.server_name }} {% if item.serveraliases is defined %}{{ item.serveraliases }}{% endif %};
{% endif %} {% endif %}
location ~ /\.(?!well-known).* {
deny all;
access_log off;
log_not_found off;
return 404;
}
{% if item.access_log is defined %} {% if item.access_log is defined %}
access_log {{ item.access_log }}; access_log {{ item.access_log }};
{% else %} {% else %}