commit
f5c4218bc2
6 ha cambiato i file con 119 aggiunte e 0 eliminazioni
  1. +3
    -0
      defaults/main.yml
  2. +11
    -0
      handlers/main.yml
  3. +15
    -0
      tasks/main.yml
  4. +14
    -0
      tasks/setup_Debian.yml
  5. +13
    -0
      templates/default-vhost.j2
  6. +63
    -0
      templates/nginx.conf.j2

+ 3
- 0
defaults/main.yml Vedi File

@@ -0,0 +1,3 @@
nginx_worker_processes: 4
nginx_worker_connections: 768
nginx_redirect_to_https: false

+ 11
- 0
handlers/main.yml Vedi File

@@ -0,0 +1,11 @@
---

- name: restart nginx
service:
name: nginx
state: restarted

- name: reload nginx
service:
name: nginx
state: reloaded

+ 15
- 0
tasks/main.yml Vedi File

@@ -0,0 +1,15 @@
---

- include: setup_Debian.yml

- name: nginx.conf
template:
src: nginx.conf.j2
dest: /etc/nginx/nginx.conf
notify: reload nginx

- name: default vhost
template:
src: default-vhost.j2
dest: /etc/nginx/sites-available/default
notify: reload nginx

+ 14
- 0
tasks/setup_Debian.yml Vedi File

@@ -0,0 +1,14 @@
---

- name: install apt packages
apt:
pkg: "{{item}}"
state: present
with_items:
- nginx
- nginx-full

- name: remove default page
file:
path: /var/www/html/index.nginx-debian.html
state: absent

+ 13
- 0
templates/default-vhost.j2 Vedi File

@@ -0,0 +1,13 @@
server {
listen 80 default_server;
listen [::]:80 default_server;

server_name _;

return 404;

location /.well-known/acme-challenge {
default_type "text/plain";
root /var/www/letsencrypt-auto;
}
}

+ 63
- 0
templates/nginx.conf.j2 Vedi File

@@ -0,0 +1,63 @@
user www-data;
worker_processes {{ nginx_worker_processes }};
pid /run/nginx.pid;

events {
worker_connections {{ nginx_worker_connections }};
# multi_accept on;
}

http {

##
# Basic Settings
##

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;

server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-stream;

##
# SSL Settings
##

ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;

##
# Logging Settings
##

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

##
# Gzip Settings
##

gzip on;
gzip_disable "msie6";

# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

##
# Virtual Host Configs
##

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

Loading…
Annulla
Salva