Pains-Perdus/nginx
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

fix some stuff, comment other stuff

Browse source
This commit is contained in:
histausse 2022-06-20 23:06:14 +02:00
parent 2667d5affc
commit 898cfa69dc
Signed by: histausse
GPG key ID: 67486F107F62E9E9
4 changed files with 30 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
tasks/main.yml
View file

@ -2,14 +2,13 @@
- name: Install NGINX - name: Install NGINX
apt: apt:
update_cache: true update_cache: true
name: "{{ item }}" name:
- nginx
- 'python3-cryptography'
state: latest state: latest
register: apt_result register: apt_result
retries: 3 retries: 3
until: apt_result is succeeded until: apt_result is succeeded
loop:
- nginx
- "python3-cryptography"
- name: Copy snippets - name: Copy snippets
template: template:
@ -62,6 +61,7 @@
template: template:
src: nginx.conf src: nginx.conf
dest: /etc/nginx/nginx.conf dest: /etc/nginx/nginx.conf
notify: Reload nginx
# TODO: << Manage reverse proxy >> # TODO: << Manage reverse proxy >>
- name: Create the SSL reverse proxy conf - name: Create the SSL reverse proxy conf
@ -71,11 +71,12 @@
force: no force: no
# Manage each http site # Manage each http site
- name: Copy reverse proxy sites - name: Copy Http Servers
template: template:
src: http_server.j2 src: http_server.j2
dest: "/etc/nginx/sites-available/{{ item.key }}" dest: "/etc/nginx/sites-available/{{ item.key }}"
loop: "{{ http_sites | dict2items}}" loop: "{{ http_sites | dict2items}}"
notify: Reload nginx
- name: Use the dummy certificate - name: Use the dummy certificate
file: file:
@ -100,3 +101,4 @@
state: link state: link
force: yes force: yes
loop: "{{ http_sites | dict2items}}" loop: "{{ http_sites | dict2items}}"
notify: Reload nginx

2
templates/folder.js Normal file
View file

@ -0,0 +1,2 @@
root {{ location.value.folder }};
try_files $uri $uri.html $uri/index.html 404;

4
templates/http_server.j2
View file

@ -24,8 +24,8 @@ server {
server { server {
# listen port + ssl # listen port + ssl
{# <- TODO: Allow other ports -> -#} {# <- TODO: Allow other ports -> -#}
listen 443 ssl http2; listen 127.0.0.1:8443 ssl http2;
listen [::]:443 ssl http2; # listen [::]:443 ssl http2;
ssl_certificate /etc/nginx/certs/{{ item.key }}.crt; ssl_certificate /etc/nginx/certs/{{ item.key }}.crt;
ssl_certificate_key /etc/nginx/certs/{{ item.key }}.key; ssl_certificate_key /etc/nginx/certs/{{ item.key }}.key;
{# <- TODO: Allow other ports -> #} {# <- TODO: Allow other ports -> #}

38
templates/nginx.conf
View file

@ -39,23 +39,23 @@ stream {
include /etc/nginx/stream_rp.conf; include /etc/nginx/stream_rp.conf;
# Proxy request from the back end address # Proxy request from the back end address
map $ssl_preread_server_name $name_from_back { # map $ssl_preread_server_name $name_from_back {
acme-v02.api.letsencrypt.org acme; # acme-v02.api.letsencrypt.org acme;
r3.o.lencr.org r3; # r3.o.lencr.org r3;
default self-back; # default self-back;
} # }
upstream acme { # upstream acme {
server acme-v02.api.letsencrypt.org:443; # server acme-v02.api.letsencrypt.org:443;
} # }
upstream r3 { # upstream r3 {
server r3.o.lencr.org:443; # server r3.o.lencr.org:443;
} # }
upstream self-back { # upstream self-back {
server 127.0.0.1:9443; # server 127.0.0.1:9443;
} # }
server { # server {
listen 192.168.10.1:443; # listen 192.168.10.1:443;
proxy_pass $name_from_back; # proxy_pass $name_from_back;
ssl_preread on; # ssl_preread on;
} # }
} }