Update nginx template for Ansible role

2019-08-29 05:51:11 +00:00 · 2019-08-29 05:51:11 +00:00 · c7fc3b8f43
commit c7fc3b8f43
parent 8669c9a0df
2 changed files with 46 additions and 76 deletions
--- a/ansible/roles/nginx/files/nginx.conf
+++ b/ansible/roles/nginx/files/nginx.conf
@ -2,87 +2,54 @@ user www-data;
 worker_processes auto;
 pid /run/nginx.pid;
-events {
+events { }
        worker_connections 768;
        # multi_accept on;
 }
 http {
  include mime.types;
-        ##
+  # Basic Server Configuration
-        # Basic Settings
+  server {
-        ##
+    listen 80;
    server_tokens off;
    server_name localhost;
-        sendfile on;
+    location / {
-        tcp_nopush on;
+      root /var/www/html;
-        tcp_nodelay on;
+      index index.html index.htm;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        # server_tokens off;
        # server_names_hash_bucket_size 64;
        # server_name_in_redirect off;
        include /etc/nginx/mime.types;
 default_type application/octet-stream;
        ##
        # SSL Settings
        ##
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
        ssl_prefer_server_ciphers on;
        ##
        # Logging Settings
        ##
        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;
        ##
        # Gzip Settings
        ##
        gzip on;
        gzip_disable "msie6";
        # gzip_vary on;
        # gzip_proxied any;
        # gzip_comp_level 6;
        # gzip_buffers 16 8k;
        # gzip_http_version 1.1;
        # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
        ##
        # Virtual Host Configs
        ##
        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
    }
    # Uncomment to pass for SSL
    #return 301 https://$host$request_uri;
  }
 }
-#mail {
+  # Terminate SSL and route traffic
 #       # See sample authentication script at:
 #       # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
 # 
 #       # auth_http localhost/auth.php;
 #       # pop3_capabilities "TOP" "USER";
 #       # imap_capabilities "IMAP4rev1" "UIDPLUS";
 # 
 #  server {
-#               listen     localhost:110;
+#    server_name localhost;
-#               protocol   pop3;
+#    server_tokens off;
-#               proxy      on;
+#
    # SSL Settings
 #    listen 443 ssl;
 #    ssl_certificate /etc/letsencrypt/live/www.domain.com/fullchain.pem;
 #    ssl_certificate_key /etc/letsencrypt/live/www.domain.com/privkey.pem;
 #    include /etc/letsencrypt/options-ssl-nginx.conf;
 #    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
 #    location / {
 #      include proxy_params;
 #      proxy_pass http://0.0.0.0:8080/;
 #    }
 #  }
 # Private subdomain for routing custom ssh port
 #  server {
 #    server_name sub.domain.com;
 #    server_tokens off;
 #    
 #    location / {
 #      include proxy_params;
 #      proxy_pass http://0.0.0.0:3333;
 #  }
 # 
 #       server {
 #               listen     localhost:143;
 #               protocol   imap;
 #               proxy      on;
 #       }
 #}
--- a/ansible/roles/nginx/tasks/service.yml
+++ b/ansible/roles/nginx/tasks/service.yml
@ -0,0 +1,3 @@
 ---
 - name: Start and enable nginx service
  service: name=nginx state=restarted enabled=yes