Update nginx template for Ansible role

2019-08-29 05:51:11 +00:00 · 2019-08-29 05:51:11 +00:00 · c7fc3b8f43
commit c7fc3b8f43
parent 8669c9a0df
2 changed files with 46 additions and 76 deletions
--- a/ansible/roles/nginx/files/nginx.conf
+++ b/ansible/roles/nginx/files/nginx.conf
@ -2,87 +2,54 @@ user www-data;
 worker_processes auto;
 pid /run/nginx.pid;

-events {
-        worker_connections 768;
-        # multi_accept on;
-}
+events { }

 http {
+  include mime.types;

-        ##
-        # Basic Settings
-        ##
+  # Basic Server Configuration
+  server {
+    listen 80;
+    server_tokens off;
+    server_name localhost;
    
-        sendfile on;
-        tcp_nopush on;
-        tcp_nodelay on;
-        keepalive_timeout 65;
-        types_hash_max_size 2048;
-        # server_tokens off;
-
-        # server_names_hash_bucket_size 64;
-        # server_name_in_redirect off;
-
-        include /etc/nginx/mime.types;
-
-default_type application/octet-stream;
-
-        ##
-        # SSL Settings
-        ##
-
-        ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
-        ssl_prefer_server_ciphers on;
-
-        ##
-        # Logging Settings
-        ##
-
-        access_log /var/log/nginx/access.log;
-        error_log /var/log/nginx/error.log;
-
-        ##
-        # Gzip Settings
-        ##
-
-        gzip on;
-        gzip_disable "msie6";
-
-        # gzip_vary on;
-        # gzip_proxied any;
-        # gzip_comp_level 6;
-        # gzip_buffers 16 8k;
-
-
-        # gzip_http_version 1.1;
-        # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
-
-        ##
-        # Virtual Host Configs
-        ##
-
-        include /etc/nginx/conf.d/*.conf;
-        include /etc/nginx/sites-enabled/*;
+    location / {
+      root /var/www/html;
+      index index.html index.htm;
    }
    
+    # Uncomment to pass for SSL
+    #return 301 https://$host$request_uri;
+  }
+}

-#mail {
-#       # See sample authentication script at:
-#       # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
-# 
-#       # auth_http localhost/auth.php;
-#       # pop3_capabilities "TOP" "USER";
-#       # imap_capabilities "IMAP4rev1" "UIDPLUS";
-# 
+  # Terminate SSL and route traffic
 #  server {
-#               listen     localhost:110;
-#               protocol   pop3;
-#               proxy      on;
+#    server_name localhost;
+#    server_tokens off;
+#
+    # SSL Settings
+#    listen 443 ssl;
+#    ssl_certificate /etc/letsencrypt/live/www.domain.com/fullchain.pem;
+#    ssl_certificate_key /etc/letsencrypt/live/www.domain.com/privkey.pem;
+#    include /etc/letsencrypt/options-ssl-nginx.conf;
+#    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+
+#    location / {
+#      include proxy_params;
+#      proxy_pass http://0.0.0.0:8080/;
+#    }
+#  }
+
+# Private subdomain for routing custom ssh port
+#  server {
+#    server_name sub.domain.com;
+#    server_tokens off;
+#    
+#    location / {
+#      include proxy_params;
+#      proxy_pass http://0.0.0.0:3333;
 #  }
 # 
-#       server {
-#               listen     localhost:143;
-#               protocol   imap;
-#               proxy      on;
-#       }
 #}
+
--- a/ansible/roles/nginx/tasks/service.yml
+++ b/ansible/roles/nginx/tasks/service.yml
@ -0,0 +1,3 @@
+---
+- name: Start and enable nginx service
+  service: name=nginx state=restarted enabled=yes