Include initial http conf
This commit is contained in:
parent
b5f1f01f56
commit
53ace38e79
2
defaults/main.yml
Normal file
2
defaults/main.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
---
|
||||||
|
version: latest
|
||||||
5
handlers/main.yml
Normal file
5
handlers/main.yml
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
---
|
||||||
|
- name: reload nginx
|
||||||
|
docker_container_exec:
|
||||||
|
container: hubdmz
|
||||||
|
command: nginx -s reload
|
||||||
@ -3,13 +3,41 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "/var/lib/hubdmz/conf.d/"
|
path: "/var/lib/hubdmz/conf.d/"
|
||||||
state: directory
|
state: directory
|
||||||
- name: ensure http.d directory exists
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "/var/lib/hubdmz/http.d/"
|
|
||||||
state: directory
|
|
||||||
|
|
||||||
- name: configure nginx with stream module
|
- name: configure nginx with stream module
|
||||||
template:
|
template:
|
||||||
src: nginx.conf.j2
|
src: nginx.conf.j2
|
||||||
dest: "/var/lib/hubdmz/conf.d/stream.conf"
|
dest: "/var/lib/hubdmz/conf.d/stream.conf"
|
||||||
mode: 0644
|
mode: 0644
|
||||||
|
notify: reload nginx
|
||||||
|
|
||||||
|
- name: ensure http.d directory exists
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "/var/lib/hubdmz/http.d/"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: configure nginx with a default host
|
||||||
|
template:
|
||||||
|
src: http.conf.j2
|
||||||
|
dest: "/var/lib/hubdmz/http.d/00-default.conf"
|
||||||
|
mode: 0644
|
||||||
|
notify: reload nginx
|
||||||
|
|
||||||
|
- name: launch hubdmz container
|
||||||
|
docker_container:
|
||||||
|
name: "hubdmz"
|
||||||
|
image: "registry.nemunai.re/hubdmz:{{ version }}"
|
||||||
|
pull: true
|
||||||
|
volumes:
|
||||||
|
- "/var/lib/hubdmz/conf.d/:/etc/nginx/conf.d/"
|
||||||
|
- "/var/lib/hubdmz/http.d/:/etc/nginx/http.d/"
|
||||||
|
state: "started"
|
||||||
|
memory: 512M
|
||||||
|
published_ports:
|
||||||
|
- "80:80"
|
||||||
|
- "443:443"
|
||||||
|
log_driver: syslog
|
||||||
|
log_options:
|
||||||
|
syslog-address: unixgram:///dev/log
|
||||||
|
syslog-facility: daemon
|
||||||
|
tag: "hubdmz"
|
||||||
|
|||||||
25
templates/http.conf.j2
Normal file
25
templates/http.conf.j2
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=STATIC:10m inactive=24h max_size=1g;
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 80 default_server;
|
||||||
|
listen [::]:80 default_server;
|
||||||
|
|
||||||
|
server_name ouaset.masr.nemunai.re _;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
rewrite ^ https://$server_name$request_uri permanent;
|
||||||
|
}
|
||||||
|
|
||||||
|
location /server_status {
|
||||||
|
stub_status on;
|
||||||
|
allow 127.0.0.1;
|
||||||
|
allow ::1;
|
||||||
|
allow 192.168.0.0/16;
|
||||||
|
allow 82.64.151.41;
|
||||||
|
allow 82.64.31.248;
|
||||||
|
allow 2a01:e0a:2b:2250::/64;
|
||||||
|
allow 2a01:e0a:518:830::/64;
|
||||||
|
allow fe80::/64;
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue
Block a user