76 lines
2.8 KiB
YAML
76 lines
2.8 KiB
YAML
---
|
|
- ansible.builtin.blockinfile:
|
|
path: /etc/nginx/nginx.conf
|
|
block: |
|
|
upstream storage_nemunaire {
|
|
{% for server in s3_hosts %}
|
|
server {{ server.host }}:{{ server.port | default(9000) }}{% if server.backup is defined and server.backup %} backup{% endif %};
|
|
{% endfor %}
|
|
}
|
|
insertafter: 'http {'
|
|
marker: "# {mark} ANSIBLE MANAGED BLOCK storage_nemunaire"
|
|
|
|
- ansible.builtin.set_fact:
|
|
server: |
|
|
location / {
|
|
gzip on;
|
|
gzip_types application/javascript text/javascript text/css;
|
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header Host $http_host;
|
|
proxy_connect_timeout 300;
|
|
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Connection "";
|
|
proxy_set_header Authorization "";
|
|
proxy_intercept_errors on;
|
|
chunked_transfer_encoding off;
|
|
proxy_pass https://storage_nemunaire/{{ bucket }}{{ path }}/;
|
|
|
|
if ($uri ~ (.css|.js|.jpg|.png|.webp|.ico|.woff|.woff2|.ttf)$) {
|
|
expires max;
|
|
}
|
|
|
|
error_page 404 = @rewrite_proxy;
|
|
{% for error_page in error_pages %}
|
|
{% if error_page != 404 %}
|
|
error_page {{ error_page }} {{ error_pages[error_page] }};
|
|
{% endif %}
|
|
{% endfor %}
|
|
|
|
{% for r in rewrite %}
|
|
rewrite {{ r }};
|
|
{% endfor %}
|
|
}
|
|
location ~ /$ {
|
|
rewrite ^(.*)/ $1/index.html;
|
|
}
|
|
location @rewrite_proxy {
|
|
if ($http_accept ~ "text/html") {
|
|
rewrite ^/(.*)$ /{{ bucket }}{{ path }}{% if always_root is not defined or always_root %}/$1{% endif %}/index.html break;
|
|
}
|
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header Host $http_host;
|
|
proxy_connect_timeout 300;
|
|
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Connection "";
|
|
proxy_set_header Authorization "";
|
|
proxy_intercept_errors on;
|
|
chunked_transfer_encoding off;
|
|
proxy_pass https://storage_nemunaire;
|
|
|
|
{% for error_page in error_pages %}
|
|
error_page {{ error_page }} {{ error_pages[error_page] }};
|
|
{% endfor %}
|
|
}
|
|
when: server is not defined
|
|
|
|
- ansible.builtin.include_role:
|
|
name: re.nemunai.nginx-config-svc
|