ansible/ansible-role-nginx
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Patrick Jaroszewski
2026-06-24 17:29:12 -04:00
commit 72b96c06a4
15 changed files with 470 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
templates/conf.d/resolver.conf.j2
+4
View File
@@ -0,0 +1,4 @@
# /etc/nginx/conf.d/resolver.conf
# Global DNS resolver for runtime lookups (OCSP stapling, runtime proxy_pass).
resolver {{ nginx_resolver }};
resolver_timeout {{ nginx_resolver_timeout }};
templates/nginx-site.conf.j2
Executable
+60
View File
@@ -0,0 +1,60 @@
{%- if (item.ssl | default(true)) and not (item.allow_http | default(false)) %}
server {
listen {{ item.http_port | default(80) }};
listen [::]:{{ item.http_port | default(80) }};
server_name{% for domain_name in item.domain_names %} {{ domain_name }}{% endfor %};
return 301 https://$host$request_uri;
}
{% endif -%}
server {
{%- if item.ssl | default(true) %}
listen {{ item.https_port | default(443) }} ssl http2;
listen [::]:{{ item.https_port | default(443) }} ssl http2;
{%- if item.allow_http | default(false) %}
listen {{ item.http_port | default(80) }};
listen [::]:{{ item.http_port | default(80) }};
{%- endif %}
{%- else %}
listen {{ item.http_port | default(80) }};
listen [::]:{{ item.http_port | default(80) }};
{%- endif %}
server_name{% for domain_name in item.domain_names %} {{ domain_name }}{% endfor %};
# Set proxy headers
include {{ nginx_snippets_path }}/proxy-headers.conf;
{%- if item.ssl | default(true) %}
# SSL certificate and parameters
ssl_certificate {{ item.ssl_certificate | default(nginx_ssl_certificate) }};
ssl_certificate_key {{ item.ssl_certificate_key | default(nginx_ssl_certificate_key) }};
include {{ nginx_snippets_path }}/ssl-params.conf;
{%- endif %}
{%- if item.websockets | default(false) %}
# Enable websockets
include {{ nginx_snippets_path }}/websockets.conf;
{%- endif %}
{%- if item.max_upload_size | default(false) %}
# Max upload size
client_max_body_size {{ item.max_upload_size }};
{%- endif %}
{%- if item.extra_parameters | default(false) %}
{{ item.extra_parameters }}
{%- endif %}
location / {
proxy_pass {{ item.upstream_url }};
}
}
templates/site-configs/default.conf.j2
+20
View File
@@ -0,0 +1,20 @@
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
# Redirect all HTTP requests to HTTPS via a 301 response
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name _;
ssl_certificate {{ nginx_ssl_certificate }};
ssl_certificate_key {{ nginx_ssl_certificate_key }};
include {{ nginx_snippets_path }}/ssl-params.conf;
return 404;
}