Files
@ a20ca43cd967
Branch filter:
Location: majic-ansible-roles/roles/web_server/templates/nginx-default.j2 - annotation
a20ca43cd967
1.3 KiB
text/plain
MAR-134: Fix Ansible warning about use of apt and with_items:
- The apt module can accept list of names already, and with_items is
considered to be deprecated in this regard (otherwise it would
end-up running one apt command per item).
- Changed multiple roles where apt was used together along with_items.
- The apt module can accept list of names already, and with_items is
considered to be deprecated in this regard (otherwise it would
end-up running one apt command per item).
- Changed multiple roles where apt was used together along with_items.
373cdfe71c66 373cdfe71c66 373cdfe71c66 dfb91e411e40 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 373cdfe71c66 373cdfe71c66 373cdfe71c66 18cd76ec050d 18cd76ec050d 373cdfe71c66 3352797ee517 3352797ee517 3352797ee517 3352797ee517 3352797ee517 3352797ee517 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 373cdfe71c66 | #
# Default server (vhost) configuration.
#
{% if default_enforce_https -%}
server {
# HTTP (plaintext) configuration.
listen 80 default_server;
listen [::]:80 default_server;
# Set server_name to something that won't be matched (for default server).
server_name _;
# Redirect plaintext connections to HTTPS
return 301 https://$host$request_uri;
}
{% endif -%}
server {
{% if not default_enforce_https %}
# HTTP (plaintext) configuration.
listen 80 default_server;
listen [::]:80 default_server;
{% endif %}
# HTTPS (TLS) configuration.
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate_key /etc/ssl/private/{{ ansible_fqdn }}_https.key;
ssl_certificate /etc/ssl/certs/{{ ansible_fqdn }}_https.pem;
{% if default_enforce_https %}
# Set-up HSTS header for preventing downgrades for users that visited the
# site via HTTPS at least once.
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
{% endif %}
# Set-up the serving of default page.
root /var/www/default/;
index index.html;
# Set server_name to something that won't be matched (for default server).
server_name _;
location / {
# Always point user to the same index page.
try_files $uri /index.html;
}
}
|