Files
@ b68d19ad38a3
Branch filter:
Location: majic-ansible-roles/roles/php_website/templates/nginx_site.j2 - annotation
b68d19ad38a3
2.4 KiB
text/plain
MAR-33: Added initial scaffolding for wsgi_website tests:
- Added Molecule configuration file.
- Implemented test playbook that sets-up three separate instances of WSGI
website in order to test all variations of parameters.
- Added name for the set_fact task.
- Fixed linting errors related to mode that lacks leading zero.
- Added skip_ansible_lint tag for command that creates the Python virtual
environment.
- Added missing become keyword wherever become_user is specified.
- Fixed invalid parameter name for specifying if HTTPS should be enforced or
not.
- Added small initial sample WSGI apps that get deployed.
- Added static/media sample files.
- Added TLS material.
- Added initial dummy test file.
- Added Molecule configuration file.
- Implemented test playbook that sets-up three separate instances of WSGI
website in order to test all variations of parameters.
- Added name for the set_fact task.
- Fixed linting errors related to mode that lacks leading zero.
- Added skip_ansible_lint tag for command that creates the Python virtual
environment.
- Added missing become keyword wherever become_user is specified.
- Fixed invalid parameter name for specifying if HTTPS should be enforced or
not.
- Added small initial sample WSGI apps that get deployed.
- Added static/media sample files.
- Added TLS material.
- Added initial dummy test file.
dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 dfb91e411e40 7727c37bce67 40473a82c752 7727c37bce67 40473a82c752 7727c37bce67 dfb91e411e40 7727c37bce67 d26fe0368a4b d26fe0368a4b d26fe0368a4b dfb91e411e40 d26fe0368a4b d26fe0368a4b d26fe0368a4b 18cd76ec050d 18cd76ec050d d26fe0368a4b 3dd7f39302f8 3352797ee517 3352797ee517 3352797ee517 3352797ee517 3352797ee517 1b05bae8e440 1b05bae8e440 1b05bae8e440 1b05bae8e440 1b05bae8e440 7f8ef577fa2c 40473a82c752 7727c37bce67 7727c37bce67 7f8ef577fa2c 7f8ef577fa2c 7727c37bce67 40473a82c752 7727c37bce67 40473a82c752 7727c37bce67 7727c37bce67 7727c37bce67 7f8ef577fa2c 40473a82c752 40473a82c752 40473a82c752 40473a82c752 40473a82c752 40473a82c752 40473a82c752 7727c37bce67 40473a82c752 222008c85003 97be416e882e 40473a82c752 40473a82c752 40473a82c752 40473a82c752 40473a82c752 7f8ef577fa2c 7f8ef577fa2c 7f8ef577fa2c 7727c37bce67 7f8ef577fa2c 7727c37bce67 4ca98a158269 4ca98a158269 4ca98a158269 4ca98a158269 4f7054d023b6 4ca98a158269 4ca98a158269 7727c37bce67 7727c37bce67 7727c37bce67 | {% if enforce_https -%}
server {
# HTTP (plaintext) configuration.
listen 80;
server_name {{ fqdn }};
# Redirect plaintext connections to HTTPS
return 301 https://$host$request_uri;
}
{% endif -%}
server {
# Base settings.
root {{ home }}/htdocs/;
index {{ index }};
server_name {{ fqdn }};
{% if not enforce_https %}
# HTTP (plaintext) configuration.
listen 80;
{% endif %}
# HTTPS (TLS) configuration.
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate_key /etc/ssl/private/{{ fqdn }}_https.key;
ssl_certificate /etc/ssl/certs/{{ fqdn }}_https.pem;
{% if enforce_https -%}
# Set-up HSTS header for preventing downgrades for users that visited the
# site via HTTPS at least once.
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
{% endif -%}
{% for config in additional_nginx_config -%}
# {{ config.comment }}
{{ config.value }}
{% endfor -%}
{% if rewrites -%}
# Generic URL rewrites.
{% for rewrite in rewrites -%}
rewrite {{ rewrite }};
{% endfor -%}
{% endif %}
{% if deny_files_regex -%}
# Deny access to user-specified files.
{% for regex in deny_files_regex -%}
location ~ {{ regex }} {
deny all;
}
{% endfor -%}
{% endif %}
# Interpret PHP files via FastCGI.
location ~ {{ php_file_regex }} {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php5-fpm/{{ fqdn }}.sock;
}
# Serve the files.
location ~ /(.+) {
try_files $uri $uri/{% if php_rewrite_urls %} @php_rewrite{% else %} =404{% endif %};
}
{% if php_rewrite_urls -%}
# Apply URL rewrites.
location @php_rewrite {
{% for rewrite in php_rewrite_urls %}
rewrite {{ rewrite }};
{% endfor -%}
}
{% endif -%}
{% if environment_indicator -%}
# Show environment indicator on HTML pages.
sub_filter_types text/html;
sub_filter_once on;
sub_filter "</body>" "<div id='website-environment' style='background-color: {{ environment_indicator.background_colour }}; width: 100%; text-align: center; position: fixed; bottom: 5px; color: {{ environment_indicator.text_colour }}; font-weight: bold; z-index: 999999;'>{{ environment_indicator.text }}</div></body>";
{% endif -%}
access_log /var/log/nginx/{{ fqdn }}-access.log;
error_log /var/log/nginx/{{ fqdn }}-error.log;
}
|