Files @ 32f61f233098
Branch filter:

Location: majic-ansible-roles/roles/web_server/templates/nginx-default.j2

32f61f233098 1.1 KiB text/plain Show Annotation Show as Raw Download as Raw
branko
Noticket: Fixed documentation and examples for CA certificate deployment in common role. Fixed usage instructions, mainly some syntax changes and more explicit listing of parameters and such. Fixed path to truststore file for mail_forwarder role. Fixed testsite configurtion for CA certificates.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
#
# Default server (vhost) configuration.
#
{% if default_enforce_https -%}
server {
    # HTTP (plaintext) configuration.
    listen 80 default_server;
    listen [::]:80 default_server;

    # Set server_name to something that won't be matched (for default server).
    server_name _;

    # Redirect plaintext connections to HTTPS
    return 301 https://$host$request_uri;
}

{% endif -%}
server {
{% if not default_enforce_https %}
    # HTTP (plaintext) configuration.
    listen 80 default_server;
    listen [::]:80 default_server;

{% endif %}
    # HTTPS (TLS) configuration.
    listen 443 ssl default_server;
    listen [::]:443 ssl default_server;
    ssl_certificate_key /etc/ssl/private/{{ ansible_fqdn }}_https.key;
    ssl_certificate /etc/ssl/certs/{{ ansible_fqdn }}_https.pem;

    # Set-up the serving of default page.
    root /var/www/default/;
    index index.html;

    # Set server_name to something that won't be matched (for default server).
    server_name _;

    location / {
        # Always point user to the same index page.
        try_files $uri /index.html;
    }
}
This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3.