ansible-roles/nginx/templates/evolinux-default.conf.j2

server {

    listen [::]:80;
    listen 80;
    server_name {{ ansible_fqdn }};
    return 301 https://{{ ansible_fqdn }}$request_uri;
}
server {

    listen 443 ssl;
    # listen [::]:80 default_server ipv6only=on; ## listen for ipv6

    ssl_certificate /etc/ssl/certs/{{ ansible_fqdn }}.crt;
    ssl_certificate_key /etc/ssl/private/{{ ansible_fqdn }}.key;

    server_name {{ ansible_fqdn }};
    index index.htm index.html index.php;

    access_log  /var/log/nginx/access.log;
    error_log  /var/log/nginx/error.log;
    error_page 403 {{ nginx_default_redirect_url }};

    root /var/www;

    # Auth.
    include /etc/nginx/snippets/ipaddr_whitelist;
    auth_basic "Reserved {{ ansible_fqdn }}";
    auth_basic_user_file /etc/nginx/snippets/private_htpasswd;
    satisfy any;

    location / {
        index  index.html index.htm;
    }

    location /munin/ {
        alias   /var/cache/munin/www/;
    }

    location ^~ /munin-cgi/munin-cgi-graph/ {
        fastcgi_split_path_info ^(/munin-cgi/munin-cgi-graph)(.*);
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_pass unix:/var/run/munin/spawn-fcgi-munin-graph.sock;
        include fastcgi_params;
    }
}

server {
    listen 80;
    server_name munin;

    location /nginx_status {
        stub_status on;
        access_log off;
    }
}
add an nginx role 2016-09-30 10:59:00 +02:00			`server {`

			`listen [::]:80;`
			`listen 80;`
			`server_name {{ ansible_fqdn }};`
			`return 301 https://{{ ansible_fqdn }}$request_uri;`
			`}`
			`server {`

nginx: disable spdy in default vhost 2017-08-04 18:58:24 +02:00			`listen 443 ssl;`
add an nginx role 2016-09-30 10:59:00 +02:00			`# listen [::]:80 default_server ipv6only=on; ## listen for ipv6`

			`ssl_certificate /etc/ssl/certs/{{ ansible_fqdn }}.crt;`
			`ssl_certificate_key /etc/ssl/private/{{ ansible_fqdn }}.key;`

			`server_name {{ ansible_fqdn }};`
			`index index.htm index.html index.php;`

			`access_log /var/log/nginx/access.log;`
			`error_log /var/log/nginx/error.log;`
Split default vhost into nginx ad apache roles 2017-07-05 18:22:00 +02:00			`error_page 403 {{ nginx_default_redirect_url }};`
add an nginx role 2016-09-30 10:59:00 +02:00
			`root /var/www;`

			`# Auth.`
Apache/Nginx: use ipaddr_whitelist 2017-10-07 13:48:04 +02:00			`include /etc/nginx/snippets/ipaddr_whitelist;`
add an nginx role 2016-09-30 10:59:00 +02:00			`auth_basic "Reserved {{ ansible_fqdn }}";`
			`auth_basic_user_file /etc/nginx/snippets/private_htpasswd;`
			`satisfy any;`

			`location / {`
			`index index.html index.htm;`
			`}`

			`location /munin/ {`
			`alias /var/cache/munin/www/;`
			`}`

			`location ^~ /munin-cgi/munin-cgi-graph/ {`
			`fastcgi_split_path_info ^(/munin-cgi/munin-cgi-graph)(.*);`
			`fastcgi_param PATH_INFO $fastcgi_path_info;`
			`fastcgi_pass unix:/var/run/munin/spawn-fcgi-munin-graph.sock;`
			`include fastcgi_params;`
			`}`
			`}`

			`server {`
			`listen 80;`
			`server_name munin;`

			`location /nginx_status {`
			`stub_status on;`
			`access_log off;`
			`}`
			`}`