commit b2d50efdcd68dddc5d0c3e8367bd99d3c136fa7d
parent 9e18855d3398edd9208a9606952a8a56fd4b457f
Author: Leah (ctucx) <leah@ctu.cx>
Date: Tue, 23 Feb 2021 21:22:42 +0100
parent 9e18855d3398edd9208a9606952a8a56fd4b457f
Author: Leah (ctucx) <leah@ctu.cx>
Date: Tue, 23 Feb 2021 21:22:42 +0100
roles/nginx: php support, dirlisting option
4 files changed, 66 insertions(+), 6 deletions(-)
diff --git a/roles/nginx/files/php_fastcgi_params b/roles/nginx/files/php_fastcgi_params @@ -0,0 +1,27 @@ +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name; +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param PATH_INFO $fastcgi_path_info; +fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +fastcgi_param HTTPS $https; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200;
diff --git a/roles/nginx/tasks/configure.yml b/roles/nginx/tasks/configure.yml @@ -41,6 +41,15 @@ mode: 0755 notify: "Restart nginx" +- name: "Create file: /etc/nginx/php_fastcgi_params" + copy: + src: php_fastcgi_params + dest: /etc/nginx/php_fastcgi_params + owner: nginx + group: nginx + mode: 0755 + notify: "Restart nginx" + - name: "Create directory: /etc/nginx/passwd" file: path: /etc/nginx/passwd
diff --git a/roles/nginx/tasks/vhosts.yml b/roles/nginx/tasks/vhosts.yml @@ -25,8 +25,6 @@ register: nginx_vhosts check_mode: no changed_when: false - when: - - services.acme_redirect.certs is defined - name: "Remove unmanaged files in directory: /etc/nginx/vhosts" file:
diff --git a/roles/nginx/templates/vhost.conf.j2 b/roles/nginx/templates/vhost.conf.j2 @@ -14,11 +14,11 @@ server { server_name {{item.key}}; - {% if item.value.root is defined %} root {{ item.value.root }}; {% endif %} + {% if item.value.locations is defined %} {% for location in item.value.locations %} location {{ location.path }} { {% if location.proxy is defined %} @@ -27,12 +27,25 @@ server { {% endif %} {% if location.root is defined %} root {{ location.root }}; - {% endif %} + {% endif %} + {% if location.directoryListing is true %} + autoindex on; + autoindex_exact_size off; + {% endif %} {% if location.extraConfig is defined %} {{ location.extraConfig }} {% endif %} } {% endfor %} + {% endif %} + + {% if item.value.enablePhpSupport is true %} + location ~ \.php$ { + fastcgi_pass unix:{{ item.value.phpSocket | default("/run/php-fpm/php-fpm.sock") }}; + fastcgi_index index.php; + include php_fastcgi_params; + } + {% endif %} {% if item.value.extraConfig is defined %} {{ item.value.extraConfig }} @@ -56,11 +69,11 @@ server { ssl_certificate_key "{{ item.value.ssl.privkey }}"; include /etc/nginx/ssl.conf; - {% if item.value.root is defined %} root {{ item.value.root }}; {% endif %} + {% if item.value.locations is defined %} {% for location in item.value.locations %} location {{ location.path }} { {% if location.proxy is defined %} @@ -69,12 +82,25 @@ server { {% endif %} {% if location.root is defined %} root {{ location.root }}; - {% endif %} + {% endif %} + {% if location.directoryListing is true %} + autoindex on; + autoindex_exact_size off; + {% endif %} {% if location.extraConfig is defined %} {{ location.extraConfig }} {% endif %} } {% endfor %} + {% endif %} + + {% if item.value.enablePhpSupport is true %} + location ~ \.php$ { + fastcgi_pass unix:{{ item.value.phpSocket | default("/run/php-fpm/php-fpm.sock") }}; + fastcgi_index index.php; + include php_fastcgi_params; + } + {% endif %} {% if item.value.extraConfig is defined %} {{ item.value.extraConfig }}