vhost.conf.j2 - ansible-configs

1 
2 
3 
4 
5 
6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
16 
17 
18 
19 
20 
21 
22 
23 
24 
25 
26 
27 
28 
29 
30 
31 
32 
33 
34 
35 
36 
37 
38 
39 
40 
41 
42 
43 
44 
45 
46 
47 
48 
49 
50 
51 
52 
53 
54 
55 
56 
57 
58 
59 
60 
61 
62 
63 
64 
65 
66 
67 
68 
69 
70 
71 
72 
73 
74 
75 
76 
77 
78 
79 
80 
81 
82 
83 
84 
85 
86 
87 
88 
89 
90 
91 
92 
93 
94 
95 
96 
97 
98 
99 
100 
101 
102 
103 
104 
105 
106 
107 
108 
109 
110 
111 
112 
113 
114 
115 
116 
117 
118 
119 
120 
121 
122 
123 
124 
125 
126 
127 
128 
129 
130 
131 
132 
133 
134 
135 
136 
137 
138 
139 
140 
141 #
# !!! This file is managed by Ansible !!!
#

{% if services.nginx.sslOnly is not defined or services.nginx.sslOnly is false %}
server {
	{% if item.value.defaultServer is defined and item.value.defaultServer is true%}
	listen 80 default_server;
	listen [::]:80 default_server;
	{% else %}
	listen 80;
	listen [::]:80;
	{% endif %}

	server_name {{item.key}};

	{% if item.value.root is defined %}
	root {{ item.value.root }};
	{% endif %}	

	{% if item.value.index is defined %}
	index {{ item.value.index }};
	{% else %}
	{% if item.value.enablePhpSupport is true %}
	index index.php index.html;
	{% endif %}
	{% endif %}

	{% if item.value.locations is defined %}
	{% for location in item.value.locations %}
	location {{ location.path }} {
		{% if location.proxy is defined %}
		proxy_pass {{ location.proxy }};
		include /etc/nginx/proxy.conf;
		{% endif %}

		{% if location.root is defined %}
		root {{ location.root }};
		{% endif %}

		{% if location.directoryListing is true %}
		autoindex on;
		autoindex_exact_size off;
		{% endif %}

		{% if location.basicAuth is defined %}
		auth_basic "{{ location.basicAuthReason | default('Authorization required') }}";
		auth_basic_user_file {{ location.basicAuth }};
		{% endif %}

		{% if location.extraConfig is defined %}
		{{ location.extraConfig }}
		{% endif %}
	}
	{% endfor %}
	{% endif %}

	{% if item.value.enablePhpSupport is true %}
	location ~ \.php$ {
		fastcgi_pass unix:{{ item.value.phpSocket | default("/run/php-fpm/php-fpm.sock") }};
		fastcgi_index index.php;
		include php_fastcgi_params;
	}
	{% endif %}

	{% if item.value.extraConfig is defined %}
	{{ item.value.extraConfig }}
	{% endif %}
}

{% endif %}
{% if item.value.ssl.enable is defined and item.value.ssl.enable is true %}
server {
	{% if item.value.defaultServer is defined and item.value.defaultServer is true%}
	listen 443 ssl default_server;
	listen [::]:443 ssl default_server;
	{% else %}
	listen 443 ssl;
	listen [::]:443 ssl;
	{% endif %}

	server_name {{item.key}};

	ssl_certificate     "{{ item.value.ssl.cert }}";
	ssl_certificate_key "{{ item.value.ssl.privkey }}";
	include /etc/nginx/ssl.conf;

	{% if item.value.root is defined %}
	root {{ item.value.root }};
	{% endif %}	

	{% if item.value.index is defined %}
	index {{ item.value.index }};
	{% else %}
	{% if item.value.enablePhpSupport is true %}
	index index.php index.html;
	{% endif %}
	{% endif %}

	{% if item.value.locations is defined %}
	{% for location in item.value.locations %}
	location {{ location.path }} {
		{% if location.proxy is defined %}
		proxy_pass {{ location.proxy }};
		include /etc/nginx/proxy.conf;
		{% endif %}

		{% if location.root is defined %}
		root {{ location.root }};
		{% endif %}

		{% if location.directoryListing is true %}
		autoindex on;
		autoindex_exact_size off;
		{% endif %}

		{% if location.basicAuth is defined %}
		auth_basic "{{ location.basicAuthReason | default('Authorization required') }}";
		auth_basic_user_file {{ location.basicAuth }};
		{% endif %}

		{% if location.extraConfig is defined %}
		{{ location.extraConfig }}
		{% endif %}
	}
	{% endfor %}
	{% endif %}

	{% if item.value.enablePhpSupport is true %}
	location ~ \.php$ {
		fastcgi_pass unix:{{ item.value.phpSocket | default("/run/php-fpm/php-fpm.sock") }};
		fastcgi_index index.php;
		include php_fastcgi_params;
	}
	{% endif %}

	{% if item.value.extraConfig is defined %}
	{{ item.value.extraConfig }}
	{% endif %}
}
{% endif %}