+ non-www redirect nginx script (with todo)
+ domain_name & refactored nginx variables for resolve connect of www-domain logic and redirect to or from * some installs have error after login to non-privileged user with starship $-symbol - correct escaped function for that + use separate domain for pma nginx config based on new domain_name variable (defined in nginx vars file) * update database example vars (use inventory dir path and bz2 by default) #861m7vaer Шаблон операционной системы на Debian 10
This commit is contained in:
@ -1,13 +1,16 @@
|
||||
server {
|
||||
listen 80;
|
||||
listen 443 ssl;
|
||||
ssl_certificate /etc/letsencrypt/tmp/domain/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/tmp/domain/privkey.pem;
|
||||
|
||||
server_name domain;
|
||||
|
||||
location / {
|
||||
proxy_pass https://site_name;
|
||||
proxy_pass https://lxc;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
}
|
||||
listen 443 ssl;
|
||||
ssl_certificate /etc/letsencrypt/tmp/domain/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/tmp/domain/privkey.pem;
|
||||
}
|
||||
# TODO: example site.auth.conf
|
17
playbooks/debops/files/etc/nginx/includes.d/non-www.conf
Normal file
17
playbooks/debops/files/etc/nginx/includes.d/non-www.conf
Normal file
@ -0,0 +1,17 @@
|
||||
error_page 418 = @nonwww;
|
||||
set $nonwww "";
|
||||
if ( $http_host ~* "^www\.") {
|
||||
set $nonwww "${nonwww}0";
|
||||
}
|
||||
if ( $nonwww ~* "^0+$" ) {
|
||||
return 418;
|
||||
}
|
||||
# TODO: map need moved to conf.d
|
||||
map $host $tld {
|
||||
default $host;
|
||||
'~^www\.(?<domain>.*)$' $domain;
|
||||
}
|
||||
location @nonwww {
|
||||
rewrite ^ https://$tld$request_uri permanent;
|
||||
}
|
||||
|
@ -24,8 +24,10 @@
|
||||
# nginx_webroot_create: False
|
||||
nginx_ocsp: False
|
||||
nginx_worker_processes: auto
|
||||
nginx_manage_ipv6only: False
|
||||
# TODO: Replace [::]:443 to 443 and [::]:80 to 80 in site nginx config
|
||||
nginx__servers:
|
||||
- name: '{{ site_name }}'
|
||||
- name: '{{ domain_name }}'
|
||||
|
||||
type: php
|
||||
|
||||
@ -64,7 +66,8 @@
|
||||
nginx_includes_begin: "{{ (nginx_includes_begin | default([])) | union([item]) }}"
|
||||
when: item != omit
|
||||
loop:
|
||||
- "{{ (nginx_www_redirect | default(False)) | ternary('includes.d/www.conf', omit) }}"
|
||||
- "{{ (nginx_www_domain and nginx_www_redirect == 'www') | ternary('includes.d/www.conf', omit) }}"
|
||||
- "{{ (nginx_www_domain and nginx_www_redirect == 'non-www') | ternary('includes.d/non-www.conf', omit) }}"
|
||||
- includes.d/octobercms.conf
|
||||
- includes.d/staticfiles.conf
|
||||
|
||||
|
@ -21,7 +21,7 @@
|
||||
post_tasks:
|
||||
- name: Change starship character to dollar sign
|
||||
shell: |
|
||||
sed -i 's/#/\\\\$/g' /home/{{ site_name }}/.config/starship.toml
|
||||
sed -i 's/#/\\$/g' /home/{{ site_name }}/.config/starship.toml
|
||||
args:
|
||||
executable: /bin/bash
|
||||
|
||||
|
Reference in New Issue
Block a user