Mercurial > hg > Members > anatofuz > wordpress_ansible

changeset 26:404c414506d2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
add nginx.conf
author anatofuz <anatofuz@cr.ie.u-ryukyu.ac.jp>
date Thu, 03 Sep 2020 11:20:27 +0900
parents 05b388a02cfc
children 1f1ecee8072b
files roles/install-nginx/files/nginx.conf roles/install-nginx/tasks/main.yml
diffstat 2 files changed, 102 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/roles/install-nginx/files/nginx.conf	Thu Sep 03 11:20:27 2020 +0900
@@ -0,0 +1,90 @@
+user nginx;
+worker_processes auto;
+pid /run/nginx.pid;
+include /usr/share/nginx/modules/*.conf;
+
+events {
+	worker_connections 1024;
+	# multi_accept on;
+}
+
+http {
+
+	##
+	# Basic Settings
+	##
+
+	sendfile on;
+	tcp_nopush on;
+	tcp_nodelay on;
+	keepalive_timeout 65;
+	types_hash_max_size 4096;
+	# server_tokens off;
+
+	# server_names_hash_bucket_size 64;
+	# server_name_in_redirect off;
+
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	##
+	# SSL Settings
+	##
+
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
+	ssl_prefer_server_ciphers on;
+
+	##
+	# Logging Settings
+	##
+
+  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+  access_log  /var/log/nginx/access.log  main;
+	error_log   /var/log/nginx/error.log;
+
+	##
+	# Gzip Settings
+	##
+
+	gzip on;
+
+	gzip_vary on;
+	gzip_proxied any;
+	gzip_comp_level 6;
+	gzip_buffers 16 8k;
+	gzip_http_version 1.1;
+  gzip_types text/plain text/css application/json application/javascript text/xml application/xml text/javascript application/font-woff application/font-tff application/vnd.ms-fontobject;
+
+
+	##
+	# Virtual Host Configs
+	##
+
+	include /etc/nginx/conf.d/*.conf;
+
+  server {
+      listen       80;
+      listen       [::]:80;
+      server_name  _;
+      root         /var/www/html/wordpress;
+      index index.php;
+
+      charset utf-8;
+
+      try_files $uri $uri/ /index.php?q=$uri&$args;
+
+      # Load configuration files for the default server block.
+      include /etc/nginx/default.d/*.conf;
+
+      location ~* /wp-config.php {
+        deny all;
+      }
+
+  }
+
+}
+
+
--- a/roles/install-nginx/tasks/main.yml	Thu Sep 03 08:56:14 2020 +0900
+++ b/roles/install-nginx/tasks/main.yml	Thu Sep 03 11:20:27 2020 +0900
@@ -5,3 +5,15 @@
     name: nginx
     state: latest
   notify: restart_nginx
+
+- name: copy nginx conf
+  become: yes
+  copy:
+    src: nginx.conf
+    dest: /etc/nginx/nginx.conf
+    owner: root
+    group: root
+    mode: 0644
+    backup: yes
+  notify:
+    - restart_nginx