Ansible Role: danie1k.nginx_with_vhosts
Installs NGINX web server and adds vhosts management tool to your server.
Role Variables
server
| Variable name | Description | Default value |
|---|---|---|
| nginx_add_graceful_command | Add graceful command to remote system? It's meant to be used by non-root users to reload Nginx server |
false |
| nginx_cloudflare_enabled | Enable CloudFlare integration? | false |
| nginx_cloudflare_ssl_certificate | A file with the certificate in the PEM format for the given virtual server | /etc/ssl/certs/cert.pem |
| nginx_cloudflare_ssl_certificate_key | A file with the secret key in the PEM format for the given virtual server | /etc/ssl/private/key.pem |
| nginx_sblam_enabled | Enable Sblam! IP blacklist? | true |
| nginx_ssl_session_timeout | A time during which a client may reuse the session parameters | 1d |
| nginx_ssl_session_cache | Types and sizes of caches that store session parameters. | shared:MozSSL:10m |
| nginx_ssl_trusted_certificate | A file with trusted CA certificates in the PEM format used to verify client certificates and OCSP responses | /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem |
How to get CloudFlare SSL Origin Certificates: https://kb.virtubox.net/knowledgebase/cloudflare-ssl-origin-certificates-nginx/
Check the following roles for more variables:
vhosts
| Variable name | Description | Default value |
|---|---|---|
nginx_vhost_user |
Name of existing remote host user, who will be an owner of your vhosts web files | - (Required!) |
nginx_vhost_www_path |
Path on remote machine where all vhost-related data will be stored and owned by nginx_vhost_user |
- (Required!) |
nginx_vhost_generic_error_page |
Should use one global error page across all vhosts? | true |
nginx_vhost_generic_favicon |
Should use one global fallback favicon across all vhosts? | true |
Example Playbook
- hosts: servers
roles:
- name: danie1k.nginx_with_vhosts
vars:
nginx_vhost_user: www-data
nginx_vhost_www_path: /var/wwwLicense
MIT