diff options
author | clarkzjw <[email protected]> | 2023-01-20 10:21:10 -0800 |
---|---|---|
committer | clarkzjw <[email protected]> | 2023-01-20 10:21:10 -0800 |
commit | f1aebe3adc2b68f240d9118ae95e9ff93671ab66 (patch) | |
tree | b4ea255d648c37bf5f797c4a126224caa51209ac /clarkzjw.cc/config/bia/ansible/roles/cgit/templates | |
parent | 1fce024be20034ad4eef7646594eef0fbcc1b64e (diff) | |
download | homelab-f1aebe3adc2b68f240d9118ae95e9ff93671ab66.tar.gz |
bia: add nginx
Diffstat (limited to 'clarkzjw.cc/config/bia/ansible/roles/cgit/templates')
-rw-r--r-- | clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 | 36 | ||||
-rw-r--r-- | clarkzjw.cc/config/bia/ansible/roles/cgit/templates/nginx.conf.j2 | 17 |
2 files changed, 53 insertions, 0 deletions
diff --git a/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 b/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 new file mode 100644 index 0000000..625075d --- /dev/null +++ b/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 | |||
@@ -0,0 +1,36 @@ | |||
1 | server { | ||
2 | server_name {{ lookup('env', 'CGIT_DOMAIN') }}; | ||
3 | root /usr/local/www/cgit; | ||
4 | try_files $uri @cgit; | ||
5 | |||
6 | location @cgit { | ||
7 | include fastcgi_params; | ||
8 | fastcgi_param SCRIPT_FILENAME /usr/local/www/cgit/cgit.cgi; | ||
9 | fastcgi_param PATH_INFO $uri; | ||
10 | fastcgi_param QUERY_STRING $args; | ||
11 | fastcgi_param HTTP_HOST $server_name; | ||
12 | fastcgi_pass unix:/var/run/fcgiwrap/fcgiwrap.sock; | ||
13 | } | ||
14 | |||
15 | error_page 500 502 503 504 /50x.html; | ||
16 | location = /50x.html { | ||
17 | root /usr/local/www/nginx-dist; | ||
18 | } | ||
19 | |||
20 | listen 443 ssl; # managed by Certbot | ||
21 | ssl_certificate /usr/local/etc/letsencrypt/live/{{ lookup('env', 'CGIT_DOMAIN') }}/fullchain.pem; # managed by Certbot | ||
22 | ssl_certificate_key /usr/local/etc/letsencrypt/live/{{ lookup('env', 'CGIT_DOMAIN') }}/privkey.pem; # managed by Certbot | ||
23 | include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | ||
24 | ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | ||
25 | } | ||
26 | |||
27 | |||
28 | server { | ||
29 | if ($host = {{ lookup('env', 'CGIT_DOMAIN') }}) { | ||
30 | return 301 https://$host$request_uri; | ||
31 | } # managed by Certbot | ||
32 | |||
33 | listen 80; | ||
34 | server_name {{ lookup('env', 'CGIT_DOMAIN') }}; | ||
35 | return 404; # managed by Certbot | ||
36 | } | ||
diff --git a/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/nginx.conf.j2 b/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/nginx.conf.j2 new file mode 100644 index 0000000..1380132 --- /dev/null +++ b/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/nginx.conf.j2 | |||
@@ -0,0 +1,17 @@ | |||
1 | worker_processes auto; | ||
2 | |||
3 | events { | ||
4 | worker_connections 1024; | ||
5 | } | ||
6 | |||
7 | http { | ||
8 | include mime.types; | ||
9 | default_type application/octet-stream; | ||
10 | |||
11 | sendfile on; | ||
12 | keepalive_timeout 65; | ||
13 | gzip on; | ||
14 | |||
15 | |||
16 | include /usr/local/etc/nginx/conf.d/*.conf; | ||
17 | } | ||