From f1aebe3adc2b68f240d9118ae95e9ff93671ab66 Mon Sep 17 00:00:00 2001 From: clarkzjw Date: Fri, 20 Jan 2023 10:21:10 -0800 Subject: bia: add nginx --- .../bia/ansible/roles/cgit/templates/cgit.conf.j2 | 36 ++++++++++++++++++++++ .../bia/ansible/roles/cgit/templates/nginx.conf.j2 | 17 ++++++++++ 2 files changed, 53 insertions(+) create mode 100644 clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 create mode 100644 clarkzjw.cc/config/bia/ansible/roles/cgit/templates/nginx.conf.j2 (limited to 'clarkzjw.cc/config/bia/ansible/roles/cgit/templates') diff --git a/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 b/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 new file mode 100644 index 0000000..625075d --- /dev/null +++ b/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/cgit.conf.j2 @@ -0,0 +1,36 @@ +server { + server_name {{ lookup('env', 'CGIT_DOMAIN') }}; + root /usr/local/www/cgit; + try_files $uri @cgit; + + location @cgit { + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME /usr/local/www/cgit/cgit.cgi; + fastcgi_param PATH_INFO $uri; + fastcgi_param QUERY_STRING $args; + fastcgi_param HTTP_HOST $server_name; + fastcgi_pass unix:/var/run/fcgiwrap/fcgiwrap.sock; + } + + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/local/www/nginx-dist; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /usr/local/etc/letsencrypt/live/{{ lookup('env', 'CGIT_DOMAIN') }}/fullchain.pem; # managed by Certbot + ssl_certificate_key /usr/local/etc/letsencrypt/live/{{ lookup('env', 'CGIT_DOMAIN') }}/privkey.pem; # managed by Certbot + include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot +} + + +server { + if ($host = {{ lookup('env', 'CGIT_DOMAIN') }}) { + return 301 https://$host$request_uri; + } # managed by Certbot + + listen 80; + server_name {{ lookup('env', 'CGIT_DOMAIN') }}; + return 404; # managed by Certbot +} diff --git a/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/nginx.conf.j2 b/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/nginx.conf.j2 new file mode 100644 index 0000000..1380132 --- /dev/null +++ b/clarkzjw.cc/config/bia/ansible/roles/cgit/templates/nginx.conf.j2 @@ -0,0 +1,17 @@ +worker_processes auto; + +events { + worker_connections 1024; +} + +http { + include mime.types; + default_type application/octet-stream; + + sendfile on; + keepalive_timeout 65; + gzip on; + + + include /usr/local/etc/nginx/conf.d/*.conf; +} -- cgit v1.2.3