diff options
| author | Milo Casagrande <milo.casagrande@linaro.org> | 2014-12-23 13:53:35 +0100 |
|---|---|---|
| committer | Milo Casagrande <milo.casagrande@linaro.org> | 2014-12-23 13:53:35 +0100 |
| commit | 8c46ea5f6e66c53bacc4e5966f23b4e1279edd42 (patch) | |
| tree | 3de13017ddca44b0254d5b1e165b367a1f1733a5 | |
| parent | 8865b6b1e76224907d5d09ff020e62251f6b1cf5 (diff) | |
ansible: Fix and tweak nginx config.
Change-Id: Ie7930fdb2aeafb0f4497468b6763b3db013b146d
| -rw-r--r-- | ansible/roles/configure-nginx/tasks/main.yml | 10 | ||||
| -rw-r--r-- | ansible/roles/configure-nginx/templates/kernelci-frontend.conf | 5 | ||||
| -rw-r--r-- | ansible/roles/configure-nginx/templates/nginx-default.conf (renamed from ansible/roles/configure-nginx/files/nginx-default.conf) | 12 |
3 files changed, 20 insertions, 7 deletions
diff --git a/ansible/roles/configure-nginx/tasks/main.yml b/ansible/roles/configure-nginx/tasks/main.yml index 8219d05..0415fd7 100644 --- a/ansible/roles/configure-nginx/tasks/main.yml +++ b/ansible/roles/configure-nginx/tasks/main.yml @@ -1,10 +1,10 @@ --- - name: Install default nginx configuration - copy: src=nginx-default.conf - dest=/etc/nginx/nginx.conf - owner=root - group=root - mode=0644 + template: src=nginx-default.conf + dest=/etc/nginx/nginx.conf + owner=root + group=root + mode=0644 notify: - reload-nginx tags: diff --git a/ansible/roles/configure-nginx/templates/kernelci-frontend.conf b/ansible/roles/configure-nginx/templates/kernelci-frontend.conf index 3cddbe7..8896971 100644 --- a/ansible/roles/configure-nginx/templates/kernelci-frontend.conf +++ b/ansible/roles/configure-nginx/templates/kernelci-frontend.conf @@ -1,5 +1,4 @@ server { - listen 80; server_name {{ hostname }}; root {{ web_root }}/{{ hostname }}; charset utf-8; @@ -7,6 +6,10 @@ server { access_log /var/log/nginx/{{ hostname }}-access.log; error_log /var/log/nginx/{{ hostname }}-error.log; + if ($host != "{{ hostname }}") { + return 403; + } + location / { if (-f $document_root/maintenance.html) { return 503; diff --git a/ansible/roles/configure-nginx/files/nginx-default.conf b/ansible/roles/configure-nginx/templates/nginx-default.conf index b20205e..178cd24 100644 --- a/ansible/roles/configure-nginx/files/nginx-default.conf +++ b/ansible/roles/configure-nginx/templates/nginx-default.conf @@ -1,8 +1,9 @@ # This file is managed via ansible. Do not edit. user www-data; -worker_processes 4; +worker_processes auto; pid /run/nginx.pid; +pcre_jit on; events { worker_connections 4096; @@ -14,6 +15,15 @@ http { include /etc/nginx/mime.types; default_type application/octet-stream; + server { + {% if role == "production" %} + listen 80 backlog=1024 fastopen=7 default_server; + {% else %} + listen 80 backlog=1024 default_server; + {% endif %} + return 404; + } + access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; |