paulbsd/paulbsd-salt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

updated nginx state

Browse Source
This commit is contained in:
Paul 2022-07-27 23:49:44 +02:00
parent e33a258079
commit 25e7ca4917
7 changed files with 88 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
states/nginx/templates/types/dokuwiki.j2
View File

@ -13,6 +13,10 @@ server {
index index.php index.html;
{%- for key,value in headers.items() %}
add_header {{ key }} "{{ value }}";
{%- endfor %}
location ~ /(conf|bin|inc)/ {
deny all;
}

67
states/nginx/templates/types/fdp.j2 Normal file
View File

@ -0,0 +1,67 @@
## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
server {
include http;
server_name {{ vhost_name }};
return 301 https://$server_name$request_uri;
}
server {
include https;
{%- if internal_access %}
include access;
{%- endif %}
server_name {{ vhost_name }};
{%- if not proxy %}
root "{{ root_dir }}";
{%- endif %}
{%- for key,value in headers.items() %}
add_header {{ key }} "{{ value }}";
{%- endfor %}
location / {
{%- if proxy %}
proxy_pass {{ proxy_pass }};
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header AppVhost $host;
{%- if not cache %}
proxy_no_cache 1;
proxy_cache_bypass 1;
{%- endif %}
{%- endif %}
{%- if autoindex %}
autoindex on;
autoindex_localtime on;
{%- else %}
index index.html index.rss;
{% endif %}
{%- if auth %}
auth_basic "Restricted area";
auth_basic_user_file {{ config_dir }}/auth/htpasswd;
{%- endif %}
}
{%- for dir in dirs %}
location {{ dir.name }} {
alias {{ dir.alias }};
}
{%- endfor %}
location /socket.io {
proxy_pass {{ proxy_pass }};
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header AppVhost $host;
}
location /robots.txt {
return 200 "User-agent: *\r\nDisallow: /";
}
}

3
states/nginx/templates/types/nextcloud.j2
View File

@ -20,6 +20,9 @@ server {
client_max_body_size 4G;
fastcgi_buffers 64 4K;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
{%- for key,value in headers.items() %}
add_header {{ key }} "{{ value }}";
{% endfor -%}
location / {
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;

4
states/nginx/templates/types/rainloop.j2
View File

@ -13,6 +13,10 @@ server {
index index.php index.html;
{%- for key,value in headers.items() %}
add_header {{ key }} "{{ value }}";
{%- endfor %}
location ~ /(conf|bin|inc)/ {
deny all;
}

1
states/nginx/templates/types/rd.j2
View File

@ -17,6 +17,7 @@ server {
ssl_certificate /etc/acme/certs/services-rd.cert;
ssl_certificate_key /etc/acme/keys/services-rd.key;
{%- endif %}
location / {
{%- if proxy %}
proxy_pass {{ proxy_pass }};

8
states/nginx/templates/types/simple.j2
View File

@ -15,6 +15,11 @@ server {
{%- if not proxy %}
root "{{ root_dir }}";
{%- endif %}
{%- for key,value in headers.items() %}
add_header {{ key }} "{{ value }}";
{%- endfor %}
location / {
{%- if proxy %}
proxy_pass {{ proxy_pass }};
@ -33,9 +38,6 @@ server {
auth_basic "Restricted area";
auth_basic_user_file {{ config_dir }}/auth/htpasswd;
{%- endif %}
{%- for key,value in headers.items() %}
add_header {{ key }} {{ value }};
{% endfor -%}
}
{%- for dir in dirs %}

4
states/nginx/templates/types/zabbix.j2
View File

@ -13,6 +13,10 @@ server {
index index.php index.html;
{%- for key,value in headers.items() %}
add_header {{ key }} "{{ value }}";
{%- endfor %}
location ~ setup.php$ {
return 403;
}