updated nginx state

2020-09-02 21:22:52 +02:00 · 2020-09-02 21:22:52 +02:00 · b824ba53ca
commit b824ba53ca
parent 822b9138b1
4 changed files with 70 additions and 39 deletions
--- a/states/nginx/defaults.yaml
+++ b/states/nginx/defaults.yaml
@ -8,6 +8,7 @@ nginx:
    dir: /etc/nginx
    user: www-data
    group: www-data
+    php_socket_file: /var/run/php/php7.3-fpm.sock
    subdirs:
      - auth
      - modules-available
--- a/states/nginx/templates/types/dokuwiki.j2
+++ b/states/nginx/templates/types/dokuwiki.j2
@ -1,20 +1,20 @@
 ## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}

 server {
-  include http;
-  server_name {{ vhost_name }};
-  return 301 https://$server_name$request_uri;
+  include       http;
+  server_name   {{ vhost_name }};
+  return        301 https://$server_name$request_uri;
 }

 server {
-  include https;
+  include       https;
  server_name   {{ vhost_name }};
  root          {{ root_dir }};

-  index index.php index.html;
+  index         index.php index.html;

  location ~ /(conf|bin|inc)/ {
-    deny all;
+    deny  all;
  }

  location ~ /data/ {
@ -22,9 +22,9 @@ server {
  }

  location ~ \.php?$ {
-    include   fastcgi_params;
-    fastcgi_pass  unix:/var/run/php/php7.3-fpm.sock;
-    fastcgi_index index.php;
-    fastcgi_param SCRIPT_FILENAME  $document_root/$fastcgi_script_name;
+    include         fastcgi_params;
+    fastcgi_pass    unix:{{ nginx.config.php_socket_file }};
+    fastcgi_index   index.php;
+    fastcgi_param   SCRIPT_FILENAME  $document_root/$fastcgi_script_name;
  }
 }
--- a/states/nginx/templates/types/nextcloud.j2
+++ b/states/nginx/templates/types/nextcloud.j2
@ -1,51 +1,51 @@
 ## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}

 server {
-  include http;
-  server_name {{ vhost_name }};
-  return 301 https://$server_name$request_uri;
+  include       http;
+  server_name   {{ vhost_name }};
+  return        301 https://$server_name$request_uri;
 }

 server {
-  include https;
+  include       https;
  server_name   {{ vhost_name }};
  root          {{ root_dir }};

-  index         index.php;
-  error_page 403 /core/templates/403.php;
-  error_page 404 /core/templates/404.php;
-  rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
-  rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
-  rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
-  client_max_body_size 4G;
-  fastcgi_buffers 64 4K;
-  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+  index                 index.php;
+  error_page            403 /core/templates/403.php;
+  error_page            404 /core/templates/404.php;
+  rewrite               ^/caldav(.*)$ /remote.php/caldav$1 redirect;
+  rewrite               ^/carddav(.*)$ /remote.php/carddav$1 redirect;
+  rewrite               ^/webdav(.*)$ /remote.php/webdav$1 redirect;
+  client_max_body_size  4G;
+  fastcgi_buffers       64 4K;
+  add_header            Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

  location / {
-    rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
-    rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
-    rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
-    rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
-    rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
-    try_files $uri $uri/ index.php;
+    rewrite             ^/.well-known/host-meta /public.php?service=host-meta last;
+    rewrite             ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
+    rewrite             ^/.well-known/carddav /remote.php/carddav/ redirect;
+    rewrite             ^/.well-known/caldav /remote.php/caldav/ redirect;
+    rewrite             ^(/core/doc/[^\/]+/)$ $1/index.html;
+    try_files           $uri $uri/ index.php;
  }

  location = /robots.txt {
-    allow all;
-    log_not_found off;
-    access_log off;
+    allow           all;
+    log_not_found   off;
+    access_log      off;
  }

  location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
-    deny all;
+    deny            all;
  }

  location ~ ^(.+?\.php)(/.*)?$ {
-    include   fastcgi_params;
-    fastcgi_pass  unix:/var/run/php/php7.3-fpm.sock;
-    fastcgi_index index.php;
-    fastcgi_param SCRIPT_FILENAME  $document_root/$fastcgi_script_name;
+    include                 fastcgi_params;
+    fastcgi_pass            unix:{{ nginx.config.php_socket_file }};
+    fastcgi_index           index.php;
+    fastcgi_param           SCRIPT_FILENAME  $document_root/$fastcgi_script_name;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
-    try_files $1 =404;
+    try_files               $1 =404;
  }
 }
--- a/states/nginx/templates/types/rainloop.j2
+++ b/states/nginx/templates/types/rainloop.j2
@ -0,0 +1,30 @@
+## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
+
+server {
+  include       http;
+  server_name   {{ vhost_name }};
+  return        301 https://$server_name$request_uri;
+}
+
+server {
+  include       https;
+  server_name   {{ vhost_name }};
+  root          {{ root_dir }};
+
+  index index.php index.html;
+
+  location ~ /(conf|bin|inc)/ {
+    deny all;
+  }
+
+  location ~ /data/ {
+    internal;
+  }
+
+  location ~ \.php?$ {
+    include         fastcgi_params;
+    fastcgi_pass    unix:{{ nginx.config.php_socket_file }};
+    fastcgi_index   index.php;
+    fastcgi_param   SCRIPT_FILENAME  $document_root/$fastcgi_script_name;
+  }
+}