From d9f201194f71d392cf26a13b177b87c7114c4d4d Mon Sep 17 00:00:00 2001 From: Paul Lecuq Date: Tue, 6 Jun 2023 09:24:24 +0200 Subject: [PATCH] updated nginx state --- states/nginx/install.sls | 33 +++++++++++++++++----------- states/nginx/templates/nginx.conf.j2 | 8 +++---- 2 files changed, 24 insertions(+), 17 deletions(-) diff --git a/states/nginx/install.sls b/states/nginx/install.sls index 145c6eb..1d225e3 100644 --- a/states/nginx/install.sls +++ b/states/nginx/install.sls @@ -4,18 +4,25 @@ nginx-pkg: pkg.installed: - pkgs: {{ nginx.packages }} -nginx-logs-user-acl: - acl.present: +nginx-logs-perms: + file.directory: - name: /var/log/nginx - - acl_type: user - - acl_name: www-data - - perms: rwx - - recurse: true + - user: www-data + - group: root + - mode: 0775 -nginx-logs-group-acl: - acl.present: - - name: /var/log/nginx - - acl_type: group - - acl_name: www-data - - perms: rwx - - recurse: true \ No newline at end of file +#nginx-logs-user-acl: +# acl.present: +# - name: /var/log/nginx +# - acl_type: user +# - acl_name: www-data +# - perms: rwx +# - recurse: true +# +#nginx-logs-group-acl: +# acl.present: +# - name: /var/log/nginx +# - acl_type: group +# - acl_name: www-data +# - perms: rwx +# - recurse: true diff --git a/states/nginx/templates/nginx.conf.j2 b/states/nginx/templates/nginx.conf.j2 index b5c8c40..a5d5e10 100644 --- a/states/nginx/templates/nginx.conf.j2 +++ b/states/nginx/templates/nginx.conf.j2 @@ -24,6 +24,10 @@ http { include ssl_params; charset utf-8; + real_ip_header proxy_protocol; + set_real_ip_from 127.0.0.1; + set_real_ip_from ::1; + {%- if nginx.config.geoip %} geoip2 /usr/share/GeoIP/GeoLite2-ASN.mmdb { $geoip2_asn default=0 autonomous_system_number; @@ -71,10 +75,6 @@ http { root /var/www/html; index index.html; - real_ip_header X-Forwarded-For; - set_real_ip_from 127.0.0.1; - set_real_ip_from ::1; - location = / { return 404; }