paulbsd/paulbsd-salt
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

updated nginx state

Browse Source
This commit is contained in:
Paul 2023-06-06 09:24:24 +02:00
parent c5f551757a
commit d9f201194f
2 changed files with 24 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
states/nginx/install.sls
View File

@ -4,18 +4,25 @@ nginx-pkg:
pkg.installed: pkg.installed:
- pkgs: {{ nginx.packages }} - pkgs: {{ nginx.packages }}
nginx-logs-user-acl: nginx-logs-perms:
acl.present: file.directory:
- name: /var/log/nginx - name: /var/log/nginx
- acl_type: user - user: www-data
- acl_name: www-data - group: root
- perms: rwx - mode: 0775
- recurse: true
nginx-logs-group-acl: #nginx-logs-user-acl:
acl.present: # acl.present:
- name: /var/log/nginx # - name: /var/log/nginx
- acl_type: group # - acl_type: user
- acl_name: www-data # - acl_name: www-data
- perms: rwx # - perms: rwx
- recurse: true # - recurse: true
#
#nginx-logs-group-acl:
# acl.present:
# - name: /var/log/nginx
# - acl_type: group
# - acl_name: www-data
# - perms: rwx
# - recurse: true

8
states/nginx/templates/nginx.conf.j2
View File

@ -24,6 +24,10 @@ http {
include ssl_params; include ssl_params;
charset utf-8; charset utf-8;
real_ip_header proxy_protocol;
set_real_ip_from 127.0.0.1;
set_real_ip_from ::1;
{%- if nginx.config.geoip %} {%- if nginx.config.geoip %}
geoip2 /usr/share/GeoIP/GeoLite2-ASN.mmdb { geoip2 /usr/share/GeoIP/GeoLite2-ASN.mmdb {
$geoip2_asn default=0 autonomous_system_number; $geoip2_asn default=0 autonomous_system_number;
@ -71,10 +75,6 @@ http {
root /var/www/html; root /var/www/html;
index index.html; index index.html;
real_ip_header X-Forwarded-For;
set_real_ip_from 127.0.0.1;
set_real_ip_from ::1;
location = / { location = / {
return 404; return 404;
} }