Saltstack Official Nginx Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

преди 11 години
преди 11 години
преди 10 години
преди 11 години
преди 11 години
преди 10 години
преди 10 години
преди 9 години
преди 10 години
преди 10 години
преди 10 години
преди 10 години
преди 10 години
преди 10 години
преди 10 години
преди 10 години
преди 10 години
преди 10 години
преди 10 години
преди 10 години
преди 10 години
преди 10 години
преди 10 години
преди 10 години
преди 9 години
преди 8 години
преди 10 години
преди 10 години
преди 9 години
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142
  1. nginx:
  2. install_from_source: True
  3. use_upstart: True
  4. use_sysvinit: False
  5. user_auth_enabled: True
  6. with_luajit: False
  7. with_openresty: True
  8. repo_version: development # Must be using ppa install by setting `repo_source = ppa`
  9. set_real_ips: # NOTE: to use this, nginx must have http_realip module enabled
  10. from_ips:
  11. - 10.10.10.0/24
  12. real_ip_header: X-Forwarded-For
  13. modules:
  14. headers-more:
  15. source: http://github.com/agentzh/headers-more-nginx-module/tarball/v0.21
  16. source_hash: sha1=dbf914cbf3f7b6cb7e033fa7b7c49e2f8879113b
  17. # ========
  18. # nginx.ng
  19. # ========
  20. nginx:
  21. ng:
  22. # PPA install
  23. install_from_ppa: True
  24. # Set to 'stable', 'development' (mainline), 'community', or 'nightly' for each build accordingly ( https://launchpad.net/~nginx )
  25. ppa_version: 'stable'
  26. # Source install
  27. source_version: '1.10.0'
  28. source_hash: ''
  29. # These are usually set by grains in map.jinja
  30. lookup:
  31. package: nginx-custom
  32. service: nginx
  33. webuser: www-data
  34. conf_file: /etc/nginx/nginx.conf
  35. vhost_available: /etc/nginx/sites-available
  36. vhost_enabled: /etc/nginx/sites-enabled
  37. vhost_use_symlink: True
  38. # This is required for RedHat like distros (Amazon Linux) that don't follow semantic versioning for $releasever
  39. rh_os_releasever: '6'
  40. # Currently it can be used on rhel/centos/suse when installing from repo
  41. gpg_check: True
  42. # Source compilation is not currently a part of nginx.ng
  43. from_source: False
  44. source:
  45. opts: {}
  46. package:
  47. opts: {} # this partially exposes parameters of pkg.installed
  48. service:
  49. enable: True # Whether or not the service will be enabled/running or dead
  50. opts: {} # this partially exposes parameters of service.running / service.dead
  51. server:
  52. opts: {} # this partially exposes file.managed parameters as they relate to the main nginx.conf file
  53. # nginx.conf (main server) declarations
  54. # dictionaries map to blocks {} and lists cause the same declaration to repeat with different values
  55. config:
  56. worker_processes: 4
  57. pid: /run/nginx.pid
  58. events:
  59. worker_connections: 768
  60. http:
  61. sendfile: 'on'
  62. include:
  63. - /etc/nginx/mime.types
  64. - /etc/nginx/conf.d/*.conf
  65. - /etc/nginx/sites-enabled/*
  66. vhosts:
  67. disabled_postfix: .disabled # a postfix appended to files when doing non-symlink disabling
  68. symlink_opts: {} # partially exposes file.symlink params when symlinking enabled sites
  69. rename_opts: {} # partially exposes file.rename params when not symlinking disabled/enabled sites
  70. managed_opts: {} # partially exposes file.managed params for managed vhost files
  71. dir_opts: {} # partially exposes file.directory params for site available/enabled dirs
  72. # vhost declarations
  73. # vhosts will default to being placed in vhost_available
  74. managed:
  75. mysite: # relative pathname of the vhost file
  76. # may be True, False, or None where True is enabled, False, disabled, and None indicates no action
  77. available_dir: /tmp/sites-available # an alternate directory (not sites-available) where this vhost may be found
  78. enabled_dir: /tmp/sites-enabled # an alternate directory (not sites-enabled) where this vhost may be found
  79. disabled_name: mysite.aint_on # an alternative disabled name to be use when not symlinking
  80. enabled: True
  81. overwrite: True # overwrite an existing vhost file or not
  82. # May be a list of config options or None, if None, no vhost file will be managed/templated
  83. # Take server directives as lists of dictionaries. If the dictionary value is another list of
  84. # dictionaries a block {} will be started with the dictionary key name
  85. config:
  86. - server:
  87. - server_name: localhost
  88. - listen:
  89. - 80
  90. - default_server
  91. - index:
  92. - index.html
  93. - index.htm
  94. - location ~ .htm:
  95. - try_files:
  96. - $uri
  97. - $uri/ =404
  98. - test: something else
  99. # The above outputs:
  100. # server {
  101. # server_name localhost;
  102. # listen 80 default_server;
  103. # index index.html index.htm;
  104. # location ~ .htm {
  105. # try_files $uri $uri/ =404;
  106. # test something else;
  107. # }
  108. # }
  109. # If you're doing SSL termination, you can deploy certificates this way.
  110. # The private one(s) should go in a separate pillar file not in version
  111. # control (or use encrypted pillar data).
  112. certificates:
  113. 'www.example.com':
  114. public_cert: |
  115. -----BEGIN CERTIFICATE-----
  116. (Your Primary SSL certificate: www.example.com.crt)
  117. -----END CERTIFICATE-----
  118. -----BEGIN CERTIFICATE-----
  119. (Your Intermediate certificate: ExampleCA.crt)
  120. -----END CERTIFICATE-----
  121. -----BEGIN CERTIFICATE-----
  122. (Your Root certificate: TrustedRoot.crt)
  123. -----END CERTIFICATE-----
  124. private_key: |
  125. -----BEGIN RSA PRIVATE KEY-----
  126. (Your Private Key: www.example.com.key)
  127. -----END RSA PRIVATE KEY-----