Saltstack Official Nginx Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

пре 11 година
пре 11 година
пре 10 година
пре 11 година
пре 11 година
пре 10 година
пре 9 година
пре 10 година
пре 10 година
пре 10 година
пре 10 година
пре 10 година
пре 10 година
пре 10 година
пре 10 година
пре 10 година
пре 10 година
пре 10 година
пре 10 година
пре 10 година
пре 10 година
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163
  1. nginx:
  2. install_from_source: True
  3. use_upstart: True
  4. use_sysvinit: False
  5. user_auth_enabled: True
  6. with_luajit: False
  7. with_openresty: True
  8. repo_version: development # Must be using ppa install by setting `repo_source = ppa`
  9. set_real_ips: # NOTE: to use this, nginx must have http_realip module enabled
  10. from_ips:
  11. - 10.10.10.0/24
  12. real_ip_header: X-Forwarded-For
  13. modules:
  14. headers-more:
  15. source: http://github.com/agentzh/headers-more-nginx-module/tarball/v0.21
  16. source_hash: sha1=dbf914cbf3f7b6cb7e033fa7b7c49e2f8879113b
  17. # ========
  18. # nginx.ng
  19. # ========
  20. nginx:
  21. ng:
  22. # The following three `install_from_` options are mutually exclusive. If none is used, the distro's provided
  23. # package will be installed. If one of the `install_from` option is set to `True`, the state will
  24. # make sure the other two repos are removed.
  25. # Use the official's nginx repo binaries
  26. install_from_repo: false
  27. # Use Phusionpassenger's repo to install nginx and passenger binaries
  28. # Debian, Centos, Ubuntu and Redhat are currently available
  29. install_from_phusionpassenger: false
  30. # PPA install
  31. install_from_ppa: false
  32. # Set to 'stable', 'development' (mainline), 'community', or 'nightly' for each build accordingly ( https://launchpad.net/~nginx )
  33. ppa_version: 'stable'
  34. # Source install
  35. source_version: '1.10.0'
  36. source_hash: ''
  37. # These are usually set by grains in map.jinja
  38. lookup:
  39. package: nginx-custom
  40. service: nginx
  41. webuser: www-data
  42. conf_file: /etc/nginx/nginx.conf
  43. server_available: /etc/nginx/sites-available
  44. server_enabled: /etc/nginx/sites-enabled
  45. server_use_symlink: True
  46. # This is required for RedHat like distros (Amazon Linux) that don't follow semantic versioning for $releasever
  47. rh_os_releasever: '6'
  48. # Currently it can be used on rhel/centos/suse when installing from repo
  49. gpg_check: True
  50. # Source compilation is not currently a part of nginx.ng
  51. from_source: False
  52. source:
  53. opts: {}
  54. package:
  55. opts: {} # this partially exposes parameters of pkg.installed
  56. service:
  57. enable: True # Whether or not the service will be enabled/running or dead
  58. opts: {} # this partially exposes parameters of service.running / service.dead
  59. server:
  60. opts: {} # this partially exposes file.managed parameters as they relate to the main nginx.conf file
  61. # nginx.conf (main server) declarations
  62. # dictionaries map to blocks {} and lists cause the same declaration to repeat with different values
  63. config:
  64. worker_processes: 4
  65. pid: /run/nginx.pid
  66. events:
  67. worker_connections: 768
  68. http:
  69. sendfile: 'on'
  70. include:
  71. - /etc/nginx/mime.types
  72. - /etc/nginx/conf.d/*.conf
  73. - /etc/nginx/sites-enabled/*
  74. servers:
  75. disabled_postfix: .disabled # a postfix appended to files when doing non-symlink disabling
  76. symlink_opts: {} # partially exposes file.symlink params when symlinking enabled sites
  77. rename_opts: {} # partially exposes file.rename params when not symlinking disabled/enabled sites
  78. managed_opts: {} # partially exposes file.managed params for managed server files
  79. dir_opts: {} # partially exposes file.directory params for site available/enabled dirs
  80. # server declarations
  81. # servers will default to being placed in server_available
  82. managed:
  83. mysite: # relative pathname of the server file
  84. # may be True, False, or None where True is enabled, False, disabled, and None indicates no action
  85. available_dir: /tmp/sites-available # an alternate directory (not sites-available) where this server may be found
  86. enabled_dir: /tmp/sites-enabled # an alternate directory (not sites-enabled) where this server may be found
  87. disabled_name: mysite.aint_on # an alternative disabled name to be use when not symlinking
  88. enabled: True
  89. overwrite: True # overwrite an existing server file or not
  90. # May be a list of config options or None, if None, no server file will be managed/templated
  91. # Take server directives as lists of dictionaries. If the dictionary value is another list of
  92. # dictionaries a block {} will be started with the dictionary key name
  93. config:
  94. - server:
  95. - server_name: localhost
  96. - listen:
  97. - 80
  98. - default_server
  99. - index:
  100. - index.html
  101. - index.htm
  102. - location ~ .htm:
  103. - try_files:
  104. - $uri
  105. - $uri/ =404
  106. - test: something else
  107. # The above outputs:
  108. # server {
  109. # server_name localhost;
  110. # listen 80 default_server;
  111. # index index.html index.htm;
  112. # location ~ .htm {
  113. # try_files $uri $uri/ =404;
  114. # test something else;
  115. # }
  116. # }
  117. certificates_path: '/etc/nginx/ssl' # Use this if you need to deploy below certificates in a custom path.
  118. # If you're doing SSL termination, you can deploy certificates this way.
  119. # The private one(s) should go in a separate pillar file not in version
  120. # control (or use encrypted pillar data).
  121. certificates:
  122. 'www.example.com':
  123. public_cert: |
  124. -----BEGIN CERTIFICATE-----
  125. (Your Primary SSL certificate: www.example.com.crt)
  126. -----END CERTIFICATE-----
  127. -----BEGIN CERTIFICATE-----
  128. (Your Intermediate certificate: ExampleCA.crt)
  129. -----END CERTIFICATE-----
  130. -----BEGIN CERTIFICATE-----
  131. (Your Root certificate: TrustedRoot.crt)
  132. -----END CERTIFICATE-----
  133. private_key: |
  134. -----BEGIN RSA PRIVATE KEY-----
  135. (Your Private Key: www.example.com.key)
  136. -----END RSA PRIVATE KEY-----
  137. # Passenger configuration
  138. # Default passenger configuration is provided, and will be deployed in
  139. # /etc/nginx/conf.d/passenger.conf
  140. passenger:
  141. passenger_root: /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini
  142. passenger_ruby: /usr/bin/ruby
  143. passenger_instance_registry_dir: /var/run/passenger-instreg