Saltstack Official Nginx Formula
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

68 lines
2.8KB

  1. {% set nginx = pillar.get('nginx', {}) -%}
  2. {% set user = nginx.get('user', 'www-data') -%}
  3. {% set group = nginx.get('group', 'www-data') -%}
  4. user {{ user }} {{ group }};
  5. worker_processes {{ nginx.get('worker_processes', 1) }};
  6. {% set worker_rlimit_nofile = nginx.get('worker_rlimit_nofile', '') -%}
  7. {% if worker_rlimit_nofile -%}
  8. worker_rlimit_nofile {{ worker_rlimit_nofile }};
  9. {% endif -%}
  10. error_log /var/log/nginx/error.fifo warn;
  11. pid {{ nginx.get('pid', '/var/run/nginx.pid') }};
  12. daemon {{ nginx.get('daemon', 'on') }};
  13. events {
  14. worker_connections {{ nginx.get('events', {}).get('worker_connections', 1024) }};
  15. {% set use = nginx.get('events', {}).get('use', '') -%}
  16. {% if use -%}
  17. use {{ use }};
  18. {% endif -%}
  19. }
  20. http {
  21. include /etc/nginx/mime.types;
  22. default_type {{ nginx.get('default_type', 'application/octet-stream') }};
  23. log_format main '$scheme://$host:$server_port$uri$is_args$args $remote_addr:$remote_user "$request" $request_time $request_length:$bytes_sent $status "$http_referer" "$http_user_agent" "$http_x_forwarded_for"';
  24. access_log /var/log/nginx/access.fifo main;
  25. sendfile {{ nginx.get('sendfile', 'on') }};
  26. #tcp_nopush on;
  27. keepalive_timeout {{ nginx.get('keepalive_timeout', 65) }};
  28. server_names_hash_bucket_size {{ nginx.get('server_names_hash_bucket_size', 128) }};
  29. server_names_hash_max_size {{ nginx.get('server_names_hash_max_size', 1024) }};
  30. types_hash_max_size {{ nginx.get('types_hash_max_size', 8192) }};
  31. gzip {{ nginx.get('gzip', 'on') }};
  32. gzip_vary {{ nginx.get('gzip_vary', 'on') }};
  33. gzip_proxied {{ nginx.get('gzip_proxied', 'any') }};
  34. gzip_comp_level {{ nginx.get('gzip_comp_level', 6) }};
  35. gzip_buffers {{ nginx.get('gzip_buffers', '16 8k') }};
  36. gzip_http_version {{ nginx.get('gzip_http_version', '1.1') }};
  37. gzip_types {{ nginx.get('gzip_types', ['text/plain', 'text/css', 'application/json', 'application/x-javascript', 'text/xml', 'application/xml', 'application/xml+rss', 'text/javascript'])|join(' ') }};
  38. gzip_disable "{{ nginx.get('gzip_disable', 'msie6' }}";
  39. # turn on nginx_status on localhost
  40. server {
  41. listen 127.0.0.1:80;
  42. server_name 127.0.0.1;
  43. location /nginx_status {
  44. stub_status on;
  45. access_log off;
  46. allow 127.0.0.1;
  47. deny all;
  48. }
  49. }
  50. {% if pillar['nginx'] is defined -%}
  51. {% if pillar['nginx']['redirect_numeric_ip']|default(False) %}
  52. server {
  53. server_name {% for ip in salt['network.interfaces']()['eth0']['inet'] %}{{ ip['address'] }}:80{% if not loop.last %} {% endif %}{% endfor %};
  54. return 302 {{ pillar['nginx']['redirect_numeric_ip'] }};
  55. access_log off;
  56. }
  57. {% endif %}
  58. {% endif %}
  59. include /etc/nginx/conf.d/*.conf;
  60. include /etc/nginx/sites-enabled/*.conf;
  61. }