slfhst/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b81d9f0b356ef6d59a71c89b180368076915ec22
ansible/roles/nginx/templates/header.conf.j2
VC b81d9f0b35
All checks were successful
ansible-lint / lint-everything (push) Successful in 1m17s
Details
: remove the mandatory gather_subsets for loadbalancing & web servers
2025-03-31 11:45:34 +02:00

24 lines
808 B
Django/Jinja
Raw Blame History

listen *:443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/x509/{{ item.host }}/fullchain.cer;
ssl_certificate_key /etc/x509/{{ item.host }}/{{ item.host }}.key;
server_name {{ item.host }};
access_log /var/log/nginx/{{ item.host }}.access.log combined;
access_log syslog:server=unix:/dev/log combined;
error_log /var/log/nginx/{{ item.host }}.error.log;
error_log syslog:server=unix:/dev/log;
{% if item.allowlistv4 is defined %}
{% for host in groups['lbservers'] %}
allow {{ hostvars[host].proxmox_net0.ip | ansible.utils.ipaddr('address') }};
{% endfor %}
{% endif %}
{% if item.allowlistv6 is defined %}
{% for addrv6 in item.allowlistv6 %}
allow {{ addrv6 }};
{% endfor %}
{% endif %}
{% if item.allowlistv4 is defined or item.allowlistv6 is defined %}
deny all;
{% endif %}
Reference in New Issue View Git Blame Copy Permalink