diff --git a/defaults/main/proxy_site_defs.yml b/defaults/main/proxy_site_defs.yml index 574240a..ec8d2cd 100644 --- a/defaults/main/proxy_site_defs.yml +++ b/defaults/main/proxy_site_defs.yml @@ -1,8 +1,8 @@ --- proxy_site_conf_dir : /etc/nginx/conf.d proxy_site_file : "{{ proxy_site_conf_dir }}/zen_proxy.conf" - proxy_site_version : 1.4 - proxy_site_revision : 20191029-101338 + proxy_site_version : 1.5 + proxy_site_revision : 20191030-213756 proxy_site_log_path : /proxy_logs @@ -19,3 +19,8 @@ # many websites are run from our apache host # ...lets define it here to make things easier proxy_default_host : zg-lxwb04.thezengarden.net + + + # some of our sites require uploads, and those uploads + # can be rather large; lets set a default max upload size: + proxy_default_max_upload: 512M diff --git a/defaults/main/proxy_sites.yml b/defaults/main/proxy_sites.yml index 1c5b2bc..ccdbe71 100644 --- a/defaults/main/proxy_sites.yml +++ b/defaults/main/proxy_sites.yml @@ -8,9 +8,10 @@ proxy_sites: git.thezengarden.net: - proto : https - dest : gitlab.thezengarden.net - port : 443 + proto : https + dest : gitlab.thezengarden.net + port : 443 + max_upload : "{{ proxy_default_max_upload }}" hastebin.thezengarden.net: @@ -55,10 +56,10 @@ proxy_sites: port : 9090 - hme-3.thezengarden.net: - proto : https - dest : kaiju.thezengarden.net - port : 8006 +# hme-3.thezengarden.net: +# proto : https +# dest : kaiju.thezengarden.net +# port : 8006 chat.thezengarden.net: @@ -86,9 +87,10 @@ proxy_sites: seafile.thezengarden.net: - proto : http - dest : sa.thezengarden.net - port : 8000 + proto : http + dest : sa.thezengarden.net + port : 8000 + max_upload : "{{ proxy_default_max_upload }}" awx.thezengarden.net: @@ -104,24 +106,27 @@ proxy_sites: images.thezengarden.net: - proto : https - dest : "{{ proxy_default_host }}" - port : 443 + proto : https + dest : "{{ proxy_default_host }}" + port : 443 + max_upload : "{{ proxy_default_max_upload }}" cloud.thezengarden.net: - proto : https - dest : zg-lxoc01.thezengarden.net - port : 443 + proto : https + dest : zg-lxoc01.thezengarden.net + port : 443 + max_upload : "{{ proxy_default_max_upload }}" lakeshorebulldogs.com: - aliases : www.lakeshorebulldogs.com - proto : http - dest : "{{ proxy_default_host }}" - port : 80 - ssl_cert : "{{ proxy_site_ssl_directory }}/lakeshorebulldogs.com/fullchain1.pem" - ssl_key : "{{ proxy_site_ssl_directory }}/lakeshorebulldogs.com/privkey1.pem" + aliases : www.lakeshorebulldogs.com + proto : http + dest : "{{ proxy_default_host }}" + port : 80 + ssl_cert : "{{ proxy_site_ssl_directory }}/lakeshorebulldogs.com/fullchain1.pem" + ssl_key : "{{ proxy_site_ssl_directory }}/lakeshorebulldogs.com/privkey1.pem" + max_upload : "{{ proxy_default_max_upload }}" resources.thezengarden.net: @@ -131,10 +136,11 @@ proxy_sites: thezengarden.net: - aliases : www.thezengarden.net - proto : https - dest : "{{ proxy_default_host }}" - port : 443 + aliases : www.thezengarden.net + proto : https + dest : "{{ proxy_default_host }}" + port : 443 + max_upload : "{{ proxy_default_max_upload }}" devel.thezengarden.net: diff --git a/tasks/main.yml b/tasks/main.yml index 5911f56..219bfde 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,10 +1,18 @@ --- # tasks file for zen_rev_proxy -- name: install nginx/aptitude +- name: install nginx/aptitude for debian nodes package: name : ['nginx','aptitude'] state : present + when : ansible_distribution == "Debian" + + +- name: install nginx for centos nodes + package: + name : nginx + state : present + when: ansible_distribution == "CentOS" - name: enable nginx at boot time diff --git a/templates/proxy_site.j2 b/templates/proxy_site.j2 index bbff1e4..711e7f7 100644 --- a/templates/proxy_site.j2 +++ b/templates/proxy_site.j2 @@ -23,6 +23,10 @@ server { access_log {{ proxy_site_log_path }}/{{ item.key }}.log; + {% if proxy_sites[item.key]['max_upload'] is defined %} +client_max_body_size {{ proxy_sites[item.key]['max_upload'] }}; + {% endif %} + location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $host;