622d22f971
Also, check config before applying
67 lines
1.9 KiB
Plaintext
67 lines
1.9 KiB
Plaintext
# -*- coding: utf-8 -*-
|
|
# vim: ft=yaml
|
|
---
|
|
# Simple pillar setup
|
|
# - snippet letsencrypt
|
|
# - remove 'default' site
|
|
# - create 'mysite' site
|
|
|
|
{%- if grains.os_family in ('RedHat',) %}
|
|
{%- set passenger_pkg = 'nginx-mod-http-passenger' %}
|
|
{%- set passenger_mod = '/usr/lib64/nginx/modules/ngx_http_passenger_module.so' %}
|
|
{%- else %}
|
|
{%- set passenger_pkg = 'libnginx-mod-http-passenger' %}
|
|
{%- set passenger_mod = '/usr/lib/nginx/modules/ngx_http_passenger_module.so' %}
|
|
{%- endif %}
|
|
|
|
nginx:
|
|
check_config_before_apply: true
|
|
|
|
install_from_phusionpassenger: true
|
|
lookup:
|
|
passenger_package: {{ passenger_pkg }}
|
|
|
|
snippets:
|
|
letsencrypt.conf:
|
|
- location ^~ /.well-known/acme-challenge/:
|
|
- proxy_pass: http://localhost:9999
|
|
server:
|
|
config:
|
|
# This is required to get the passenger module loaded
|
|
# In Debian it can be done with this
|
|
# include: 'modules-enabled/*.conf'
|
|
load_module: {{ passenger_mod }}
|
|
|
|
worker_processes: 4
|
|
http:
|
|
### module ngx_http_log_module example
|
|
log_format: |-
|
|
main '$remote_addr - $remote_user [$time_local] $status '
|
|
'"$request" $body_bytes_sent "$http_referer" '
|
|
'"$http_user_agent" "$http_x_forwarded_for"'
|
|
include:
|
|
- /etc/nginx/mime.types
|
|
- /etc/nginx/conf.d/*.conf
|
|
- /etc/nginx/sites-enabled/*
|
|
|
|
servers:
|
|
managed:
|
|
default:
|
|
deleted: true
|
|
enabled: false
|
|
config: {}
|
|
|
|
mysite:
|
|
enabled: true
|
|
config:
|
|
- server:
|
|
- passenger_enabled: 'on'
|
|
|
|
- server_name: localhost
|
|
- listen:
|
|
- '80 default_server'
|
|
- index: 'index.html index.htm'
|
|
- location ~ .htm:
|
|
- try_files: '$uri $uri/ =404'
|
|
- include: '/etc/nginx/snippets/letsencrypt.conf'
|