More complex site configuration not possible with template

Question

More complex site configuration not possible with template

surfer190 opened this issue 8 years ago · 6 comments

Based on the template site.conf.j2, you can only configure things inside the a server block.
So that prevents more advanced configurations like the below.

map $http_x_forwarded_proto $fastcgi_https {
    default $https;
    https on;
}

server {
   listen 8080;
   listen [::]:8080;

   server_name "{{ server_name }}";
   access_log /var/log/nginx/{{ site_name }}-access.log;
   error_log /var/log/nginx/{{ site_name }}-error.log;
   include {{ doc_root }}/nginx.conf;
   set $MAGE_ROOT "{{ doc_root }}";
}

upstream fastcgi_backend {
   server unix:/var/run/php/php7.0-fpm.sock;
}

server {
    listen 443;
    listen [::]:443;
    ssl on;

    ssl_certificate {{ ssl_certificate }};
    ssl_certificate_key {{ ssl_key }};
    ssl_protocols        TLSv1.1 TLSv1.2;

    # Other ssl_* server context directives...
    access_log /var/log/nginx/ssl-{{ site_name }}-access.log;
    error_log /var/log/nginx/ssl-{{ site_name }}-error.log;

    # Proxy
    location / {
        proxy_pass http://127.0.0.1:80;
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header X-Forwarded-Port 443;
        proxy_set_header Host $host;
    }
}

Answer 1 · 2016-11-09T10:22:18.000Z

You have to the variable "nginx_configs", like that:

nginx_configs:
         default_https:
            - map $http_x_forwarded_proto $fastcgi_https {
                 default $https;
                  https on;
              }
         php_upstream:
            - upstream fastcgi_backend {
                   server unix:/var/run/php/php7.0-fpm.sock;
              }

It's what you want to do ?

Answer 2 · 2016-11-10T03:31:59.000Z

By the way, what about configs outside http block? E.g. including dynamic modules. We can't do this now. So we need a static config line include /etc/nginx/modules-enabled/*.conf; or a possibility to add custom configs outside http config block

Answer 3 · 2016-11-10T09:03:43.000Z

You can use ansible templating for that.
You have an example here:
https://github.com/jdauphant/ansible-role-nginx/releases/tag/v1.2

It's a recurring question, if someone have time to improve the doc, a PR will be more than welcome.

Answer 4 · 2016-11-10T09:50:34.000Z

No, I can't. Actually, my problem not linked with this issue
I talk about configuration at main context (on the same level with user, worker_processes, pid, etc). I make a PR with solving this problem #132

Answer 5 · 2016-11-10T10:00:15.000Z

@realmyst Ok, my mistake.

@surfer190 Have you solved your issue ?

Answer 6 · 2016-11-10T11:52:47.000Z

@jdauphant Yes, that will work for a dedicated single site server. But may be an issue if you host multiple sites and want per site configs. Nonetheless, I am happy, thanks.