diff options
| author | Thedro Neely <thedroneely@gmail.com> | 2020-01-18 05:20:07 -0500 |
|---|---|---|
| committer | Thedro Neely <thedroneely@gmail.com> | 2020-01-18 05:20:07 -0500 |
| commit | 61630673d7266085b7557143d762fe50cf151590 (patch) | |
| tree | f106c45246c2193d223a4e2072350e8e91a0255a | |
| parent | 41bea271314570033fab1a89e94f1ab4f158df13 (diff) | |
| download | playbooks-61630673d7266085b7557143d762fe50cf151590.tar.gz playbooks-61630673d7266085b7557143d762fe50cf151590.tar.bz2 playbooks-61630673d7266085b7557143d762fe50cf151590.zip | |
roles/nginx/files: Add config files
| -rw-r--r-- | roles/nginx/files/default.conf | 13 | ||||
| -rw-r--r-- | roles/nginx/files/mime.types | 912 | ||||
| -rw-r--r-- | roles/nginx/files/nginx.conf | 51 | ||||
| -rw-r--r-- | roles/nginx/files/nginx.init.d | 71 | ||||
| -rw-r--r-- | roles/nginx/files/nginx.logrotate | 7 |
5 files changed, 1054 insertions, 0 deletions
diff --git a/roles/nginx/files/default.conf b/roles/nginx/files/default.conf new file mode 100644 index 0000000..8a9967e --- /dev/null +++ b/roles/nginx/files/default.conf @@ -0,0 +1,13 @@ +server { + listen 80 default_server; + listen [::]:80 default_server; + + listen 443 ssl http2 default_server; + listen [::]:443 ssl http2 default_server; + + ssl_stapling off; + ssl_certificate /etc/nginx/nginx.crt; + ssl_certificate_key /etc/nginx/nginx.key; + + return 444; +} diff --git a/roles/nginx/files/mime.types b/roles/nginx/files/mime.types new file mode 100644 index 0000000..8e13f93 --- /dev/null +++ b/roles/nginx/files/mime.types @@ -0,0 +1,912 @@ +types { +application/A2L a2l; +application/AML aml; +application/andrew-inset ez; +application/ATF atf; +application/ATFX atfx; +application/ATXML atxml; +application/atom+xml atom; +application/atomcat+xml atomcat; +application/atomdeleted+xml atomdeleted; +application/atomsvc+xml atomsvc; +application/auth-policy+xml apxml; +application/bacnet-xdd+zip xdd; +application/calendar+xml xcs; +application/cbor cbor; +application/cccex c3ex; +application/ccmp+xml ccmp; +application/ccxml+xml ccxml; +application/CDFX+XML cdfx; +application/cdmi-capability cdmia; +application/cdmi-container cdmic; +application/cdmi-domain cdmid; +application/cdmi-object cdmio; +application/cdmi-queue cdmiq; +application/CEA cea; +application/cellml+xml cellml cml; +application/clue_info+xml clue; +application/cms cmsc; +application/cpl+xml cpl; +application/csrattrs csrattrs; +application/dash+xml mpd; +application/dashdelta mpdd; +application/davmount+xml davmount; +application/DCD dcd; +application/dicom dcm; +application/DII dii; +application/DIT dit; +application/dskpp+xml xmls; +application/dssc+der dssc; +application/dssc+xml xdssc; +application/dvcs dvc; +application/ecmascript es; +application/efi efi; +application/emma+xml emma; +application/emotionml+xml emotionml; +application/epub+zip epub; +application/exi exi; +application/fastinfoset finf; +application/fdt+xml fdt; +application/font-tdpfr pfr; +application/geo+json geojson; +application/gml+xml gml; +application/gzip gz tgz; +application/hyperstudio stk; +application/inkml+xml ink inkml; +application/ipfix ipfix; +application/its+xml its; +application/javascript js; +application/jrd+json jrd; +application/json json; +application/json-patch+json json-patch; +application/ld+json jsonld; +application/lgr+xml lgr; +application/link-format wlnk; +application/lost+xml lostxml; +application/lostsync+xml lostsyncxml; +application/LXF lxf; +application/mac-binhex40 hqx; +application/mads+xml mads; +application/marc mrc; +application/marcxml+xml mrcx; +application/mathematica nb ma mb; +application/mathml+xml mml; +application/mbox mbox; +application/metalink4+xml meta4; +application/mets+xml mets; +application/MF4 mf4; +application/mmt-usd+xml musd; +application/mods+xml mods; +application/mp21 m21 mp21; +application/msword doc; +application/mxf mxf; +application/n-quads nq; +application/n-triples nt; +application/ocsp-request orq; +application/ocsp-response ors; +application/octet-stream bin lha lzh exe class so dll img iso; +application/oda oda; +application/ODX odx; +application/oebps-package+xml opf; +application/ogg ogx; +application/oxps oxps; +application/p2p-overlay+xml relo; +application/pdf pdf; +application/PDX pdx; +application/pgp-encrypted pgp; +application/pgp-signature sig; +application/pkcs10 p10; +application/pkcs12 p12 pfx; +application/pkcs7-mime p7m p7c; +application/pkcs7-signature p7s; +application/pkcs8 p8; +application/pkix-cert cer; +application/pkix-crl crl; +application/pkix-pkipath pkipath; +application/pkixcmp pki; +application/pls+xml pls; +application/postscript ps eps ai; +application/provenance+xml provx; +application/prs.cww cw cww; +application/prs.hpub+zip hpub; +application/prs.nprend rnd rct; +application/prs.rdf-xml-crypt rdf-crypt; +application/prs.xsf+xml xsf; +application/pskc+xml pskcxml; +application/rdf+xml rdf; +application/route-apd+xml rapd; +application/route-s-tsid+xml sls; +application/route-usd+xml rusd; +application/reginfo+xml rif; +application/relax-ng-compact-syntax rnc; +application/resource-lists-diff+xml rld; +application/resource-lists+xml rl; +application/rfc+xml rfcxml; +application/rls-services+xml rs; +application/rpki-ghostbusters gbr; +application/rpki-manifest mft; +application/rpki-roa roa; +application/rtf rtf; +application/scim+json scim; +application/scvp-cv-request scq; +application/scvp-cv-response scs; +application/scvp-vp-request spq; +application/scvp-vp-response spp; +application/sdp sdp; +application/sgml-open-catalog soc; +application/shf+xml shf; +application/sieve siv sieve; +application/simple-filter+xml cl; +application/smil+xml smil smi sml; +application/sparql-query rq; +application/sparql-results+xml srx; +application/sql sql; +application/srgs gram; +application/srgs+xml grxml; +application/sru+xml sru; +application/ssml+xml ssml; +application/tamp-apex-update tau; +application/tamp-apex-update-confirm auc; +application/tamp-community-update tcu; +application/tamp-community-update-confirm cuc; +application/tamp-error ter; +application/tamp-sequence-adjust tsa; +application/tamp-sequence-adjust-confirm sac; +application/tamp-update tur; +application/tamp-update-confirm tuc; +application/tei+xml tei teiCorpus odd; +application/thraud+xml tfi; +application/timestamp-query tsq; +application/timestamp-reply tsr; +application/timestamped-data tsd; +application/trig trig; +application/ttml+xml ttml; +application/urc-grpsheet+xml gsheet; +application/urc-ressheet+xml rsheet; +application/urc-targetdesc+xml td; +application/urc-uisocketdesc+xml uis; +application/vnd.1000minds.decision-model+xml 1km; +application/vnd.3gpp.pic-bw-large plb; +application/vnd.3gpp.pic-bw-small psb; +application/vnd.3gpp.pic-bw-var pvb; +application/vnd.3gpp2.sms sms; +application/vnd.3gpp2.tcap tcap; +application/vnd.3lightssoftware.imagescal imgcal; +application/vnd.3M.Post-it-Notes pwn; +application/vnd.accpac.simply.aso aso; +application/vnd.accpac.simply.imp imp; +application/vnd.acucobol acu; +application/vnd.acucorp atc acutc; +application/vnd.adobe.flash.movie swf; +application/vnd.adobe.formscentral.fcdt fcdt; +application/vnd.adobe.fxp fxp fxpl; +application/vnd.adobe.xdp+xml xdp; +application/vnd.adobe.xfdf xfdf; +application/vnd.ahead.space ahead; +application/vnd.airzip.filesecure.azf azf; +application/vnd.airzip.filesecure.azs azs; +application/vnd.amazon.mobi8-ebook azw3; +application/vnd.americandynamics.acc acc; +application/vnd.amiga.ami ami; +application/vnd.anki apkg; +application/vnd.anser-web-certificate-issue-initiation cii; +application/vnd.anser-web-funds-transfer-initiation fti; +application/vnd.apple.installer+xml dist distz pkg mpkg; +application/vnd.apple.mpegurl m3u8; +application/vnd.aristanetworks.swi swi; +application/vnd.astraea-software.iota iota; +application/vnd.audiograph aep; +application/vnd.autopackage package; +application/vnd.balsamiq.bmml+xml bmml; +application/vnd.balsamiq.bmpr bmpr; +application/vnd.blueice.multipass mpm; +application/vnd.bluetooth.ep.oob ep; +application/vnd.bluetooth.le.oob le; +application/vnd.bmi bmi; +application/vnd.businessobjects rep; +application/vnd.cendio.thinlinc.clientconf tlclient; +application/vnd.chemdraw+xml cdxml; +application/vnd.chess-pgn pgn; +application/vnd.chipnuts.karaoke-mmd mmd; +application/vnd.cinderella cdy; +application/vnd.citationstyles.style+xml csl; +application/vnd.claymore cla; +application/vnd.cloanto.rp9 rp9; +application/vnd.clonk.c4group c4g c4d c4f c4p c4u; +application/vnd.cluetrust.cartomobile-config c11amc; +application/vnd.cluetrust.cartomobile-config-pkg c11amz; +application/vnd.coffeescript coffee; +application/vnd.comicbook+zip cbz; +application/vnd.commerce-battelle ica icf icd ic0 ic1 ic2 ic3 ic4 ic5 ic6 ic7 ic8; +application/vnd.commonspace csp cst; +application/vnd.contact.cmsg cdbcmsg; +application/vnd.coreos.ignition+json ign ignition; +application/vnd.cosmocaller cmc; +application/vnd.crick.clicker clkx; +application/vnd.crick.clicker.keyboard clkk; +application/vnd.crick.clicker.palette clkp; +application/vnd.crick.clicker.template clkt; +application/vnd.crick.clicker.wordbank clkw; +application/vnd.criticaltools.wbs+xml wbs; +application/vnd.ctc-posml pml; +application/vnd.cups-ppd ppd; +application/vnd.curl curl; +application/vnd.dart dart; +application/vnd.data-vision.rdz rdz; +application/vnd.debian.binary-package deb udeb; +application/vnd.dece.data uvf uvvf uvd uvvd; +application/vnd.dece.ttml+xml uvt uvvt; +application/vnd.dece.unspecified uvx uvvx; +application/vnd.dece.zip uvz uvvz; +application/vnd.denovo.fcselayout-link fe_launch; +application/vnd.desmume.movie dsm; +application/vnd.dna dna; +application/vnd.document+json docjson; +application/vnd.doremir.scorecloud-binary-document scld; +application/vnd.dpgraph dpg mwc dpgraph; +application/vnd.dreamfactory dfac; +application/vnd.dtg.local.flash fla; +application/vnd.dvb.ait ait; +application/vnd.dvb.service svc; +application/vnd.dynageo geo; +application/vnd.dzr dzr; +application/vnd.ecowin.chart mag; +application/vnd.enliven nml; +application/vnd.epson.esf esf; +application/vnd.epson.msf msf; +application/vnd.epson.quickanime qam; +application/vnd.epson.salt slt; +application/vnd.epson.ssf ssf; +application/vnd.ericsson.quickcall qcall qca; +application/vnd.espass-espass+zip espass; +application/vnd.eszigno3+xml es3 et3; +application/vnd.etsi.asic-e+zip asice sce; +application/vnd.etsi.asic-s+zip asics; +application/vnd.etsi.timestamp-token tst; +application/vnd.evolv.ecig.profile ecigprofile; +application/vnd.evolv.ecig.settings ecig; +application/vnd.evolv.ecig.theme ecigtheme; +application/vnd.ezpix-album ez2; +application/vnd.ezpix-package ez3; +application/vnd.fastcopy-disk-image dim; +application/vnd.fdf fdf; +application/vnd.fdsn.mseed msd mseed; +application/vnd.fdsn.seed seed dataless; +application/vnd.filmit.zfc zfc; +application/vnd.FloGraphIt gph; +application/vnd.fluxtime.clip ftc; +application/vnd.font-fontforge-sfd sfd; +application/vnd.framemaker fm; +application/vnd.frogans.fnc fnc; +application/vnd.frogans.ltf ltf; +application/vnd.fsc.weblaunch fsc; +application/vnd.fujitsu.oasys oas; +application/vnd.fujitsu.oasys2 oa2; +application/vnd.fujitsu.oasys3 oa3; +application/vnd.fujitsu.oasysgp fg5; +application/vnd.fujitsu.oasysprs bh2; +application/vnd.fujixerox.ddd ddd; +application/vnd.fujixerox.docuworks xdw; +application/vnd.fujixerox.docuworks.binder xbd; +application/vnd.fujixerox.docuworks.container xct; +application/vnd.fuzzysheet fzs; +application/vnd.genomatix.tuxedo txd; +application/vnd.geocube+xml g3 g�?; +application/vnd.geogebra.file ggb; +application/vnd.geogebra.tool ggt; +application/vnd.geometry-explorer gex gre; +application/vnd.geonext gxt; +application/vnd.geoplan g2w; +application/vnd.geospace g3w; +application/vnd.gmx gmx; +application/vnd.google-earth.kml+xml kml; +application/vnd.google-earth.kmz kmz; +application/vnd.grafeq gqf gqs; +application/vnd.groove-account gac; +application/vnd.groove-help ghf; +application/vnd.groove-identity-message gim; +application/vnd.groove-injector grv; +application/vnd.groove-tool-message gtm; +application/vnd.groove-tool-template tpl; +application/vnd.groove-vcard vcg; +application/vnd.hal+xml hal; +application/vnd.HandHeld-Entertainment+xml zmm; +application/vnd.hbci hbci hbc kom upa pkd bpd; +application/vnd.hdt hdt; +application/vnd.hhe.lesson-player les; +application/vnd.hp-HPGL hpgl; +application/vnd.hp-hpid hpi hpid; +application/vnd.hp-hps hps; +application/vnd.hp-jlyt jlt; +application/vnd.hp-PCL pcl; +application/vnd.hydrostatix.sof-data sfd-hdstx; +application/vnd.hzn-3d-crossword x3d; +application/vnd.ibm.electronic-media emm; +application/vnd.ibm.MiniPay mpy; +application/vnd.ibm.modcap list3820 listafp afp pseg3820; +application/vnd.ibm.rights-management irm; +application/vnd.ibm.secure-container sc; +application/vnd.iccprofile icc icm; +application/vnd.ieee.1905 1905.1; +application/vnd.igloader igl; +application/vnd.imagemeter.folder+zip imf; +application/vnd.imagemeter.image+zip imi; +application/vnd.immervision-ivp ivp; +application/vnd.immervision-ivu ivu; +application/vnd.ims.imsccv1p1 imscc; +application/vnd.insors.igm igm; +application/vnd.intercon.formnet xpw xpx; +application/vnd.intergeo i2g; +application/vnd.intu.qbo qbo; +application/vnd.intu.qfx qfx; +application/vnd.ipunplugged.rcprofile rcprofile; +application/vnd.irepository.package+xml irp; +application/vnd.is-xpr xpr; +application/vnd.isac.fcs fcs; +application/vnd.jam jam; +application/vnd.jcp.javame.midlet-rms rms; +application/vnd.jisp jisp; +application/vnd.joost.joda-archive joda; +application/vnd.kahootz ktz ktr; +application/vnd.kde.karbon karbon; +application/vnd.kde.kchart chrt; +application/vnd.kde.kformula kfo; +application/vnd.kde.kivio flw; +application/vnd.kde.kontour kon; +application/vnd.kde.kpresenter kpr kpt; +application/vnd.kde.kspread ksp; +application/vnd.kde.kword kwd kwt; +application/vnd.kenameaapp htke; +application/vnd.kidspiration kia; +application/vnd.Kinar kne knp sdf; +application/vnd.koan skp skd skm skt; +application/vnd.kodak-descriptor sse; +application/vnd.las.las+json lasjson; +application/vnd.las.las+xml lasxml; +application/vnd.llamagraphics.life-balance.desktop lbd; +application/vnd.llamagraphics.life-balance.exchange+xml lbe; +application/vnd.lotus-1-2-3 123 wk4 wk3 wk1; +application/vnd.lotus-approach apr vew; +application/vnd.lotus-freelance prz pre; +application/vnd.lotus-notes nsf ntf ndl ns4 ns3 ns2 nsh nsg; +application/vnd.lotus-organizer or3 or2 org; +application/vnd.lotus-screencam scm; +application/vnd.lotus-wordpro lwp sam; +application/vnd.macports.portpkg portpkg; +application/vnd.mapbox-vector-tile mvt; +application/vnd.marlin.drm.mdcf mdc; +application/vnd.maxmind.maxmind-db mmdb; +application/vnd.mcd mcd; +application/vnd.medcalcdata mc1; +application/vnd.mediastation.cdkey cdkey; +application/vnd.MFER mwf; +application/vnd.mfmp mfm; +application/vnd.micrografx.flo flo; +application/vnd.micrografx.igx igx; +application/vnd.mif mif; +application/vnd.Mobius.DAF daf; +application/vnd.Mobius.DIS dis; +application/vnd.Mobius.MBK mbk; +application/vnd.Mobius.MQY mqy; +application/vnd.Mobius.MSL msl; +application/vnd.Mobius.PLC plc; +application/vnd.Mobius.TXF txf; +application/vnd.mophun.application mpn; +application/vnd.mophun.certificate mpc; +application/vnd.mozilla.xul+xml xul; +application/vnd.ms-3mfdocument 3mf; +application/vnd.ms-artgalry cil; +application/vnd.ms-asf asf; +application/vnd.ms-cab-compressed cab; +application/vnd.ms-excel xls xlm xla xlc xlt xlw; +application/vnd.ms-excel.template.macroEnabled.12 xltm; +application/vnd.ms-excel.addin.macroEnabled.12 xlam; +application/vnd.ms-excel.sheet.binary.macroEnabled.12 xlsb; +application/vnd.ms-excel.sheet.macroEnabled.12 xlsm; +application/vnd.ms-fontobject eot; +application/vnd.ms-htmlhelp chm; +application/vnd.ms-ims ims; +application/vnd.ms-lrm lrm; +application/vnd.ms-officetheme thmx; +application/vnd.ms-powerpoint ppt pps pot; +application/vnd.ms-powerpoint.addin.macroEnabled.12 ppam; +application/vnd.ms-powerpoint.presentation.macroEnabled.12 pptm; +application/vnd.ms-powerpoint.slide.macroEnabled.12 sldm; +application/vnd.ms-powerpoint.slideshow.macroEnabled.12 ppsm; +application/vnd.ms-powerpoint.template.macroEnabled.12 potm; +application/vnd.ms-project mpp mpt; +application/vnd.ms-tnef tnef tnf; +application/vnd.ms-word.document.macroEnabled.12 docm; +application/vnd.ms-word.template.macroEnabled.12 dotm; +application/vnd.ms-works wcm wdb wks wps; +application/vnd.ms-wpl wpl; +application/vnd.ms-xpsdocument xps; +application/vnd.msa-disk-image msa; +application/vnd.mseq mseq; +application/vnd.multiad.creator crtr; +application/vnd.multiad.creator.cif cif; +application/vnd.musician mus; +application/vnd.muvee.style msty; +application/vnd.mynfc taglet; +application/vnd.nervana entity request bkm kcm; +application/vnd.nitf nitf; +application/vnd.neurolanguage.nlu nlu; +application/vnd.nintendo.nitro.rom nds; +application/vnd.nintendo.snes.rom sfc smc; +application/vnd.noblenet-directory nnd; +application/vnd.noblenet-sealer nns; +application/vnd.noblenet-web nnw; +application/vnd.nokia.n-gage.ac+xml ac; +application/vnd.nokia.n-gage.data ngdat; +application/vnd.nokia.n-gage.symbian.install n-gage; +application/vnd.nokia.radio-preset rpst; +application/vnd.nokia.radio-presets rpss; +application/vnd.novadigm.EDM edm; +application/vnd.novadigm.EDX edx; +application/vnd.novadigm.EXT ext; +application/vnd.oasis.opendocument.chart odc; +application/vnd.oasis.opendocument.chart-template otc; +application/vnd.oasis.opendocument.database odb; +application/vnd.oasis.opendocument.formula odf; +application/vnd.oasis.opendocument.graphics odg; +application/vnd.oasis.opendocument.graphics-template otg; +application/vnd.oasis.opendocument.image odi; +application/vnd.oasis.opendocument.image-template oti; +application/vnd.oasis.opendocument.presentation odp; +application/vnd.oasis.opendocument.presentation-template otp; +application/vnd.oasis.opendocument.spreadsheet ods; +application/vnd.oasis.opendocument.spreadsheet-template ots; +application/vnd.oasis.opendocument.text odt; +application/vnd.oasis.opendocument.text-master odm; +application/vnd.oasis.opendocument.text-template ott; +application/vnd.oasis.opendocument.text-web oth; +application/vnd.olpc-sugar xo; +application/vnd.oma.dd2+xml dd2; +application/vnd.onepager tam; +application/vnd.onepagertamp tamp; +application/vnd.onepagertamx tamx; +application/vnd.onepagertat tat; +application/vnd.onepagertatp tatp; +application/vnd.onepagertatx tatx; +application/vnd.openblox.game+xml obgx; +application/vnd.openblox.game-binary obg; +application/vnd.openeye.oeb oeb; +application/vnd.openofficeorg.extension oxt; +application/vnd.openstreetmap.data+xml osm; +application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; +application/vnd.openxmlformats-officedocument.presentationml.slide sldx; +application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx; +application/vnd.openxmlformats-officedocument.presentationml.template potx; +application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; +application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx; +application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; +application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx; +application/vnd.osa.netdeploy ndc; +application/vnd.osgeo.mapguide.package mgp; +application/vnd.osgi.dp dp; +application/vnd.osgi.subsystem esa; +application/vnd.oxli.countgraph oxlicg; +application/vnd.palm prc pdb pqa oprc; +application/vnd.panoply plp; +application/vnd.pawaafile paw; +application/vnd.pg.format str; +application/vnd.pg.osasli ei6; +application/vnd.piaccess.application-license pil; +application/vnd.picsel efif; +application/vnd.pmi.widget wg; +application/vnd.pocketlearn plf; +application/vnd.powerbuilder6 pbd; +application/vnd.preminet preminet; +application/vnd.previewsystems.box box vbox; +application/vnd.proteus.magazine mgz; +application/vnd.publishare-delta-tree qps; +application/vnd.pvi.ptid1 ptid; +application/vnd.qualcomm.brew-app-res bar; +application/vnd.Quark.QuarkXPress qxd qxt qwd qwt qxl qxb; +application/vnd.quobject-quoxdocument quox quiz; +application/vnd.rainstor.data tree; +application/vnd.rar rar; +application/vnd.realvnc.bed bed; +application/vnd.recordare.musicxml mxl; +application/vnd.rig.cryptonote cryptonote; +application/vnd.route66.link66+xml link66; +application/vnd.sailingtracker.track st; +application/vnd.scribus scd sla slaz; +application/vnd.sealed.3df s3df; +application/vnd.sealed.csf scsf; +application/vnd.sealed.doc sdoc sdo s1w; +application/vnd.sealed.eml seml sem; +application/vnd.sealed.mht smht smh; +application/vnd.sealed.ppt sppt s1p; +application/vnd.sealed.tiff stif; +application/vnd.sealed.xls sxls sxl s1e; +application/vnd.sealedmedia.softseal.html stml s1h; +application/vnd.sealedmedia.softseal.pdf spdf spd s1a; +application/vnd.seemail see; +application/vnd.sema sema; +application/vnd.semd semd; +application/vnd.semf semf; +application/vnd.shana.informed.formdata ifm; +application/vnd.shana.informed.formtemplate itp; +application/vnd.shana.informed.interchange iif; +application/vnd.shana.informed.package ipk; +application/vnd.sigrok.session sr; +application/vnd.SimTech-MindMapper twd twds; +application/vnd.smaf mmf; +application/vnd.smart.notebook notebook; +application/vnd.smart.teacher teacher; +application/vnd.software602.filler.form+xml fo; +application/vnd.software602.filler.form-xml-zip zfo; +application/vnd.solent.sdkm+xml sdkm sdkd; +application/vnd.spotfire.dxp dxp; +application/vnd.spotfire.sfs sfs; +application/vnd.stepmania.package smzip; +application/vnd.stepmania.stepchart sm; +application/vnd.sun.wadl+xml wadl; +application/vnd.sus-calendar sus susp; +application/vnd.syncml+xml xsm; +application/vnd.syncml.dm+wbxml bdm; +application/vnd.syncml.dm+xml xdm; +application/vnd.syncml.dmddf+xml ddf; +application/vnd.tao.intent-module-archive tao; +application/vnd.tcpdump.pcap pcap cap dmp; +application/vnd.theqvd qvd; +application/vnd.tml vfr viaframe; +application/vnd.tmobile-livetv tmo; +application/vnd.trid.tpt tpt; +application/vnd.triscape.mxs mxs; +application/vnd.trueapp tra; +application/vnd.ufdl ufdl ufd frm; +application/vnd.uiq.theme utz; +application/vnd.umajin umj; +application/vnd.unity unityweb; +application/vnd.uoml+xml uoml uo; +application/vnd.uri-map urim urimap; +application/vnd.valve.source.material vmt; +application/vnd.vcx vcx; +application/vnd.vd-study mxi study-inter model-inter; +application/vnd.vectorworks vwx; +application/vnd.vidsoft.vidconference vsc; +application/vnd.visio vsd vst vsw vss; +application/vnd.visionary vis; +application/vnd.vsf vsf; +application/vnd.wap.sic sic; +application/vnd.wap.slc slc; +application/vnd.wap.wbxml wbxml; +application/vnd.wap.wmlc wmlc; +application/vnd.wap.wmlscriptc wmlsc; +application/vnd.webturbo wtb; +application/vnd.wfa.p2p p2p; +application/vnd.wfa.wsc wsc; +application/vnd.wmc wmc; +application/vnd.wolfram.mathematica.package m; +application/vnd.wolfram.player nbp; +application/vnd.wordperfect wpd; +application/vnd.wqd wqd; +application/vnd.wt.stf stf; +application/vnd.wv.csp+wbxml wv; +application/vnd.xara xar; +application/vnd.xfdl xfdl xfd; +application/vnd.xmpie.cpkg cpkg; +application/vnd.xmpie.dpkg dpkg; +application/vnd.xmpie.ppkg ppkg; +application/vnd.xmpie.xlim xlim; +application/vnd.yamaha.hv-dic hvd; +application/vnd.yamaha.hv-script hvs; +application/vnd.yamaha.hv-voice hvp; +application/vnd.yamaha.openscoreformat osf; +application/vnd.yamaha.smaf-audio saf; +application/vnd.yamaha.smaf-phrase spf; +application/vnd.yaoweme yme; +application/vnd.yellowriver-custom-menu cmp; +application/vnd.zul zir zirz; +application/vnd.zzazz.deck+xml zaz; +application/voicexml+xml vxml; +application/watcherinfo+xml wif; +application/widget wgt; +application/wsdl+xml wsdl; +application/wspolicy+xml wspolicy; +application/xcap-att+xml xav; +application/xcap-caps+xml xca; +application/xcap-diff+xml xdf; +application/xcap-el+xml xel; +application/xcap-error+xml xer; +application/xcap-ns+xml xns; +application/xhtml+xml xhtml xhtm xht; +application/xml-dtd dtd; +application/xop+xml xop; +application/xslt+xml xsl xslt; +application/xv+xml mxml xhvml xvml xvm; +application/yang yang; +application/yin+xml yin; +application/zip zip; +audio/32kadpcm 726; +audio/ac3 ac3; +audio/AMR amr; +audio/AMR-WB awb; +audio/asc acn; +audio/ATRAC-ADVANCED-LOSSLESS aal; +audio/ATRAC-X atx; +audio/ATRAC3 at3 aa3 omg; +audio/basic au snd; +audio/dls dls; +audio/EVRC evc; +audio/EVRCB evb; +audio/EVRCNW enw; +audio/EVRCWB evw; +audio/iLBC lbc; +audio/L16 l16; +audio/mobile-xmf mxmf; +audio/mp4 m4a; +audio/mpeg mp3 mpga mp1 mp2; +audio/ogg oga ogg opus spx; +audio/prs.sid sid psid; +audio/qcelp qcp; +audio/SMV smv; +audio/vnd.audikoz koz; +audio/vnd.dece.audio uva uvva; +audio/vnd.digital-winds eol; +audio/vnd.dolby.mlp mlp; +audio/vnd.dts dts; +audio/vnd.dts.hd dtshd; +audio/vnd.everad.plj plj; +audio/vnd.lucent.voice lvp; +audio/vnd.ms-playready.media.pya pya; +audio/vnd.nortel.vbk vbk; +audio/vnd.nuera.ecelp4800 ecelp4800; +audio/vnd.nuera.ecelp7470 ecelp7470; +audio/vnd.nuera.ecelp9600 ecelp9600; +audio/vnd.presonus.multitrack multitrack; +audio/vnd.rip rip; +audio/vnd.sealedmedia.softseal.mpeg smp3 smp s1m; +font/collection ttc; +font/otf otf; +font/ttf ttf; +font/woff woff; +font/woff2 woff2; +image/bmp bmp dib; +image/cgm cgm; +image/dicom-rle drle; +image/emf emf; +image/fits fits fit fts; +image/gif gif; +image/ief ief; +image/jls jls; +image/jp2 jp2 jpg2; +image/jpeg jpg jpeg jpe jfif; +image/jpm jpm jpgm; +image/jpx jpx jpf; +image/ktx ktx; +image/png png; +image/prs.btif btif btf; +image/prs.pti pti; +image/svg+xml svg svgz; +image/t38 t38; +image/tiff tiff tif; +image/tiff-fx tfx; +image/vnd.adobe.photoshop psd; +image/vnd.airzip.accelerator.azv azv; +image/vnd.dece.graphic uvi uvvi uvg uvvg; +image/vnd.djvu djvu djv; +image/vnd.dwg dwg; +image/vnd.dxf dxf; +image/vnd.fastbidsheet fbs; +image/vnd.fpx fpx; +image/vnd.fst fst; +image/vnd.fujixerox.edmics-mmr mmr; +image/vnd.fujixerox.edmics-rlc rlc; +image/vnd.globalgraphics.pgb pgb; +image/vnd.microsoft.icon ico; +image/vnd.mozilla.apng apng; +image/vnd.ms-modi mdi; +image/vnd.radiance hdr rgbe xyze; +image/vnd.sealed.png spng spn s1n; +image/vnd.sealedmedia.softseal.gif sgif sgi s1g; +image/vnd.sealedmedia.softseal.jpg sjpg sjp s1j; +image/vnd.tencent.tap tap; +image/vnd.valve.source.texture vtf; +image/vnd.wap.wbmp wbmp; +image/vnd.xiff xif; +image/vnd.zbrush.pcx pcx; +image/wmf wmf; +message/global u8msg; +message/global-delivery-status u8dsn; +message/global-disposition-notification u8mdn; +message/global-headers u8hdr; +message/rfc822 eml mail art; +model/gltf+json gltf; +model/iges igs iges; +model/mesh msh mesh silo; +model/vnd.collada+xml dae; +model/vnd.dwf dwf; +model/vnd.gdl gdl gsm win dor lmp rsm msm ism; +model/vnd.gtw gtw; +model/vnd.moml+xml moml; +model/vnd.mts mts; +model/vnd.opengex ogex; +model/vnd.parasolid.transmit.binary x_b xmt_bin; +model/vnd.parasolid.transmit.text x_t xmt_txt; +model/vnd.valve.source.compiled-map bsp; +model/vnd.vtu vtu; +model/vrml wrl vrml; +model/x3d+xml x3db; +model/x3d-vrml x3dv x3dvz; +multipart/vnd.bint.med-plus bmed; +multipart/voice-message vpm; +text/cache-manifest appcache manifest; +text/calendar ics ifb; +text/css css; +text/csv csv; +text/csv-schema csvs; +text/dns soa zone; +text/html html htm; +text/jcr-cnd cnd; +text/markdown markdown md; +text/mizar miz; +text/n3 n3; +text/plain txt asc text pm el c h cc hh cxx hxx f90 conf log; +text/provenance-notation provn; +text/prs.fallenstein.rst rst; +text/prs.lines.tag tag dsc; +text/richtext rtx; +text/sgml sgml sgm; +text/tab-separated-values tsv; +text/troff t tr roff; +text/turtle ttl; +text/uri-list uris uri; +text/vcard vcf vcard; +text/vnd.a a; +text/vnd.abc abc; +text/vnd.ascii-art ascii; +text/vnd.debian.copyright copyright; +text/vnd.DMClientScript dms; +text/vnd.dvb.subtitle sub; +text/vnd.esmertec.theme-descriptor jtd; +text/vnd.fly fly; +text/vnd.fmi.flexstor flx; +text/vnd.graphviz gv dot; +text/vnd.in3d.3dml 3dml 3dm; +text/vnd.in3d.spot spot spo; +text/vnd.ms-mediapackage mpf; +text/vnd.net2phone.commcenter.command ccc; +text/vnd.si.uricatalogue uric; +text/vnd.sun.j2me.app-descriptor jad; +text/vnd.trolltech.linguist ts; +text/vnd.wap.si si; +text/vnd.wap.sl sl; +text/vnd.wap.wml wml; +text/vnd.wap.wmlscript wmls; +text/xml xml xsd rng; +text/xml-external-parsed-entity ent; +video/3gpp 3gp 3gpp; +video/3gpp2 3g2 3gpp2; +video/iso.segment m4s; +video/mj2 mj2 mjp2; +video/mp4 mp4 mpg4 m4v; +video/mpeg mpeg mpg mpe m1v m2v; +video/ogg ogv; +video/quicktime mov qt; +video/vnd.dece.hd uvh uvvh; +video/vnd.dece.mobile uvm uvvm; +video/vnd.dece.mp4 uvu uvvu; +video/vnd.dece.pd uvp uvvp; +video/vnd.dece.sd uvs uvvs; +video/vnd.dece.video uvv uvvv; +video/vnd.dvb.file dvb; +video/vnd.fvt fvt; +video/vnd.mpegurl mxu m4u; +video/vnd.ms-playready.media.pyv pyv; +video/vnd.nokia.interleaved-multimedia nim; +video/vnd.radgamettools.bink bik bk2; +video/vnd.radgamettools.smacker smk; +video/vnd.sealed.mpeg1 smpg s11; +video/vnd.sealed.mpeg4 s14; +video/vnd.sealed.swf sswf ssw; +video/vnd.sealedmedia.softseal.mov smov smo s1q; +video/vnd.vivo viv; +application/mac-compactpro cpt; +application/metalink+xml metalink; +application/owl+xml owx; +application/rss+xml rss; +application/vnd.android.package-archive apk; +application/vnd.oma.dd+xml dd; +application/vnd.oma.drm.content dcf; +application/vnd.oma.drm.dcf o4a o4v; +application/vnd.oma.drm.message dm; +application/vnd.oma.drm.rights+wbxml drc; +application/vnd.oma.drm.rights+xml dr; +application/vnd.sun.xml.calc sxc; +application/vnd.sun.xml.calc.template stc; +application/vnd.sun.xml.draw sxd; +application/vnd.sun.xml.draw.template std; +application/vnd.sun.xml.impress sxi; +application/vnd.sun.xml.impress.template sti; +application/vnd.sun.xml.math sxm; +application/vnd.sun.xml.writer sxw; +application/vnd.sun.xml.writer.global sxg; +application/vnd.sun.xml.writer.template stw; +application/vnd.symbian.install sis; +application/vnd.wap.mms-message mms; +application/x-annodex anx; +application/x-bcpio bcpio; +application/x-bittorrent torrent; +application/x-bzip2 bz2; +application/x-cdlink vcd; +application/x-chrome-extension crx; +application/x-cpio cpio; +application/x-csh csh; +application/x-director dcr dir dxr; +application/x-dvi dvi; +application/x-futuresplash spl; +application/x-gtar gtar; +application/x-hdf hdf; +application/x-java-archive jar; +application/x-java-jnlp-file jnlp; +application/x-java-pack200 pack; +application/x-killustrator kil; +application/x-latex latex; +application/x-netcdf nc cdf; +application/x-perl pl; +application/x-rpm rpm; +application/x-sh sh; +application/x-shar shar; +application/x-stuffit sit; +application/x-sv4cpio sv4cpio; +application/x-sv4crc sv4crc; +application/x-tar tar; +application/x-tcl tcl; +application/x-tex tex; +application/x-texinfo texinfo texi; +application/x-troff-man man 1 2 3 4 5 6 7 8; +application/x-troff-me me; +application/x-troff-ms ms; +application/x-ustar ustar; +application/x-wais-source src; +application/x-xpinstall xpi; +application/x-xspf+xml xspf; +application/x-xz xz; +audio/midi mid midi kar; +audio/x-aiff aif aiff aifc; +audio/x-annodex axa; +audio/x-flac flac; +audio/x-matroska mka; +audio/x-mod mod ult uni m15 mtm 669 med; +audio/x-mpegurl m3u; +audio/x-ms-wax wax; +audio/x-ms-wma wma; +audio/x-pn-realaudio ram rm; +audio/x-realaudio ra; +audio/x-s3m s3m; +audio/x-stm stm; +audio/x-wav wav; +chemical/x-xyz xyz; +image/webp webp; +image/x-cmu-raster ras; +image/x-portable-anymap pnm; +image/x-portable-bitmap pbm; +image/x-portable-graymap pgm; +image/x-portable-pixmap ppm; +image/x-rgb rgb; +image/x-targa tga; +image/x-xbitmap xbm; +image/x-xpixmap xpm; +image/x-xwindowdump xwd; +text/html-sandboxed sandboxed; +text/x-pod pod; +text/x-setext etx; +video/webm webm; +video/x-annodex axv; +video/x-flv flv; +video/x-javafx fxm; +video/x-matroska mkv; +video/x-matroska-3d mk3d; +video/x-ms-asf asx; +video/x-ms-wm wm; +video/x-ms-wmv wmv; +video/x-ms-wmx wmx; +video/x-ms-wvx wvx; +video/x-msvideo avi; +video/x-sgi-movie movie; +x-conference/x-cooltalk ice; +x-epoc/x-sisx-app sisx; +} diff --git a/roles/nginx/files/nginx.conf b/roles/nginx/files/nginx.conf new file mode 100644 index 0000000..15b378e --- /dev/null +++ b/roles/nginx/files/nginx.conf @@ -0,0 +1,51 @@ +# /etc/nginx.conf + +user nginx; +pid /run/nginx/nginx.pid; +worker_processes auto; +worker_rlimit_nofile 65535; + +events { + multi_accept on; + worker_connections 65535; +} + +http { + charset utf-8; + sendfile on; + tcp_nopush on; + tcp_nodelay on; + server_tokens off; + types_hash_max_size 3072; + client_max_body_size 16M; + + # mime + include mime.types; + default_type application/octet-stream; + + # logging + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log warn; + + # ssl session + ssl_session_timeout 1d; + ssl_session_cache shared:SSL:10m; + ssl_session_tickets off; + + # diffie hellman + ssl_dhparam /etc/nginx/dhparam.pem; + + # ssl ciphers + ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; + ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS:!3DES; + + # ocsp + ssl_stapling on; + ssl_stapling_verify on; + resolver 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220 valid=60s; + resolver_timeout 2s; + + # load configs + include /etc/nginx/default.d/*.conf; + include /etc/nginx/sites-enabled/*; +} diff --git a/roles/nginx/files/nginx.init.d b/roles/nginx/files/nginx.init.d new file mode 100644 index 0000000..976e59f --- /dev/null +++ b/roles/nginx/files/nginx.init.d @@ -0,0 +1,71 @@ +#!/sbin/openrc-run + +description="Nginx http and reverse proxy server" +extra_commands="checkconfig" +extra_started_commands="reload reopen upgrade" + +cfgfile=${cfgfile:-/etc/nginx/nginx.conf} +pidfile=/run/nginx/nginx.pid +command=${command:-/usr/sbin/nginx} +command_args="-c $cfgfile" +required_files="$cfgfile" + +depend() { + need net + use dns logger netmount +} + +start_pre() { + checkpath --directory --owner nginx:nginx ${pidfile%/*} + $command $command_args -t -q +} + +checkconfig() { + ebegin "Checking $RC_SVCNAME configuration" + start_pre + eend $? +} + +reload() { + ebegin "Reloading $RC_SVCNAME configuration" + start_pre && start-stop-daemon --signal HUP --pidfile $pidfile + eend $? +} + +reopen() { + ebegin "Reopening $RC_SVCNAME log files" + start-stop-daemon --signal USR1 --pidfile $pidfile + eend $? +} + +upgrade() { + start_pre || return 1 + + ebegin "Upgrading $RC_SVCNAME binary" + + einfo "Sending USR2 to old binary" + start-stop-daemon --signal USR2 --pidfile $pidfile + + einfo "Sleeping 3 seconds before pid-files checking" + sleep 3 + + if [ ! -f $pidfile.oldbin ]; then + eerror "File with old pid ($pidfile.oldbin) not found" + return 1 + fi + + if [ ! -f $pidfile ]; then + eerror "New binary failed to start" + return 1 + fi + + einfo "Sleeping 3 seconds before WINCH" + sleep 3 ; start-stop-daemon --signal 28 --pidfile $pidfile.oldbin + + einfo "Sending QUIT to old binary" + start-stop-daemon --signal QUIT --pidfile $pidfile.oldbin + + einfo "Upgrade completed" + + eend $? "Upgrade failed" +} diff --git a/roles/nginx/files/nginx.logrotate b/roles/nginx/files/nginx.logrotate new file mode 100644 index 0000000..2f8bba5 --- /dev/null +++ b/roles/nginx/files/nginx.logrotate @@ -0,0 +1,7 @@ +/var/log/nginx/*.log { + missingok + sharedscripts + postrotate + /etc/init.d/nginx --quiet --ifstarted reopen + endscript +} |