Felix Stupp
|
12e47c19c9
|
all/vars: Added var global_log_directory
Added usage in role nginx/application
|
5 years ago |
Felix Stupp
|
08a37c6dab
|
nginx/application: Configure dhparams for SSL
|
5 years ago |
Felix Stupp
|
debbcb1a1b
|
nginx: Moved dot-file-exclution from global snippet to root snippet
Only file based servers may require this directive,
other servers are not expected to leak hidden files other than on purpose
|
5 years ago |
Felix Stupp
|
cca87f6425
|
nginx/php: Changed global include to root include
root snippet is there for file based servers, including php
|
5 years ago |
Felix Stupp
|
f2c92e94e2
|
nginx: Moved index directive from root snippet to specific static role
|
5 years ago |
Felix Stupp
|
dd48448828
|
nginx/php: Removed debian-specific index file from config
|
5 years ago |
Felix Stupp
|
58955871ad
|
nginx/application: Removed specfic exclusion of htaccess files
Because dot files are already blocked in general
|
5 years ago |
Felix Stupp
|
0043d6255a
|
nginx/application global.conf: Added comment to excluding hidden files
|
5 years ago |
Felix Stupp
|
274f658016
|
nginx/php-pool: Fixed permissions for other
|
5 years ago |
Felix Stupp
|
2dcfd1b09e
|
nginx: Added full paths to includes of snippets / fastcgi_params
To allow Ansible to validate the main config if placed on different
locations
|
5 years ago |
Felix Stupp
|
8ebe8aecfb
|
nginx/application: Hide server tokens per default
|
5 years ago |
Felix Stupp
|
e2b7778c8b
|
nginx/application: Changed Referrer-Policy to strict-origin
For better enforcing of secure handling of referrer information
|
5 years ago |
Felix Stupp
|
1855deb351
|
nginx/server: Documentated required variables
|
5 years ago |
Felix Stupp
|
8b75c49917
|
nginx/proxy: Made dependent on nginx/server and allowed additional directives
|
5 years ago |
Felix Stupp
|
fb0c1f0901
|
Changed "ansible_fqdn" to "inventory_hostname"
Due to some hosts misconfigure fqdn themselves
|
5 years ago |
Felix Stupp
|
9c63c8516b
|
nginx/application: Disabled SSL Session Tickets
|
5 years ago |
Felix Stupp
|
409ea327f0
|
nginx/application: Increased ssl_cache timeout
|
5 years ago |
Felix Stupp
|
b9f060a0ce
|
nginx/php-fpm: Added installation of apcu cache
|
5 years ago |
Felix Stupp
|
7df2668208
|
nginx/php-fpm: Increased size of opcache memory consumption to 256
|
5 years ago |
Felix Stupp
|
206c940d16
|
nginx/php-pool: Tuned up childs at php
|
5 years ago |
Felix Stupp
|
fc897ea3b9
|
nginx/application: Fixed configuring resolver for OCSP Stapling
|
5 years ago |
Felix Stupp
|
03884cbf3e
|
nginx/server: Allowed duplicates of role
|
5 years ago |
Felix Stupp
|
edf455bf66
|
nginx/application: Allowed dot files uploads by Nextcloud
|
5 years ago |
Felix Stupp
|
c21ee11c66
|
nginx/application: Blocked all hidden directories except well-known
|
5 years ago |
Felix Stupp
|
502606b1e3
|
nginx/application: Set type to text for test file
|
5 years ago |
Felix Stupp
|
57e422b478
|
nginx/application: Disabled access_log on acme requests
|
5 years ago |
Felix Stupp
|
8e28bcb0ec
|
Added role nginx/php
|
5 years ago |
Felix Stupp
|
72e7857570
|
nginx/php-pool: Locked reading of php-pool configurations
|
5 years ago |
Felix Stupp
|
3414e3fd85
|
nginx/php-pool: Changed group of src directory to nginx user
|
5 years ago |
Felix Stupp
|
4f1fdf72c7
|
nginx/php-pool: Added support for env variables
|
5 years ago |
Felix Stupp
|
133d82e0bb
|
nginx/proxy: Added doc for var upstream_name
|
5 years ago |
Felix Stupp
|
bcfd4cb010
|
Fixed missing mode setting for others
To disallow access from others than user and group
|
5 years ago |
Felix Stupp
|
a3fde6aa3c
|
acme: Moved certificate handling to custom system user
Avoided using root for acme.sh
Modified also role nginx/application
|
5 years ago |
Felix Stupp
|
002ecc28b0
|
nginx/php-pool: Removed not needed system user configuration
|
5 years ago |
Felix Stupp
|
5486d06226
|
nginx/php-fpm: Fixed removing default php-fpm pool
|
5 years ago |
Felix Stupp
|
964099cfdb
|
nginx/php-fpm: Added configuration for php opcache
|
5 years ago |
Felix Stupp
|
852dbdb143
|
php-pool: Added domain to required variables (doc-only)
|
5 years ago |
Felix Stupp
|
029fba1983
|
nginx/php-pool: Added support for custom memory_limit
|
5 years ago |
Felix Stupp
|
a0000e3c7f
|
nginx/php*: Fixed handler names for controlling php-fpm service
|
5 years ago |
Felix Stupp
|
ce90f3dadf
|
nginx/php-fpm: Fixed getting php-fpm for newer versions of Debian
|
5 years ago |
Felix Stupp
|
9ba13c5d73
|
nginx/application: Enabled OCSP Stapling
|
5 years ago |
Felix Stupp
|
22f14189c2
|
nginx/application: Enabled TLSv1.3 and reworked ciphers
|
5 years ago |
Felix Stupp
|
ce1f2fb132
|
nginx/application: Increased time for HSTS
|
5 years ago |
Felix Stupp
|
5bed7d067a
|
nginx/application: Added localhost as resolver for nginx
|
5 years ago |
Felix Stupp
|
d9eb74649f
|
nginx/application: Fixed missing notify for templates
|
5 years ago |
Felix Stupp
|
0bec0a9630
|
Added role nginx/server
|
5 years ago |
Felix Stupp
|
3f19422c0c
|
Added role nginx/php-pool
|
5 years ago |
Felix Stupp
|
692b9bf74b
|
Added role nginx/php-fpm
For php-fpm setup
|
5 years ago |
Felix Stupp
|
f85d1a4477
|
roles/nginx/forward: nginx configuration "redirect" -> "return"
|
6 years ago |
Felix Stupp
|
d938fdfb39
|
roles/nginx/forward: Fixed name of configuration template
|
6 years ago |