automation/ansible/roles/build/templates/wordpress/nginx.j2

56 lines
1.3 KiB
Django/Jinja

# Generated by ansible for site {{ item.url }}
# At {{ item.subnet_site_ip }} on {{ item.subnet_cidr_address }}
server {
listen 80;
listen [::]:80;
server_name {{ item.url }} www.{{ item.url }};
# Let's Encrypt
include snippets/letsencrypt.conf;
location / {
{% if item.redirect_to_www %}
return 301 https://www.{{ item.url }}$request_uri;
{% else %}
return 301 https://{{ item.url }}$request_uri;
{% endif %}
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name {{ item.url }} www.{{ item.url }};
access_log /var/log/nginx/{{ item.slug }}-access.log;
error_log /var/log/nginx/error.log;
{% if item.redirect_to_www %}
# Redirect non-www to www
if ($host = {{ item.url }}) {
rewrite ^ https://www.{{ item.url }}$request_uri permanent;
}
{% else %}
# Redirect www to non-www
if ($host = www.{{ item.url }}) {
rewrite ^ https://{{ item.url }}$request_uri permanent;
}
{% endif %}
# Let's Encrypt
include snippets/letsencrypt.conf;
include snippets/ssl-params.conf;
ssl_certificate /etc/letsencrypt/live/{{ item.url }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ item.url }}/privkey.pem;
include snippets/header-params_server.conf;
location / {
include snippets/header-params_location.conf;
proxy_pass http://{{ item.subnet_site_ip }}:80;
}
}