Page MenuHomeDevCentral

D2227.id5610.diff
No OneTemporary

D2227.id5610.diff

diff --git a/roles/paas-docker/nginx/config.sls b/roles/paas-docker/nginx/config.sls
--- a/roles/paas-docker/nginx/config.sls
+++ b/roles/paas-docker/nginx/config.sls
@@ -39,8 +39,29 @@
# -------------------------------------------------------------
# vhosts folder
+#
+# :: fallback when a domain isn't found
+# :: server cover page
+# :: containers
# -------------------------------------------------------------
+{{ dirs.etc }}/nginx/vhosts:
+ file.directory:
+ - dir_mode: 755
+
+{{ dirs.etc }}/nginx/vhosts/000-fallback.conf:
+ file.managed:
+ - source: salt://roles/paas-docker/nginx/files/vhosts/base/fallback.conf
+
+{{ dirs.etc }}/nginx/vhosts/001-server.conf:
+ file.managed:
+ - source: salt://roles/paas-docker/nginx/files/vhosts/base/server.conf
+ - template: jinja
+ - context:
+ fqdn: {{ grains['fqdn'] }}
+ ipv4: {{ grains['ipv4'] | join(" ") }}
+ ipv6: {{ grains['ipv6'] | join(" ") }}
+
{% for service, instances in containers.items() %}
{% for instance, container in instances.items() %}
{% if 'host' in container %}
@@ -48,7 +69,6 @@
{{ dirs.etc }}/nginx/vhosts/{{ service }}/{{ instance }}.conf:
file.managed:
- source: salt://roles/paas-docker/nginx/files/vhosts/{{ service }}.conf
- - makedirs: True
- mode: 644
- template: jinja
- context:
diff --git a/roles/paas-docker/nginx/files/nginx.conf b/roles/paas-docker/nginx/files/nginx.conf
--- a/roles/paas-docker/nginx/files/nginx.conf
+++ b/roles/paas-docker/nginx/files/nginx.conf
@@ -49,6 +49,10 @@
'' close;
}
+ # Base
+ include /etc/nginx/vhosts/000-fallback.conf;
+ include /etc/nginx/vhosts/001-server.conf;
+
# Services hosted in containers
include /etc/nginx/vhosts/*/*.conf;
}
diff --git a/roles/paas-docker/nginx/files/vhosts/base/fallback.conf b/roles/paas-docker/nginx/files/vhosts/base/fallback.conf
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/nginx/files/vhosts/base/fallback.conf
@@ -0,0 +1,31 @@
+# -------------------------------------------------------------
+# Configuration for Docker PaaS front-end nginx
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Author: Sébastien Santoro aka Dereckson
+# Created: 2020-02-18
+# Source file: roles/paas-docker/nginx/files/vhosts/base/fallback.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name _;
+
+ include includes/tls;
+ ssl_certificate /srv/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /srv/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ location / {
+ root /var/wwwroot-content/_fallback;
+ index index.html;
+
+ try_files $uri $uri/ index.html;
+ }
+}
diff --git a/roles/paas-docker/nginx/files/vhosts/base/server.conf b/roles/paas-docker/nginx/files/vhosts/base/server.conf
new file mode 100644
--- /dev/null
+++ b/roles/paas-docker/nginx/files/vhosts/base/server.conf
@@ -0,0 +1,58 @@
+# -------------------------------------------------------------
+# Configuration for Docker PaaS front-end nginx
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Author: Sébastien Santoro aka Dereckson
+# Created: 2020-02-18
+# Source file: roles/paas-docker/nginx/files/vhosts/base/server.conf
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+# -------------------------------------------------------------
+# TLS site
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ fqdn }};
+
+ include includes/letsencrypt;
+
+ return 301 https://{{ fqdn }}$request_uri;
+}
+
+server {
+ server_name {{ fqdn }};
+
+ include includes/tls;
+ ssl_certificate /srv/letsencrypt/etc/live/{{ fqdn }}/fullchain.pem;
+ ssl_certificate_key /srv/letsencrypt/etc/live/{{ fqdn }}/privkey.pem;
+
+ include includes/letsencrypt;
+
+ location / {
+ root /var/wwwroot-content/{{ fqdn }};
+ index index.html;
+ }
+}
+
+# -------------------------------------------------------------
+# Probably not any TLS certificate available, so serve on :80
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name {{ ipv4 }} {{ ipv6 }} localhost;
+
+ location / {
+ root /var/wwwroot-content/{{ fqdn }};
+ index index.html;
+ }
+}

File Metadata

Mime Type
text/plain
Expires
Sun, Nov 24, 15:58 (21 h, 3 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2260480
Default Alt Text
D2227.id5610.diff (4 KB)

Event Timeline