Page MenuHomeDevCentral
Files F11725803

No OneTemporary
Actions

View Options

diff --git a/roles/webserver-core/nginx/config.sls b/roles/webserver-core/nginx/config.sls
index f15ab0d..ba0e2c4 100644
--- a/roles/webserver-core/nginx/config.sls
+++ b/roles/webserver-core/nginx/config.sls
@@ -1,113 +1,117 @@
# -------------------------------------------------------------
# Salt — Webserver core units for all webservers roles
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# Project: Nasqueron
# License: Trivial work, not eligible to copyright
# -------------------------------------------------------------
{% from "map.jinja" import dirs with context %}
{% from "roles/webserver-core/map.jinja" import options with context %}
{% set has_selinux = salt['grains.get']('selinux:enabled', False) %}
# -------------------------------------------------------------
# Accounts - web group
#
# A group shared between nginx, back-end and content directories
# to allow ACL giving access to the nginx process.
#
# This group will so be used by:
# - nginx process (configured in nginx.conf)
# - back-end UNIX sockets like php-fpm sockets can be 660
# - more private folders can use 007 as umask
#
# An user is created in that group to run tools needing access
# to those resources.
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
webserver_core_group:
group.present:
- name: web
- gid: 9003
- system: True
webserver_core_user:
user.present:
- name: web-admin
- uid: 8000
- gid: 9003
# -------------------------------------------------------------
# Base configuration
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ dirs.etc }}/nginx/nginx.conf:
file.managed:
- source: salt://roles/webserver-core/nginx/files/nginx.conf
- template: jinja
- context:
nginx_dir: {{ dirs.etc }}/nginx
nginx_options: {{ options }}
+{{ dirs.etc }}/nginx/mime.types:
+ file.managed:
+ - source: salt://roles/webserver-core/nginx/files/mime.types
+
# -------------------------------------------------------------
# includes folder
#
# :: general configuration
# :: application-specific code
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
webserver_core_nginx_includes:
file.recurse:
- name: {{ dirs.etc }}/nginx/includes
- source: salt://roles/webserver-core/nginx/files/includes
- dir_mode: 755
- file_mode: 644
- template: jinja
- context:
nginx_version: {{ salt["nginx.version"]() }}
nginx_dir: {{ dirs.etc }}/nginx
nginx_options: {{ options }}
certbot_dir: /var/letsencrypt-auto
# -------------------------------------------------------------
# Parameters for Diffie-Hellman
#
# Some ciphers still require DH exchange. They contain "DHE" in
# the name, e.g. DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
webserver_core_nginx_dh:
cmd.run:
- name: openssl dhparam -out {{ dirs.etc }}/nginx/dhparams.pem 4096
- creates: {{ dirs.etc }}/nginx/dhparams.pem
# -------------------------------------------------------------
# Logs
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
/var/log/www:
file.directory:
- user: {{ options["www_user"] }}
- group: web
- dir_mode: 711
{% if has_selinux %}
selinux_context_nginx_logs:
selinux.fcontext_policy_present:
- name: "/var/log/www(/.*)?"
- sel_type: httpd_log_t
selinux_context_nginx_logs_applied:
selinux.fcontext_policy_applied:
- name: /var/log/www
- recursive: True
{% endif %}
# -------------------------------------------------------------
# vhost folder
#
# To be filled by the specific web role or unit
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
{{ dirs.etc }}/nginx/vhosts:
file.directory
diff --git a/roles/webserver-core/nginx/files/mime.types b/roles/webserver-core/nginx/files/mime.types
new file mode 100644
index 0000000..3f0094a
--- /dev/null
+++ b/roles/webserver-core/nginx/files/mime.types
@@ -0,0 +1,121 @@
+# -------------------------------------------------------------
+# nginx :: configuration :: MIME types
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+# Project: Nasqueron
+# Description: Common MIME types and extension mapping
+# License: Trivial work, not eligible for copyright.
+# Source file: roles/webserver-core/nginx/files/includes/mime.types
+# -------------------------------------------------------------
+#
+# <auto-generated>
+# This file is managed by our rOPS SaltStack repository.
+#
+# Changes to this file may cause incorrect behavior
+# and will be lost if the state is redeployed.
+# </auto-generated>
+
+types {
+
+ # -------------------------------------------------------------
+ # From nginx configuration
+ # Source: nginx repository, conf/mime.types
+ # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+ text/html html htm shtml;
+ text/css css;
+ text/xml xml;
+ image/gif gif;
+ image/jpeg jpeg jpg;
+ application/javascript js;
+ application/atom+xml atom;
+ application/rss+xml rss;
+
+ text/mathml mml;
+ text/plain txt;
+ text/vnd.sun.j2me.app-descriptor jad;
+ text/vnd.wap.wml wml;
+ text/x-component htc;
+
+ image/avif avif;
+ image/png png;
+ image/svg+xml svg svgz;
+ image/tiff tif tiff;
+ image/vnd.wap.wbmp wbmp;
+ image/webp webp;
+ image/x-icon ico;
+ image/x-jng jng;
+ image/x-ms-bmp bmp;
+
+ font/woff woff;
+ font/woff2 woff2;
+
+ application/java-archive jar war ear;
+ application/json json;
+ application/mac-binhex40 hqx;
+ application/msword doc;
+ application/pdf pdf;
+ application/postscript ps eps ai;
+ application/rtf rtf;
+ application/vnd.apple.mpegurl m3u8;
+ application/vnd.google-earth.kml+xml kml;
+ application/vnd.google-earth.kmz kmz;
+ application/vnd.ms-excel xls;
+ application/vnd.ms-fontobject eot;
+ application/vnd.ms-powerpoint ppt;
+ application/vnd.oasis.opendocument.graphics odg;
+ application/vnd.oasis.opendocument.presentation odp;
+ application/vnd.oasis.opendocument.spreadsheet ods;
+ application/vnd.oasis.opendocument.text odt;
+ application/vnd.openxmlformats-officedocument.presentationml.presentation
+ pptx;
+ application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
+ xlsx;
+ application/vnd.openxmlformats-officedocument.wordprocessingml.document
+ docx;
+ application/vnd.wap.wmlc wmlc;
+ application/wasm wasm;
+ application/x-7z-compressed 7z;
+ application/x-cocoa cco;
+ application/x-java-archive-diff jardiff;
+ application/x-java-jnlp-file jnlp;
+ application/x-makeself run;
+ application/x-perl pl pm;
+ application/x-pilot prc pdb;
+ application/x-rar-compressed rar;
+ application/x-redhat-package-manager rpm;
+ application/x-sea sea;
+ application/x-shockwave-flash swf;
+ application/x-stuffit sit;
+ application/x-tcl tcl tk;
+ application/x-x509-ca-cert der pem crt;
+ application/x-xpinstall xpi;
+ application/xhtml+xml xhtml;
+ application/xspf+xml xspf;
+ application/zip zip;
+
+ application/octet-stream bin exe dll;
+ application/octet-stream deb;
+ application/octet-stream dmg;
+ application/octet-stream iso img;
+ application/octet-stream msi msp msm;
+
+ audio/midi mid midi kar;
+ audio/mpeg mp3;
+ audio/ogg ogg;
+ audio/x-m4a m4a;
+ audio/x-realaudio ra;
+
+ video/3gpp 3gpp 3gp;
+ video/mp2t ts;
+ video/mp4 mp4;
+ video/mpeg mpeg mpg;
+ video/quicktime mov;
+ video/webm webm;
+ video/x-flv flv;
+ video/x-m4v m4v;
+ video/x-mng mng;
+ video/x-ms-asf asx asf;
+ video/x-ms-wmv wmv;
+ video/x-msvideo avi;
+
+}

File Metadata

Mime Type
text/x-diff
Expires
Thu, Sep 18, 21:55 (4 m, 10 s)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2991807
Default Alt Text
(10 KB)

Event Timeline

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator