blee/ansible-role-samourai-dojo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
a8555d0c2f
ansible-role-samourai-dojo/docs/examples/nginx_conf.yml

136 lines
5.7 KiB
YAML
Raw Blame History

---
# https://code.samourai.io/dojo/samourai-dojo/-/tree/develop/docker/my-dojo/nginx/mainnet.conf
- name: Dojo | Configure nginx to include the template
ansible.builtin.import_role:
name: nginxinc.nginx_core.nginx_config
vars:
nginx_config_http_template_enable: true
nginx_config_http_template:
- template_file: http/default.conf.j2
deployment_location: "/etc/nginx/conf.d/samourai-dojo_{{ inventory_hostname }}.conf"
backup: false
config:
servers:
- core:
listen:
- address: "{{ default_interface_ipv4_address|default(ansible_default_ipv4.address) }}:{{ samourai_dojo_https_port|default(4440) }} ssl"
include:
- "/etc/nginx/acme_{{ inventory_hostname }}.conf"
log:
access:
- off
locations:
# Proxy WebSocket connections first
- location: /v2/inv
proxy:
pass: "http://127.0.0.1:{{ samourai_dojo_ws_http_port|default(8080)}}"
http_version: '1.1'
set_header:
- field: Host
value: $http_host
- field: Connection
value: $connection_upgrade
- field: Upgrade
value: $http_upgrade
# PushTX server is separate, so proxy first
- location: /v2/pushtx/
proxy:
pass: "http://127.0.0.1:{{ samourai_dojo_pushtx_http_port|default(8081)}}/"
# Tracker server is separate, so proxy first
- location: /v2/tracker/
proxy:
pass: "http://127.0.0.1:{{ samourai_dojo_tracker_http_port|default(8082)}}/"
# Proxy requests to maintenance tool
- location: /admin/
proxy:
pass: "http://127.0.0.1:{{ samourai_dojo_ws_http_port|default(8080)}}/static/admin/"
# Proxy all other v2 requests to the accounts server
- location: /v2/
proxy:
pass: "http://127.0.0.1:{{ samourai_dojo_ws_http_port|default(8080)}}/"
# Redirect onion address to maintenance tool
- location: = /
rewrite:
return:
url: /admin
code: 301
# Serve remaining requests
- location: /
rewrite:
return:
code: 200
text: >
'{"status":"ok"}'
headers:
add_headers:
- name: Content-Type
value: application/json
- core:
server_name: "{{ samourai_dojo_onion_service|default('_') }}"
listen:
- address: "127.0.0.1:{{ samourai_dojo_onion_port|default(80) }}"
send_timeout: 600s
log:
access:
- off
locations:
# Proxy WebSocket connections first
- location: /v2/inv
proxy:
pass: "http://127.0.0.1:{{ samourai_dojo_ws_http_port|default(8080)}}"
connect_timeout: 600s
read_timeout: 600s
send_timeout: 600s
http_version: '1.1'
set_header:
- field: Host
value: $http_host
- field: Connection
value: $connection_upgrade
- field: Upgrade
value: $http_upgrade
# PushTX server is separate, so proxy first
- location: /v2/pushtx/
proxy:
pass: "http://127.0.0.1:{{ samourai_dojo_pushtx_http_port|default(8081)}}/"
connect_timeout: 600s
read_timeout: 600s
send_timeout: 600s
# Tracker server is separate, so proxy first
- location: /v2/tracker/
proxy:
pass: "http://127.0.0.1:{{ samourai_dojo_tracker_http_port|default(8082)}}/"
connect_timeout: 600s
read_timeout: 600s
send_timeout: 600s
# Proxy requests to maintenance tool
- location: /admin/
proxy:
pass: "http://127.0.0.1:{{ samourai_dojo_ws_http_port|default(8080)}}/static/admin/"
connect_timeout: 600s
read_timeout: 600s
send_timeout: 600s
# Proxy all other v2 requests to the accounts server
- location: /v2/
proxy:
pass: "http://127.0.0.1:{{ samourai_dojo_ws_http_port|default(8080)}}/"
connect_timeout: 600s
read_timeout: 600s
send_timeout: 600s
# Redirect onion address to maintenance tool
- location: = /
rewrite:
return:
url: /admin
code: 301
# Serve remaining requests
- location: /
rewrite:
return:
code: 200
text: >
'{"status":"ok"}'
headers:
add_headers:
- name: Content-Type
value: application/json
Reference in New Issue View Git Blame Copy Permalink