Unify nginx logs for readability of the directory.
This commit is contained in:
parent
562ca983f6
commit
b172b60e93
|
@ -0,0 +1,96 @@
|
|||
---
|
||||
|
||||
- hosts: mdk
|
||||
vars:
|
||||
letsencrypt_email: julien@palard.fr
|
||||
tasks:
|
||||
- name: Setup mdk.fr
|
||||
include_role: name=nginx
|
||||
vars:
|
||||
nginx_domain: mdk.fr
|
||||
nginx_certificates: [mdk.fr, www.mdk.fr, julien.palard.fr, mandark.fr, sizeof.fr, www.mandark.fr, www.sizeof.fr]
|
||||
nginx_owner: mdk_fr
|
||||
nginx_path: /var/www/mdk.fr/
|
||||
nginx_public_deploy_key: |
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC/8I1ecV8EutLc+Qx6Q8b2RhzXMl9n23LznNlw+MQtM mdk.fr
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETtLGjVKqpQ4bQRh108Bi5vkc8omuEwZPEUbeysLfci formations
|
||||
nginx_conf: |
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
add_header X-Frame-Options "DENY";
|
||||
|
||||
server
|
||||
{
|
||||
listen 80;
|
||||
server_name julien.palard.fr sizeof.fr www.sizeof.fr;
|
||||
return 301 https://mdk.fr;
|
||||
}
|
||||
|
||||
server
|
||||
{
|
||||
listen 80;
|
||||
server_name mdk.fr www.mdk.fr mandark.fr www.mandark.fr;
|
||||
return 301 https://mdk.fr$request_uri;
|
||||
}
|
||||
|
||||
server
|
||||
{
|
||||
listen 443 ssl;
|
||||
server_name julien.palard.fr sizeof.fr www.sizeof.fr;
|
||||
include snippets/letsencrypt-mdk.fr.conf;
|
||||
add_header X-Frame-Options "DENY";
|
||||
return 301 https://mdk.fr;
|
||||
}
|
||||
|
||||
server
|
||||
{
|
||||
listen 443 ssl;
|
||||
server_name www.mdk.fr mandark.fr www.mandark.fr;
|
||||
include snippets/letsencrypt-mdk.fr.conf;
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
add_header X-Frame-Options "DENY";
|
||||
return 301 https://mdk.fr$request_uri;
|
||||
}
|
||||
|
||||
server
|
||||
{
|
||||
listen 443 ssl;
|
||||
charset utf-8;
|
||||
server_name mdk.fr;
|
||||
include snippets/letsencrypt-mdk.fr.conf;
|
||||
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;";
|
||||
add_header X-Frame-Options "DENY";
|
||||
|
||||
location /noindex/ {
|
||||
autoindex off;
|
||||
}
|
||||
|
||||
location /index/ {
|
||||
autoindex on;
|
||||
}
|
||||
|
||||
root /var/www/mdk.fr/;
|
||||
index index.html;
|
||||
}
|
||||
|
||||
- name: Keep nginx logs longer
|
||||
copy:
|
||||
dest: /etc/logrotate.d/nginx
|
||||
content: |
|
||||
/var/log/nginx/*.log {
|
||||
size 10M
|
||||
missingok
|
||||
rotate 99
|
||||
compress
|
||||
delaycompress
|
||||
notifempty
|
||||
create 0640 www-data adm
|
||||
sharedscripts
|
||||
prerotate
|
||||
if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
|
||||
run-parts /etc/logrotate.d/httpd-prerotate; \
|
||||
fi \
|
||||
endscript
|
||||
postrotate
|
||||
invoke-rc.d nginx rotate >/dev/null 2>&1
|
||||
endscript
|
||||
}
|
|
@ -9,8 +9,6 @@ nginx_conf: |
|
|||
{
|
||||
listen [::]:80; listen 80;
|
||||
server_name {{ nginx_domain }};
|
||||
access_log /var/log/nginx/{{ nginx_domain }}-access.log;
|
||||
error_log /var/log/nginx/{{ nginx_domain }}-error.log;
|
||||
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
@ -20,8 +18,6 @@ nginx_conf: |
|
|||
listen [::]:443 ssl; listen 443 ssl;
|
||||
charset utf-8;
|
||||
server_name {{ nginx_domain }};
|
||||
access_log /var/log/nginx/{{ nginx_domain }}-access.log;
|
||||
error_log /var/log/nginx/{{ nginx_domain }}-error.log;
|
||||
include snippets/letsencrypt-{{ nginx_domain }}.conf;
|
||||
|
||||
root {{ nginx_path }};
|
||||
|
|
|
@ -71,6 +71,26 @@
|
|||
- nginx
|
||||
- ca-certificates
|
||||
|
||||
- name: Setup custom log format
|
||||
copy:
|
||||
dest: /etc/nginx/conf.d/logging.conf
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
content: |
|
||||
log_format custom '$host $remote_addr - $remote_user [$time_local] '
|
||||
'"$request" $status $body_bytes_sent '
|
||||
'"$http_referer" "$http_user_agent"';
|
||||
access_log /var/log/nginx/access.log custom;
|
||||
error_log /var/log/nginx/error.log;
|
||||
|
||||
- name: Hide logging setup from nginx.conf
|
||||
lineinfile:
|
||||
regex: _log
|
||||
state: absent
|
||||
path: /etc/nginx/nginx.conf
|
||||
backup: true
|
||||
|
||||
- name: Ensure certbot is not installed from Debian packages
|
||||
package:
|
||||
state: absent
|
||||
|
|
|
@ -2,8 +2,6 @@ server
|
|||
{
|
||||
listen 80;
|
||||
server_name .{{ domain }};
|
||||
access_log /var/log/nginx/{{ domain }}-access.log;
|
||||
error_log /var/log/nginx/{{ domain }}-error.log;
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
|
@ -11,8 +9,6 @@ server
|
|||
{
|
||||
listen 443 ssl;
|
||||
server_name .{{ domain }};
|
||||
access_log /var/log/nginx/{{ domain }}-access.log;
|
||||
error_log /var/log/nginx/{{ domain }}-error.log;
|
||||
include snippets/letsencrypt-{{ domain }}.conf;
|
||||
|
||||
add_header Content-Security-Policy "default-src 'self' code.jquery.com cdnjs.cloudflare.com stackpath.bootstrapcdn.com";
|
||||
|
|
|
@ -4,85 +4,6 @@
|
|||
vars:
|
||||
letsencrypt_email: julien@palard.fr
|
||||
tasks:
|
||||
- name: Setup mdk.fr
|
||||
include_role: name=nginx
|
||||
vars:
|
||||
nginx_domain: mdk.fr
|
||||
nginx_certificates: [mdk.fr, www.mdk.fr, julien.palard.fr, mandark.fr, sizeof.fr, www.mandark.fr, www.sizeof.fr]
|
||||
nginx_owner: mdk_fr
|
||||
nginx_path: /var/www/mdk.fr/
|
||||
nginx_public_deploy_key: |
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC/8I1ecV8EutLc+Qx6Q8b2RhzXMl9n23LznNlw+MQtM mdk.fr
|
||||
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETtLGjVKqpQ4bQRh108Bi5vkc8omuEwZPEUbeysLfci formations
|
||||
nginx_conf: |
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
add_header X-Frame-Options "DENY";
|
||||
|
||||
server
|
||||
{
|
||||
listen 80;
|
||||
server_name julien.palard.fr sizeof.fr www.sizeof.fr;
|
||||
access_log /var/log/nginx/redirects-access.log;
|
||||
error_log /var/log/nginx/redirects-error.log;
|
||||
return 301 https://mdk.fr;
|
||||
}
|
||||
|
||||
server
|
||||
{
|
||||
listen 80;
|
||||
server_name mdk.fr www.mdk.fr mandark.fr www.mandark.fr;
|
||||
access_log /var/log/nginx/redirects-access.log;
|
||||
error_log /var/log/nginx/redirects-error.log;
|
||||
return 301 https://mdk.fr$request_uri;
|
||||
}
|
||||
|
||||
server
|
||||
{
|
||||
listen 443 ssl;
|
||||
server_name julien.palard.fr sizeof.fr www.sizeof.fr;
|
||||
access_log /var/log/nginx/redirects-access.log;
|
||||
error_log /var/log/nginx/redirects-error.log;
|
||||
include snippets/letsencrypt-mdk.fr.conf;
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
add_header X-Frame-Options "DENY";
|
||||
return 301 https://mdk.fr;
|
||||
}
|
||||
|
||||
server
|
||||
{
|
||||
listen 443 ssl;
|
||||
server_name www.mdk.fr mandark.fr www.mandark.fr;
|
||||
access_log /var/log/nginx/redirects-access.log;
|
||||
error_log /var/log/nginx/redirects-error.log;
|
||||
include snippets/letsencrypt-mdk.fr.conf;
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
add_header X-Frame-Options "DENY";
|
||||
return 301 https://mdk.fr$request_uri;
|
||||
}
|
||||
|
||||
server
|
||||
{
|
||||
listen 443 ssl;
|
||||
charset utf-8;
|
||||
server_name mdk.fr;
|
||||
access_log /var/log/nginx/mdk.fr-access.log;
|
||||
error_log /var/log/nginx/mdk.fr-error.log;
|
||||
include snippets/letsencrypt-mdk.fr.conf;
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
add_header X-Frame-Options "DENY";
|
||||
|
||||
location /noindex/ {
|
||||
autoindex off;
|
||||
}
|
||||
|
||||
location /index/ {
|
||||
autoindex on;
|
||||
}
|
||||
|
||||
root /var/www/mdk.fr/;
|
||||
index index.html;
|
||||
}
|
||||
|
||||
- name: Setup palard.fr
|
||||
include_role: name=nginx
|
||||
vars:
|
||||
|
@ -93,8 +14,6 @@
|
|||
{
|
||||
listen 80;
|
||||
server_name palard.fr www.palard.fr;
|
||||
access_log /var/log/nginx/palard.fr-access.log;
|
||||
error_log /var/log/nginx/palard.fr-error.log;
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
|
@ -103,8 +22,6 @@
|
|||
listen 443 ssl;
|
||||
charset utf-8;
|
||||
server_name palard.fr www.palard.fr;
|
||||
access_log /var/log/nginx/palard.fr-access.log;
|
||||
error_log /var/log/nginx/palard.fr-error.log;
|
||||
include snippets/letsencrypt-palard.fr.conf;
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
add_header X-Frame-Options "DENY";
|
||||
|
@ -176,8 +93,6 @@
|
|||
{
|
||||
listen 80;
|
||||
server_name le-poitevin.fr;
|
||||
access_log /var/log/nginx/le-poitevin.fr-access.log;
|
||||
error_log /var/log/nginx/le-poitevin.fr-error.log;
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
|
@ -185,8 +100,6 @@
|
|||
{
|
||||
listen 80;
|
||||
server_name www.le-poitevin.fr;
|
||||
access_log /var/log/nginx/le-poitevin.fr-access.log;
|
||||
error_log /var/log/nginx/le-poitevin.fr-error.log;
|
||||
return 301 https://le-poitevin.fr$request_uri;
|
||||
}
|
||||
|
||||
|
@ -194,8 +107,6 @@
|
|||
{
|
||||
listen 443 ssl;
|
||||
server_name le-poitevin.fr;
|
||||
access_log /var/log/nginx/le-poitevin.fr-access.log;
|
||||
error_log /var/log/nginx/le-poitevin.fr-error.log;
|
||||
include snippets/letsencrypt-le-poitevin.fr.conf;
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
add_header X-Frame-Options "DENY";
|
||||
|
@ -207,8 +118,6 @@
|
|||
{
|
||||
listen 443 ssl;
|
||||
server_name www.le-poitevin.fr;
|
||||
access_log /var/log/nginx/le-poitevin.fr-access.log;
|
||||
error_log /var/log/nginx/le-poitevin.fr-error.log;
|
||||
include snippets/letsencrypt-le-poitevin.fr.conf;
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
add_header X-Frame-Options "DENY";
|
||||
|
@ -229,9 +138,6 @@
|
|||
{
|
||||
listen 80;
|
||||
server_name codeenseine.fr;
|
||||
access_log /var/log/nginx/codeenseine.fr-access.log;
|
||||
error_log /var/log/nginx/codeenseine.fr-error.log;
|
||||
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
|
@ -240,8 +146,6 @@
|
|||
listen 443 ssl;
|
||||
charset utf-8;
|
||||
server_name codeenseine.fr;
|
||||
access_log /var/log/nginx/codeenseine.fr-access.log;
|
||||
error_log /var/log/nginx/codeenseine.fr-error.log;
|
||||
include snippets/letsencrypt-codeenseine.fr.conf;
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
add_header X-Frame-Options "DENY";
|
||||
|
@ -254,8 +158,6 @@
|
|||
{
|
||||
listen 80;
|
||||
server_name www.codeenseine.fr;
|
||||
access_log /var/log/nginx/codeenseine.fr-access.log;
|
||||
error_log /var/log/nginx/codeenseine.fr-error.log;
|
||||
return 301 https://codeenseine.fr$request_uri;
|
||||
}
|
||||
|
||||
|
@ -263,8 +165,6 @@
|
|||
{
|
||||
listen 443 ssl;
|
||||
server_name www.codeenseine.fr;
|
||||
access_log /var/log/nginx/codeenseine.fr-access.log;
|
||||
error_log /var/log/nginx/codeenseine.fr-error.log;
|
||||
include snippets/letsencrypt-codeenseine.fr.conf;
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
add_header X-Frame-Options "DENY";
|
||||
|
@ -282,8 +182,6 @@
|
|||
{
|
||||
listen 80;
|
||||
server_name matrix.palard.fr;
|
||||
access_log /var/log/nginx/matrix.palard.fr-access.log;
|
||||
error_log /var/log/nginx/matrix.palard.fr-error.log;
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
|
@ -291,8 +189,6 @@
|
|||
{
|
||||
listen 443 ssl;
|
||||
server_name matrix.palard.fr;
|
||||
access_log /var/log/nginx/matrix.palard.fr-access.log;
|
||||
error_log /var/log/nginx/matrix.palard.fr-error.log;
|
||||
include snippets/letsencrypt-matrix.palard.fr.conf;
|
||||
add_header Content-Security-Policy "frame-ancestors 'none'";
|
||||
add_header X-Frame-Options "DENY";
|
||||
|
|
Loading…
Reference in New Issue