nginx#
This role has goal to install and configure NGINX server.
You have two ways to install this role :
Install Nginx with docker installation when you this role on your local system (When you want to install the forge on your local system)
Install Nginx APT package when you run this role to an remote machine (target server witch run the forge)
However if you want to run the docker installation to your remote machine, you can set the next variable :
glxforge_nginx_force_docker_install: true
An example of variable file for Nginx docker installation#
glxforge_nginx_force_docker_install: true
glxforge_nginx_docker_network_name: "glxforge"
glxforge_nginx_docker_network_subnet: "172.26.0.0/24"
glxforge_nginx_docker_network_gateway: "172.26.0.1"
# Docker project directories
glxforge_nginx_home_dir: "/tmp/nginx"
glxforge_nginx_data_dir: "{{ glxforge_nginx_home_dir }}/glxdata/nginx"
# Docker compose
glxforge_nginx_domain: "local.ici"
glxforge_nginx_docker_name: "nginx.{{ glxforge_nginx_domain }}"
glxforge_nginx_compose_filename: "docker-compose.nginx.yml"
glxforge_nginx_compose_file_path: "{{ glxforge_nginx_home_dir }}/{{ glxforge_nginx_compose_filename }}"
glxforge_nginx_version: "1.23.3"
glxforge_nginx_container_image: "nginx:{{ glxforge_nginx_version }}"
glxforge_nginx_docker_network_ipv4_address: "172.26.0.2"
glxforge_nginx_compose_project: "glxforge-nginx"
glxforge_nginx_http_port: "3000"
glxforge_nginx_https_port: "3443"
glxforge_nginx_gitea_ssh_port: "2222"
glxforge_nginx_sites:
- url: "gitea.local.ici"
listen: "{{ glxforge_nginx_http_port }}"
proxy_pass: "http://127.0.0.1:3030/"
- url: "woodpecker.local.ici"
listen: "{{ glxforge_nginx_http_port }}"
proxy_pass: "http://127.0.0.1:8000/"
glxforge_nginx_tcp_sites:
- upstream: "gitea-ssh"
server: "gitea.local.ici:2222"
listen: "2222"
An example of variable file for Nginx systemd installation#
glxforge_nginx_force_docker_install: false
glxforge_nginx_http_port: "3000"
glxforge_nginx_https_port: "3443"
glxforge_nginx_gitea_ssh_port: "2222"
glxforge_nginx_sites:
- url: "gitea.local.ici"
listen: "{{ glxforge_nginx_http_port }}"
proxy_pass: "http://127.0.0.1:3030/"
- url: "woodpecker.local.ici"
listen: "{{ glxforge_nginx_http_port }}"
proxy_pass: "http://127.0.0.1:8000/"
glxforge_nginx_tcp_sites:
- upstream: "gitea-ssh"
server: "gitea.local.ici:2222"
listen: "2222"
Enjoy :)
glxforge_nginx_docker_install: true
## Docker install method
Docker Network
glxforge_nginx_docker_network_name: “glxforge-network” glxforge_nginx_docker_network_subnet: “172.26.0.0/24” glxforge_nginx_docker_network_gateway: “172.26.0.1”
Docker project directories
glxforge_nginx_home_dir: “/tmp/nginx” glxforge_nginx_data_dir: “{{ glxforge_nginx_home_dir }}/glxdata/nginx”
Docker compose
glxforge_nginx_domain: “local.ici” glxforge_nginx_docker_name: “nginx-server” glxforge_nginx_compose_filename: “docker-compose.nginx.yml” glxforge_nginx_compose_file_path: “{{ glxforge_nginx_home_dir }}/{{ glxforge_nginx_compose_filename }}” glxforge_nginx_version: “1.23.3” glxforge_nginx_container_image: “nginx:{{ glxforge_nginx_version }}” glxforge_nginx_docker_network_ipv4_address: “172.26.0.2” glxforge_nginx_compose_project: “glxforge-nginx”
## Nginx configuration
glxforge_nginx_http_port: “3000” glxforge_nginx_https_port: “3443” glxforge_nginx_gitea_ssh_port: “2222”
glxforge_nginx_sites:
url: “gitea.local.ici” listen: “3443” proxy_pass: “http://172.26.0.10:3000/”
url: “woodpecker.local.ici” listen: “3443” proxy_pass: “http://172.26.0.60:8000/”
glxforge_nginx_tcp_sites:
upstream: “gitea-ssh” server: “gitea.local.ici:2222” listen: “2222”
Enable TLS
glxforge_nginx_tls_enabled: true glxforge_nginx_generate_cert: true
Attempt to be a wildcard certificate
Some information about self-signed certificate
glxforge_nginx_self_signed_cert_subj: “/C=US/ST=Missouri/L=Saint Louis/O=IT/CN=*.{{ glxforge_nginx_domain }}”
Nginx TLS directory
glxforge_nginx_tls_directory: “/tmp/tls”
Default self-signed certificate location
glxforge_nginx_tls_certificate: “{{ glxforge_nginx_tls_directory }}/{{ glxforge_nginx_domain }}.crt”
Default self-signed certificate key location
glxforge_nginx_tls_certificate_key: “{{ glxforge_nginx_tls_directory }}/{{ glxforge_nginx_domain }}.key”