Added second nginx vhost

8 years ago · 05107258cc
parent f6459e1141
commit 05107258cc
1 changed files with 82 additions and 0 deletions
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@ -233,6 +233,88 @@ nginx_vhosts:
        return 403;
      }

+      location ~ /\. {
+        access_log off;
+        log_not_found off;
+        deny all;
+      }
+      location ~ ~$ {
+        access_log off;
+        log_not_found off;
+        deny all;
+      }
+      location ~ /\.ht {
+        deny  all;
+      }
+      location @rewrite {
+        # Some modules enforce no slash (/) at the end of the URL
+        # Else this rewrite block wouldn't be needed (GlobalRedirect)
+        rewrite ^/(.*)$ /index.php?q=$1 last;
+      }
+  - listen: "{{ nginx_port }}"
+    server_name: "2{{ server_hostname }} www.2{{ server_hostname }}"
+    root: "/var/www/html/2{{ server_hostname }}"
+    open_file_cache: "max=2000 inactive=120s"
+    open_file_cache_valid: "240s"
+    open_file_cache_min_uses: "5"
+    open_file_cache_errors: "off"
+    client_max_body_size: "5m"
+    client_body_timeout: "60"
+    index: "index.php index.html index.htm"
+    error_page: "403 =404"
+    access_log: "/var/log/nginx/2{{ server_hostname }}_access.log"
+    error_log: "/var/log/nginx/2{{ server_hostname }}_error.log"
+    extra_parameters: |
+      location ~ ^/sites/.*/files/styles/ {
+        try_files $uri @rewrite;
+      }
+      location ~ ^/sites/default/files/ {
+        try_files $uri @rewrite;
+      }
+      location ~ \.(gif|jpg|jpeg|png|ico|bmp|js|css|pdf|doc|webp|woff|ico|js|css|svg)(\?[a-zA-Z0-9\.\-_,])?$ {
+        expires max;
+        log_not_found off;
+        add_header Cache-Control "public";
+        add_header X-Cache $upstream_cache_status;
+      }
+      location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+      }
+      location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+      }
+      location / {
+        proxy_pass http://127.0.0.1:{{ apache_listen_port }};
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP  $remote_addr;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        add_header X-Cache $upstream_cache_status;
+        add_header X-Loaded "/";
+        add_header X-Your-IP $remote_addr;
+      }
+      location ~ \.php$ {
+        proxy_set_header X-Real-IP  $remote_addr;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header Host $host;
+        proxy_pass http://127.0.0.1:{{ apache_listen_port }};
+        add_header X-Cache $upstream_cache_status;
+        add_header X-Loaded "php";
+        add_header X-Your-IP $remote_addr;
+      }
+      location = /backup {
+        deny all;
+      }
+      location ~* \.(txt|log)$ {
+        allow 127.0.0.1;
+        deny all;
+      }
+      location ~ \..*/.*\.php$ {
+        return 403;
+      }
+
      location ~ /\. {
        access_log off;
        log_not_found off;