diff --git a/README.md b/README.md index 8512a2c..d5df220 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@ # Ansible Role: Nginx -Installs Nginx on RHEL/CentOS 6.x. +Installs Nginx on RedHat/CentOS linux servers. -This role installs the latest version of Nginx direct from the Nginx yum repository. +This role installs and configures the latest version of Nginx direct from the Nginx yum repository. You will likely need to do extra setup work after this role has installed Nginx, like adding your own [virtualhost].conf file inside `/etc/nginx/conf.d/`, describing the location and options to use for your particular website. ## Requirements @@ -10,7 +10,24 @@ None. ## Role Variables -None. +Available variables are listed below, along with default values (see `vars/main.yml`): + + nginx_user: "nginx" + +The user under which Nginx will run. + + nginx_worker_processes: "1" + nginx_worker_connections: "1024" + +`nginx_worker_processes` should be set to the number of cores present on your machine. Connections (find this number with `grep processor /proc/cpuinfo | wc -l`). `nginx_worker_connections` is the number of connections per process. Set this higher to handle more simultaneous connections (and remember that a connection will be used for as long as the keepalive timeout duration for every client!). + + nginx_client_max_body_size: "64m" + +This value determines the largest file upload possible, as uploads are passed through Nginx before hitting a backend like `php-fpm`. If you get an error like `client intended to send too large body`, it means this value is set too low. + + nginx_keepalive_timeout: "65" + +The keepalive timeout. Should be set higher (10s+) if you have more polling-style traffic (AJAX-powered sites especially), or lower (<10s) if you have a site where most users visit a few pages and don't send any further requests. ## Dependencies @@ -24,7 +41,6 @@ None. ## TODO - - Make everything more configurable. - Make this role work with all flavors of linux (as supported by nginx repos). ## License diff --git a/tasks/main.yml b/tasks/main.yml index 47e4f81..71f9d00 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -5,5 +5,12 @@ - name: Ensure nginx is installed. yum: pkg=nginx state=installed enablerepo=nginx +- name: Copy nginx configuration in place. + template: > + src=nginx.conf.j2 + dest=/etc/nginx/nginx.conf + owner=root group=root mode=644 + notify: restart nginx + - name: Ensure nginx is started and enabled to start at boot. service: name=nginx state=started enabled=yes diff --git a/templates/nginx.conf.j2 b/templates/nginx.conf.j2 new file mode 100644 index 0000000..ae453fd --- /dev/null +++ b/templates/nginx.conf.j2 @@ -0,0 +1,34 @@ +user {{ nginx_user }}; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + +worker_processes {{ nginx_worker_processes }}; + +events { + worker_connections {{ nginx_worker_connections }}; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + server_names_hash_bucket_size 64; + + client_max_body_size {{ nginx_client_max_body_size }}; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main buffer=16k; + + sendfile on; + #tcp_nopush on; + + keepalive_timeout {{ nginx_keepalive_timeout }}; + + #gzip on; + + include /etc/nginx/conf.d/*.conf; +} diff --git a/vars/main.yml b/vars/main.yml new file mode 100644 index 0000000..0304377 --- /dev/null +++ b/vars/main.yml @@ -0,0 +1,6 @@ +--- +nginx_user: "nginx" +nginx_worker_processes: "1" +nginx_worker_connections: "1024" +nginx_client_max_body_size: "64m" +nginx_keepalive_timeout: "65"