Commit c289763e authored by Łukasz Nowak's avatar Łukasz Nowak Committed by Rafael Monnerat

apache-frontend: Fix Ngnix main configuration

jinja2 template is required, as some paramters might come from the network.

/reviewed-on nexedi/slapos!345
parent 438bfe91
......@@ -18,7 +18,7 @@ md5sum = f686f765e55d1dce2e55a400f0714b3e
[template-apache-frontend]
filename = instance-apache-frontend.cfg
md5sum = b6a2c860ea1cd4bc9d185c7108c52d0a
md5sum = d6570c7a7e3c48efa7305677fe7c7ceb
[template-apache-replicate]
filename = instance-apache-replicate.cfg.in
......@@ -82,7 +82,7 @@ md5sum = 117238225b3fc3c5b5be381815f44c67
[template-nginx-configuration]
filename = templates/nginx.cfg.in
md5sum = 18633ce55e53340efa1ba7693aac4152
md5sum = f334ef32234771aee69c06f843da1980
[template-nginx-eventsource-slave-virtualhost]
filename = templates/nginx-eventsource-slave.conf.in
......
......@@ -676,14 +676,31 @@ curl_path = ${curl:location}/bin/curl
#
[nginx-frontend]
recipe = slapos.cookbook:wrapper
command-line = ${nginx-push-stream:location}/sbin/nginx -c $${nginx-configuration:output}
command-line = ${nginx-push-stream:location}/sbin/nginx -c $${dynamic-nginx-frontend-template:rendered}
wrapper-path = $${directory:service}/frontend_nginx
[nginx-configuration]
recipe = slapos.recipe.template
url = ${template-nginx-configuration:output}
output = $${directory:etc}/nginx.cfg
[dynamic-nginx-frontend-template]
< = jinja2-template-base
template = ${template-nginx-configuration:output}
rendered = $${directory:etc}/nginx.cfg
mode = 0600
extra-context =
key ip nginx-configuration:ip
key local_ip nginx-configuration:local_ip
key port nginx-configuration:port
key plain_port nginx-configuration:plain_port
key worker_processes nginx-configuration:worker_processes
key pidfile nginx-configuration:pid-file
key worker_connections nginx-configuration:worker_connections
key error_log nginx-configuration:error_log
key access_log nginx-configuration:access_log
key ssl_certificate ca-frontend:cert-file
key ssl_key ca-frontend:key-file
key varnginx directory:varnginx
key slave_configuration_directory nginx-configuration:slave-configuration-directory
key document_root apache-directory:document-root
[nginx-configuration]
access_log = $${directory:log}/nginx-access.log
error_log = $${directory:log}/nginx-error.log
ip = $${slap-network-information:global-ipv6}
......@@ -695,7 +712,7 @@ worker_connections = 1024
slave-configuration-directory = $${apache-directory:nginx-slave-configuration}
pid-file = $${directory:run}/nginx.pid
nginx-graceful-command = $${:nginx-configuration-verification}; if [ $? -eq 0 ]; then kill -HUP $(cat $${:pid-file}); fi
nginx-configuration-verification = ${nginx-push-stream:location}/sbin/nginx -t -c $${nginx-configuration:output}
nginx-configuration-verification = ${nginx-push-stream:location}/sbin/nginx -t -c $${dynamic-nginx-frontend-template:rendered}
[frontend-nginx-graceful]
< = jinja2-template-base
......
daemon off; # run in the foreground so supervisord can look after it
worker_processes $${nginx-configuration:worker_processes};
pid $${nginx-configuration:pid-file};
worker_processes {{ worker_processes }};
pid {{ pidfile }};
events {
worker_connections $${nginx-configuration:worker_connections};
worker_connections {{ worker_connections }};
# multi_accept on;
}
error_log $${nginx-configuration:error_log};
error_log {{ error_log }};
http {
......@@ -23,17 +23,17 @@ http {
types_hash_max_size 2048;
server_tokens off;
error_log $${nginx-configuration:error_log};
error_log {{ error_log }};
log_format custom '$remote_addr - $remote_user $time_local $status $body_bytes_sent "$http_referer" "$http_user_agent" $request_time';
access_log $${nginx-configuration:access_log} custom;
access_log {{ access_log }} custom;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
default_type application/octet-stream;
ssl_certificate $${ca-frontend:cert-file};
ssl_certificate_key $${ca-frontend:key-file};
ssl_certificate {{ ssl_certificate }};
ssl_certificate_key {{ ssl_key }};
##
# Gzip Settings
......@@ -53,18 +53,18 @@ http {
##
push_stream_shared_memory_size 32m;
fastcgi_temp_path $${directory:varnginx} 1 2;
uwsgi_temp_path $${directory:varnginx} 1 2;
scgi_temp_path $${directory:varnginx} 1 2;
fastcgi_temp_path {{ varnginx }} 1 2;
uwsgi_temp_path {{ varnginx }} 1 2;
scgi_temp_path {{ varnginx }} 1 2;
client_body_temp_path $${directory:varnginx} 1 2;
proxy_temp_path $${directory:varnginx} 1 2;
client_body_temp_path {{ varnginx }} 1 2;
proxy_temp_path {{ varnginx }} 1 2;
include $${nginx-configuration:slave-configuration-directory}/*.conf;
include {{ slave_configuration_directory }}/*.conf;
server {
listen [$${nginx-configuration:ip}]:$${nginx-configuration:plain_port};
listen $${nginx-configuration:local_ip}:$${nginx-configuration:plain_port};
listen [{{ ip }}]:{{ plain_port }};
listen {{ local_ip }}:{{ plain_port }};
## Serve an error 204 (No Content) for favicon.ico
......@@ -73,14 +73,14 @@ http {
}
location / {
root $${apache-directory:document-root};
root {{ document_root }};
index notfound.html;
}
}
server {
listen [$${nginx-configuration:ip}]:$${nginx-configuration:port} ssl;
listen $${nginx-configuration:local_ip}:$${nginx-configuration:port} ssl;
listen [{{ ip }}]:{{ port }} ssl;
listen {{ local_ip }}:{{ port }} ssl;
ssl on;
......@@ -96,7 +96,7 @@ http {
}
location / {
root $${apache-directory:document-root};
root {{ document_root }};
index notfound.html;
}
}
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment