include:
- role.common.nginx
{%- if salt['grains.get']('include_secrets', True) %}
- secrets.role.factory-dashboard
{%- endif %}
{%- set website = 'factory-dashboard.opensuse.org' %}
{%- set webroot = '/srv/www/vhosts/' ~ website %}
nginx:
servers:
managed:
{{ website }}.conf:
enabled: True
config:
- map $sent_http_content_type $expires:
- text/css: 7d
- image/x-icon: 90d
- ~application/: 28d
- ~font/: 28d
- ~text/: 28d
- ~image/: 28d
- server:
- listen: '[::]:80 ipv6only=on'
- server_name: {{ website }}
- root: {{ webroot }}
- gzip_vary: 'on'
- gzip_min_length: 1000
- gzip_comp_level: 5
- gzip_types: text/plain text/xml text/x-js application/json text/css application/x-javascript application/javascript
- location ~* \.(?:ttf|otf|eot|woff)$:
- add_header: Access-Control-Allow-Origin '*'
- location = /check.txt:
- root: /srv/www/htdocs
- access_log: 'off'
- error_page: 405 = $uri
- error_page: 405 =200 $uri
- error_page: 500 502 503 504 /50x.html
- location = /50x.html:
- root: /srv/www/htdocs
- access_log: /var/log/nginx/{{ website }}.access.log combined
- error_log: /var/log/nginx/{{ website }}.error.log
rsync:
modules:
{{ website }}:
auth users: coolo
comment: A dashboard for openSUSE:Factory
path: {{ webroot }}
read only: false
uid: dashboard
hosts allow:
- atlas1.infra.opensuse.org
- atlas2.infra.opensuse.org
users:
dashboard: {}