heroes / salt

Clone
Source Code
GIT

Files

adjust-ci-pipeline anikitin/mirrorcache anikitin/t_allow_jinja_in_secrets anikitin/web_mirrors__proxy_mirrorcache bootloader cboltz-borgbackup cboltz-relnotes-15.3 cboltz-scar-sshd doc-o-o gateway hellcp/matrix-synapse-workers-syntax hellcp/paste-sync ifconfig infra libvirt lrupp-production-patch-08358 lrupp/add_identification lrupp/remove_login_interface lrupp/retire lrupp/serve_www mailman micro monitoring-restart paste-socket postfix-aliases production repositories set-secret-detection-config-1 sysctl update-access-crtmgr
  1.   production
  2.   pillar
  3.   role
  4.   web_jekyll.sls
Blob Blame History Raw 
{% set websites = ['news', 'planet', 'search', 'www', 'yast', '101', 'security', 'monitor', 'get', 'universe'] %}

include:
  - role.common.nginx

nginx:
  servers:
    managed:
      {% for website in websites %}
      {{ website }}.opensuse.org.conf:
        config:
          - map $sent_http_content_type $expires:
              - text/css: 7d
              - image/x-icon: 90d
              - ~application/: 28d
              - ~font/: 28d
              - ~text/: 1h
              - ~image/: 1h
          - server:
              - server_name: {{ website }}.opensuse.org
              - listen:
                  {%- if website == 'news' %}
                  - '[::]:80 default_server'
                  {%- else %}
                  - '[::]:80'
                  {%- endif %}
              - root: /srv/www/vhosts/{{ website }}.opensuse.org
              - gzip_vary: 'on'
              - gzip_min_length: 1000
              - gzip_comp_level: 5
              - gzip_types: text/plain text/xml text/x-js application/json text/css application/x-javascript application/javascript
              - expires: $expires
              - location ~ /\.svn:
                  - return: 404
              - location ~ /\.git:
                  - return: 404
              - location /:
                  - index: index.html index.htm
                  - try_files: $uri $uri/index.html $uri.html =404
              {% if website == 'news' %}
              - if ($args ~* "feed=rss2"):
                  - set: $args ""
                  - rewrite: ^.*$ https://news.opensuse.org/feed.xml redirect
              - rewrite: ^/feed/$ https://news.opensuse.org/feed.xml redirect
              - rewrite: ^.*/feed/$ https://news.opensuse.org/feed.xml redirect
              - rewrite: ^/feed$ https://news.opensuse.org/feed.xml redirect
              {% endif %}
              {% if website == 'planet' %}
              - rewrite: ^/global/$ / redirect
              - location ~ /tw(|/.*)$:
                  - rewrite: ^/tw(.*)$ /zh_TW$1 redirect
              - location ~ /gr(|/.*)$:
                  - rewrite: ^/gr(.*)$ /el$1 redirect
              {% endif %}
              - location ~* \.(?:ttf|otf|eot|woff)$:
                  - add_header: Access-Control-Allow-Origin "*"
              - location ~* \.(?:xml)$:
                  - add_header: Access-Control-Allow-Origin "*"
                  - charset: utf-8
              - error_page: 405 = $uri
              - error_page: 405 =200 $uri
              - error_page: 500 502 503 504 /50x.html
              - location = /50x.html:
                  - root: /srv/www/htdocs
              {%- if website == 'security' %}
              - error_page: 404 /404.html
              - location = /404.html:
                  - internal: ''
              {%- endif %}
              - access_log: /var/log/nginx/{{ website }}.access.log combined
              - error_log: /var/log/nginx/{{ website }}.error.log
        enabled: True
      {% endfor %}

profile:
  web_jekyll:
    ssh_pubkey: 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINNg3043py2Oe/LfLU0+mE+ehe7gI3e2QajbSUI6p4Zm web_jekyll@salt'
    websites: {{ websites }}
  postfix:
    aliases:
      web_jekyll: root
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.