Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-formulas / nginx / 3a5abf1dc43087819e6d93b0665b39580149e815 / . / README.rst
blob: a619b276ec2f5e0d29a02c705cbee2436e87f7c7 [file] [log] [blame]
Filip Pytloun6b5bb652015-10-06 16:28:32 +0200[diff] [blame]1
2=====
3Nginx
4=====
5
6Nginx is an open source reverse proxy server for HTTP, HTTPS, SMTP, POP3, and IMAP protocols, as well as a load balancer, HTTP cache, and a web server (origin server). The nginx project started with a strong focus on high concurrency, high performance and low memory usage.
7
8Sample pillars
9==============
10
11Gitlab server setup
12
13.. code-block:: yaml
14
15 nginx:
16 server:
17 enabled: true
18 bind:
19 address: '0.0.0.0'
20 ports:
21 - 80
22 site:
23 gitlab_domain:
24 enabled: true
25 type: gitlab
26 name: domain
27 ssl:
28 enabled: true
29 key: |
30 -----BEGIN RSA PRIVATE KEY-----
31 ...
32 cert: |
33 xyz
34 chain: |
35 my_chain..
36 host:
37 name: gitlab.domain.com
38 port: 80
39
40Simple static HTTP site
41
42.. code-block:: yaml
43
44 nginx:
45 server:
46 site:
47 nginx_static_site01:
48 enabled: true
49 type: static
50 name: site01
51 host:
52 name: gitlab.domain.com
53 port: 80
54
55Simple HTTP proxy
56
57.. code-block:: yaml
58
59 nginx:
60 server:
61 site:
62 nginx_proxy_site01:
63 enabled: true
64 type: proxy
65 name: site01
66 proxy:
67 host: local.domain.com
68 port: 80
69 protocol: http
70 host:
71 name: gitlab.domain.com
72 port: 80
73
74Simple Websocket proxy
75
76.. code-block:: yaml
77
78 nginx:
79 server:
80 site:
81 nginx_proxy_site02:
82 enabled: true
83 type: proxy
84 name: site02
85 proxy:
86 websocket: true
87 host: local.domain.com
88 port: 80
89 protocol: http
90 host:
91 name: gitlab.domain.com
92 port: 80
93
94Content filtering proxy
95
96.. code-block:: yaml
97
98 nginx:
99 server:
100 enabled: true
101 site:
102 nginx_proxy_site03:
103 enabled: true
104 type: proxy
105 name: site03
106 proxy:
107 host: local.domain.com
108 port: 80
109 protocol: http
110 filter:
111 search: https://www.domain.com
112 replace: http://10.10.10.10
113 host:
114 name: gitlab.domain.com
115 port: 80
116
117Gitlab server with user for basic auth
118
119.. code-block:: yaml
120
121 nginx:
122 server:
123 enabled: true
124 user:
125 username1:
126 enabled: true
127 password: magicunicorn
128 htpasswd: htpasswd-site1
129 username2:
130 enabled: true
131 password: magicunicorn
132
Ales Komarekd77b7972015-11-12 11:02:39 +0100[diff] [blame]133Proxy buffering
134
135.. code-block:: yaml
136
137 nginx:
138 server:
139 enabled: true
140 bind:
141 address: '0.0.0.0'
142 ports:
143 - 80
144 site:
145 gitlab_proxy:
146 enabled: true
147 type: proxy
148 proxy:
149 buffer:
150 number: 8
151 size: 16
152 host:
153 name: gitlab.domain.com
154 port: 80
155
Michael Kutý3a5abf12015-12-04 21:03:33 +0100[diff] [blame^]156Let's Encrypt
157
158.. code-block:: yaml
159
160 nginx:
161 server:
162 enabled: true
163 bind:
164 address: '0.0.0.0'
165 ports:
166 - 443
167 site:
168 gitlab_domain:
169 enabled: true
170 type: gitlab
171 name: domain
172 ssl:
173 enabled: true
174 engine: letsencrypt
175 host:
176 name: gitlab.domain.com
177 port: 443
178
Filip Pytloun6b5bb652015-10-06 16:28:32 +0200[diff] [blame]179Read more
180=========
181
182* http://wiki.nginx.org/Main
183* https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
184* http://nginx.com/resources/admin-guide/reverse-proxy/
185* https://mozilla.github.io/server-side-tls/ssl-config-generator/