Blame - README.rst - salt-formulas/nginx

blob: d11cbfa077f86b054304021edcc9c70637950351 [file] [log] [blame]

Filip Pytloun	6b5bb65	2015-10-06 16:28:32 +0200	[diff] [blame]	1
				2	=====
				3	Nginx
				4	=====
				5
				6	Nginx is an open source reverse proxy server for HTTP, HTTPS, SMTP, POP3, and IMAP protocols, as well as a load balancer, HTTP cache, and a web server (origin server). The nginx project started with a strong focus on high concurrency, high performance and low memory usage.
				7
				8	Sample pillars
				9	==============
				10
				11	Gitlab server setup
				12
				13	.. code-block:: yaml
				14
				15	nginx:
				16	server:
				17	enabled: true
				18	bind:
				19	address: '0.0.0.0'
				20	ports:
				21	- 80
				22	site:
				23	gitlab_domain:
				24	enabled: true
				25	type: gitlab
				26	name: domain
				27	ssl:
				28	enabled: true
				29	key: \|
				30	-----BEGIN RSA PRIVATE KEY-----
				31	...
				32	cert: \|
				33	xyz
				34	chain: \|
				35	my_chain..
				36	host:
				37	name: gitlab.domain.com
				38	port: 80
				39
				40	Simple static HTTP site
				41
				42	.. code-block:: yaml
				43
				44	nginx:
				45	server:
				46	site:
				47	nginx_static_site01:
				48	enabled: true
				49	type: static
				50	name: site01
				51	host:
				52	name: gitlab.domain.com
				53	port: 80
				54
Adam Tengler	e7746cb	2016-04-27 19:01:25 +0200	[diff] [blame]	55	Static site with access policy
				56
				57	.. code-block:: yaml
				58
				59	nginx:
				60	server:
				61	site:
				62	nginx_static_site01:
				63	enabled: true
				64	type: static
				65	name: site01
				66	access_policy:
				67	allow:
				68	- 192.168.1.1/24
				69	- 127.0.0.1
				70	deny:
				71	- 192.168.1.2
				72	- all
				73	host:
				74	name: gitlab.domain.com
				75	port: 80
				76
Filip Pytloun	6b5bb65	2015-10-06 16:28:32 +0200	[diff] [blame]	77	Simple HTTP proxy
				78
				79	.. code-block:: yaml
				80
				81	nginx:
				82	server:
				83	site:
				84	nginx_proxy_site01:
				85	enabled: true
				86	type: proxy
				87	name: site01
				88	proxy:
				89	host: local.domain.com
				90	port: 80
				91	protocol: http
				92	host:
				93	name: gitlab.domain.com
				94	port: 80
				95
				96	Simple Websocket proxy
				97
				98	.. code-block:: yaml
				99
				100	nginx:
				101	server:
				102	site:
				103	nginx_proxy_site02:
				104	enabled: true
				105	type: proxy
				106	name: site02
				107	proxy:
				108	websocket: true
				109	host: local.domain.com
				110	port: 80
				111	protocol: http
				112	host:
				113	name: gitlab.domain.com
				114	port: 80
				115
				116	Content filtering proxy
				117
				118	.. code-block:: yaml
				119
				120	nginx:
				121	server:
				122	enabled: true
				123	site:
				124	nginx_proxy_site03:
				125	enabled: true
				126	type: proxy
				127	name: site03
				128	proxy:
				129	host: local.domain.com
				130	port: 80
				131	protocol: http
				132	filter:
				133	search: https://www.domain.com
				134	replace: http://10.10.10.10
				135	host:
				136	name: gitlab.domain.com
				137	port: 80
				138
Adam Tengler	e7746cb	2016-04-27 19:01:25 +0200	[diff] [blame]	139	Proxy with access policy
				140
				141	.. code-block:: yaml
				142
				143	nginx:
				144	server:
				145	site:
				146	nginx_proxy_site01:
				147	enabled: true
				148	type: proxy
				149	name: site01
				150	access_policy:
				151	allow:
				152	- 192.168.1.1/24
				153	- 127.0.0.1
				154	deny:
				155	- 192.168.1.2
				156	- all
				157	proxy:
				158	host: local.domain.com
				159	port: 80
				160	protocol: http
				161	host:
				162	name: gitlab.domain.com
				163	port: 80
				164
Filip Pytloun	6b5bb65	2015-10-06 16:28:32 +0200	[diff] [blame]	165	Gitlab server with user for basic auth
				166
				167	.. code-block:: yaml
				168
				169	nginx:
				170	server:
				171	enabled: true
				172	user:
				173	username1:
				174	enabled: true
				175	password: magicunicorn
				176	htpasswd: htpasswd-site1
				177	username2:
				178	enabled: true
				179	password: magicunicorn
				180
Ales Komarek	d77b797	2015-11-12 11:02:39 +0100	[diff] [blame]	181	Proxy buffering
				182
				183	.. code-block:: yaml
				184
				185	nginx:
				186	server:
				187	enabled: true
				188	bind:
				189	address: '0.0.0.0'
				190	ports:
				191	- 80
				192	site:
				193	gitlab_proxy:
				194	enabled: true
				195	type: proxy
				196	proxy:
				197	buffer:
				198	number: 8
				199	size: 16
				200	host:
				201	name: gitlab.domain.com
				202	port: 80
				203
Michael Kutý	3a5abf1	2015-12-04 21:03:33 +0100	[diff] [blame]	204	Let's Encrypt
				205
				206	.. code-block:: yaml
				207
				208	nginx:
				209	server:
				210	enabled: true
				211	bind:
				212	address: '0.0.0.0'
				213	ports:
				214	- 443
				215	site:
				216	gitlab_domain:
				217	enabled: true
				218	type: gitlab
				219	name: domain
				220	ssl:
				221	enabled: true
				222	engine: letsencrypt
				223	host:
				224	name: gitlab.domain.com
				225	port: 443
				226
Adam Tengler	c391657	2016-01-25 17:46:52 +0100	[diff] [blame]	227	Nginx stats server (required by collectd nginx plugin)
				228
				229	.. code-block::
				230
				231	nginx:
				232	server:
				233	enabled: true
				234	site:
				235	nginx_stats_server:
				236	enabled: true
				237	type: nginx_stats
				238	name: server
				239	host:
				240	name: 127.0.0.1
				241	port: 8888
				242
Filip Pytloun	6b5bb65	2015-10-06 16:28:32 +0200	[diff] [blame]	243	Read more
				244	=========
				245
				246	* http://wiki.nginx.org/Main
				247	* https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
				248	* http://nginx.com/resources/admin-guide/reverse-proxy/
				249	* https://mozilla.github.io/server-side-tls/ssl-config-generator/