From deeefac84cad6a0f0fb150be029553b4fe7069ac Mon Sep 17 00:00:00 2001 From: p5t2vspoqqw Date: Wed, 17 Apr 2019 13:42:09 +0200 Subject: [PATCH] add ngnix-status to config add doc --- docs/configuring-playbook-ngnix.md | 13 +++++++++++++ docs/configuring-playbook.md | 2 ++ roles/matrix-nginx-proxy/defaults/main.yml | 2 ++ .../templates/nginx/conf.d/matrix-domain.conf.j2 | 9 +++++++++ 4 files changed, 26 insertions(+) create mode 100644 docs/configuring-playbook-ngnix.md diff --git a/docs/configuring-playbook-ngnix.md b/docs/configuring-playbook-ngnix.md new file mode 100644 index 00000000..81081e8b --- /dev/null +++ b/docs/configuring-playbook-ngnix.md @@ -0,0 +1,13 @@ +# Configure Ngnix (optional, advanced) + +By default, this playbook installs its own nginx webserver (in a Docker container) which listens on ports 80 and 443. +If that's alright, you can skip this. + + +## Using Ngnix status + +This will serve a statuspage to the hosting machine only. Useful for monitoring software like [longview](https://www.linode.com/docs/platform/longview/longview-app-for-nginx/) + +```yaml +matrix_nginx_proxy_nginx_status_enabled: true +``` diff --git a/docs/configuring-playbook.md b/docs/configuring-playbook.md index c56cf11d..309fff09 100644 --- a/docs/configuring-playbook.md +++ b/docs/configuring-playbook.md @@ -43,6 +43,8 @@ When you're done with all the configuration you'd like to do, continue with [Ins - [Serving your base domain using this playbook's nginx server](configuring-playbook-base-domain-serving.md) (optional) +- [Configure Ngnix (optional, advanced)](configuring-playbook-ngnix.md) (optional, advanced) + - [Using your own webserver, instead of this playbook's nginx proxy](configuring-playbook-own-webserver.md) (optional, advanced) - [Setting up the REST authentication password provider module](configuring-playbook-rest-auth.md) (optional, advanced) diff --git a/roles/matrix-nginx-proxy/defaults/main.yml b/roles/matrix-nginx-proxy/defaults/main.yml index 3576f4c4..54e25194 100644 --- a/roles/matrix-nginx-proxy/defaults/main.yml +++ b/roles/matrix-nginx-proxy/defaults/main.yml @@ -1,5 +1,7 @@ matrix_nginx_proxy_enabled: true +matrix_nginx_proxy_nginx_status_enabled: false + # We use an official nginx image, which we fix-up to run unprivileged. # An alternative would be an `nginxinc/nginx-unprivileged` image, but # those as more frequently out of date. diff --git a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 index 679f3efa..b63f9fbc 100644 --- a/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 +++ b/roles/matrix-nginx-proxy/templates/nginx/conf.d/matrix-domain.conf.j2 @@ -4,6 +4,15 @@ server { server_tokens off; + {% if matrix_nginx_proxy_nginx_status_enabled %} + location /nginx_status { + stub_status on; + access_log off; + allow {{ ansible_default_ipv4.address }}; + deny all; + } + {% endif %} + location /.well-known/acme-challenge { {% if matrix_nginx_proxy_enabled %} {# Use the embedded DNS resolver in Docker containers to discover the service #}