Replace default nginx config on rh-like systems
The default nginx config file on centos/rocky includes a server section listening on port 80 and [::]:80. There is no way to disable this other than to adjust the configuration file. This patch supplies a modified version of the centos nginx config file which does not include a default server section. A systemd drop in is installed to override the nginx service ExecStart which starts the service using the modified configuration file. Change-Id: If7674a750e5316feb4d0fcff8cd0f4df7a67ffbb
This commit is contained in:
parent
8980eacd67
commit
b3bbef88b3
@ -116,6 +116,34 @@
|
|||||||
with_items:
|
with_items:
|
||||||
- "/etc/nginx/{{ ironic_nginx_conf_path }}"
|
- "/etc/nginx/{{ ironic_nginx_conf_path }}"
|
||||||
|
|
||||||
|
- name: Write alternate nginx.conf for rh like systems
|
||||||
|
template:
|
||||||
|
src: nginx-nodefault.conf.j2
|
||||||
|
dest: "/etc/nginx/nginx-nodefault.conf"
|
||||||
|
mode: "0644"
|
||||||
|
when:
|
||||||
|
- ansible_facts['pkg_mgr'] == 'dnf'
|
||||||
|
notify:
|
||||||
|
- Restart web server
|
||||||
|
|
||||||
|
- name: Create systemd dropin for rh like systems
|
||||||
|
import_role:
|
||||||
|
name: systemd_service
|
||||||
|
when:
|
||||||
|
- ansible_facts['pkg_mgr'] == 'dnf'
|
||||||
|
vars:
|
||||||
|
systemd_services:
|
||||||
|
- service_name: "nginx"
|
||||||
|
systemd_overrides_only: true
|
||||||
|
load: false
|
||||||
|
systemd_overrides:
|
||||||
|
Service:
|
||||||
|
ExecStart:
|
||||||
|
- ''
|
||||||
|
- '/usr/sbin/nginx -c /etc/nginx/nginx-nodefault.conf'
|
||||||
|
notify:
|
||||||
|
- Restart web server
|
||||||
|
|
||||||
- name: Configure nginx virtual hosts
|
- name: Configure nginx virtual hosts
|
||||||
template:
|
template:
|
||||||
src: ironic-ipxe.conf.j2
|
src: ironic-ipxe.conf.j2
|
||||||
|
@ -63,6 +63,34 @@
|
|||||||
with_items:
|
with_items:
|
||||||
- "/etc/nginx/{{ ironic_nginx_conf_path }}"
|
- "/etc/nginx/{{ ironic_nginx_conf_path }}"
|
||||||
|
|
||||||
|
- name: Write alternate nginx.conf for rh like systems
|
||||||
|
template:
|
||||||
|
src: nginx-nodefault.conf.j2
|
||||||
|
dest: "/etc/nginx/nginx-nodefault.conf"
|
||||||
|
mode: "0644"
|
||||||
|
when:
|
||||||
|
- ansible_facts['pkg_mgr'] == 'dnf'
|
||||||
|
notify:
|
||||||
|
- Restart web server
|
||||||
|
|
||||||
|
- name: Create systemd dropin for rh like systems
|
||||||
|
import_role:
|
||||||
|
name: systemd_service
|
||||||
|
when:
|
||||||
|
- ansible_facts['pkg_mgr'] == 'dnf'
|
||||||
|
vars:
|
||||||
|
systemd_services:
|
||||||
|
- service_name: "nginx"
|
||||||
|
systemd_overrides_only: true
|
||||||
|
load: false
|
||||||
|
systemd_overrides:
|
||||||
|
Service:
|
||||||
|
ExecStart:
|
||||||
|
- ''
|
||||||
|
- '/usr/sbin/nginx -c /etc/nginx/nginx-nodefault.conf'
|
||||||
|
notify:
|
||||||
|
- Restart web server
|
||||||
|
|
||||||
- name: Configure nginx virtual hosts
|
- name: Configure nginx virtual hosts
|
||||||
template:
|
template:
|
||||||
src: ironic-ipxe.conf.j2
|
src: ironic-ipxe.conf.j2
|
||||||
|
39
templates/nginx-nodefault.conf.j2
Normal file
39
templates/nginx-nodefault.conf.j2
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
# For more information on configuration, see:
|
||||||
|
# * Official English Documentation: http://nginx.org/en/docs/
|
||||||
|
# * Official Russian Documentation: http://nginx.org/ru/docs/
|
||||||
|
|
||||||
|
user nginx;
|
||||||
|
worker_processes auto;
|
||||||
|
error_log /var/log/nginx/error.log;
|
||||||
|
pid /run/nginx.pid;
|
||||||
|
|
||||||
|
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
|
||||||
|
include /usr/share/nginx/modules/*.conf;
|
||||||
|
|
||||||
|
events {
|
||||||
|
worker_connections 1024;
|
||||||
|
}
|
||||||
|
|
||||||
|
http {
|
||||||
|
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||||
|
'$status $body_bytes_sent "$http_referer" '
|
||||||
|
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||||
|
|
||||||
|
access_log /var/log/nginx/access.log main;
|
||||||
|
|
||||||
|
sendfile on;
|
||||||
|
tcp_nopush on;
|
||||||
|
tcp_nodelay on;
|
||||||
|
keepalive_timeout 65;
|
||||||
|
types_hash_max_size 4096;
|
||||||
|
|
||||||
|
include /etc/nginx/mime.types;
|
||||||
|
default_type application/octet-stream;
|
||||||
|
|
||||||
|
# Load modular configuration files from the /etc/nginx/conf.d directory.
|
||||||
|
# See http://nginx.org/en/docs/ngx_core_module.html#include
|
||||||
|
# for more information.
|
||||||
|
include /etc/nginx/conf.d/*.conf;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user