user www-data; worker_processes auto; pid /run/nginx.pid; events { worker_connections 768; # multi_accept on; } http { ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; server_tokens {{ nginx_settings.server_tokens | ternary('on', 'off') }}; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols {{ nginx_settings.ssl_protocols|join(' ') }}; ssl_prefer_server_ciphers on; ## # Logging Settings ## access_log syslog:server=unix:/dev/log; error_log syslog:server=unix:/dev/log; ## # Gzip Settings ## gzip {{ nginx_settings.gzip | ternary('on', 'off') }}; gzip_comp_level 6; gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; gzip_buffers 16 8k; gzip_http_version 1.1; ## # Virtual Host Configs ## # include /etc/nginx/conf.d/*.conf; # include /etc/nginx/sites-enabled/*; # Prometheus Nginx Exporter server { listen 127.0.0.1:8080; location /stub_status { stub_status; } } {% if nginx_settings.load_balancers is not undefined %} ## # Load Balancers ## {% for http_load_balancer in nginx_settings.load_balancers.http %} upstream {{ http_load_balancer.upstream.name }} { {% for server in http_load_balancer.upstream.servers %} server {{ server }}; {% endfor %} } server { listen {{ http_load_balancer.server.listen_port }}; server_name {{ http_load_balancer.server.names|join(' ') }}; location / { proxy_pass http://{{ http_load_balancer.upstream.name }}; {% if http_load_balancer.server.statements is not undefined %} {% for statement in http_load_balancer.server.statements %} {{ statement }}; {% endfor %} {% endif %} } } {% endfor %} {% endif %} {% if nginx_settings.statics is not undefined %} ## # Static Servings ## {% for static in nginx_settings.statics %} server { listen {{ static.listen_port }}; server_name {{ static.names|join(' ') }}; root {{ static.root }}; index {{ static.index }}; location / { try_files $uri $uri/ =404; } } {% endfor %} {% endif %} }