Install and configures Nginx as reverse proxy for multiple website.
| GitHub | Quality | Downloads | Galaxy | Version |
|---|---|---|---|---|
 |
 |
 |
 |
 |
This role requires Ansible 2.4 or higher.
Default values:
nginx_revproxy_sites: # List of sites to reverse proxy
default: # Set default site to return 444 (Connection Closed Without Response)
ssl: false # Set to True if you want to redirect http to https
letsencrypt: false
example.com: # Domain name
domains: # List of server_name aliases
- example.com
- www.example.com
upstreams: # List of Upstreams
- { backend_address: 192.168.0.100, backend_port: 80 }
- { backend_address: 192.168.0.101, backend_port: 8080 }
auth: # Define this block for a single HTTP user/password, or leave undefined for unauthenticated vhosts
login: myusername
password: mysecretpassword
extra_locations: # Set this block to add extra location, or leave it undefined for non extra location needed
websocket: # extra location name
upstreams: # list of upstreans for extra location
- { backend_address: 192.168.0.102, backend_port: 8088 }
listen: 9000 # Specify which port you want to listen to with clear HTTP, or leave undefined for 80
ssl: false # Set to True if you want to redirect http to https
letsencrypt: false # Set to True if you want to use letsencrypt
conn_upgrade: true # Set the Connection upgrade header values
acls: # Limit access to certain client addresses (values can be address, CIDR, unix or all)
- { mode: allow, value: 192.168.0.1 }
- { mode: deny, value: all }
example.org: # Domain name
domains: # List of server_name aliases
- example.org
- www.example.org
upstreams: # List of Upstreams
- { backend_address: 192.168.0.200, backend_port: 80 }
- { backend_address: 192.168.0.201, backend_port: 8080 }
listen: 9000 # Specify which port you want to listen to with clear HTTP, or leave undefined for 80
listen_ssl: 9001 # Specify which port you want to listen to with HTTPS, or leave undefined for 443
ssl: true # Set to True if you want to redirect http to https
ssl_certificate: /etc/ssl/certs/ssl-cert-snakeoil.pem # ssl certificate, used if letsencrypt is false
ssl_certificate_key: /etc/ssl/private/ssl-cert-snakeoil.key # ssl certificate key, used if letsencrypt is false
letsencrypt: false # Set to True if you want use letsencrypt
letsencrypt_email: "" # Set email for letencrypt cert
nginx_revproxy_certbot_auto: false # Set to true to install certbot-auto
nginx_revproxy_certbot_packages: # Install these packages from repo, when not using certbot-auto
- certbot
- python3-certbot-nginxNone.
- hosts: all
roles:
- hispanico.nginx_revproxy
vars:
nginx_revproxy_sites:
default:
ssl: false
letsencrypt: false
example.com:
domains:
- example.com
- www.example.com
upstreams:
- { backend_address: 192.168.0.100, backend_port: 80 }
- { backend_address: 192.168.0.101, backend_port: 80 }
ssl: true
letsencrypt: falseLicensed under the GPLv3 License. See the LICENSE file for details.
Hispanico