diff --git a/roles/arch32_mirror/templates/nginx.d.conf.j2 b/roles/arch32_mirror/templates/nginx.d.conf.j2 index 9b2f2f3a..5dbb56d0 100644 --- a/roles/arch32_mirror/templates/nginx.d.conf.j2 +++ b/roles/arch32_mirror/templates/nginx.d.conf.j2 @@ -4,7 +4,7 @@ server { server_name {{ arch32_mirror_domain }} pool.mirror.archlinux32.org; root {{ arch32_mirror_dir }}; - access_log /var/log/nginx/{{ arch32_mirror_domain }}/access.log; + access_log /var/log/nginx/{{ arch32_mirror_domain }}/access.log main; error_log /var/log/nginx/{{ arch32_mirror_domain }}/error.log; include snippets/letsencrypt.conf; @@ -18,7 +18,7 @@ server { server_name {{ arch32_mirror_domain }}; root {{ arch32_mirror_dir }}; - access_log /var/log/nginx/{{ arch32_mirror_domain }}/access.log; + access_log /var/log/nginx/{{ arch32_mirror_domain }}/access.log main; error_log /var/log/nginx/{{ arch32_mirror_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ arch32_mirror_domain }}/fullchain.pem; diff --git a/roles/archive/templates/nginx.d.conf.j2 b/roles/archive/templates/nginx.d.conf.j2 index 68513db7..0fbcc291 100644 --- a/roles/archive/templates/nginx.d.conf.j2 +++ b/roles/archive/templates/nginx.d.conf.j2 @@ -3,7 +3,7 @@ server { listen [::]:80; server_name {{ archive_domain }}; - access_log /var/log/nginx/{{ archive_domain }}/access.log; + access_log /var/log/nginx/{{ archive_domain }}/access.log main; error_log /var/log/nginx/{{ archive_domain }}/error.log; include snippets/letsencrypt.conf; @@ -18,7 +18,7 @@ server { listen [::]:443 ssl http2; server_name {{ archive_domain }}; - access_log /var/log/nginx/{{ archive_domain }}/access.log; + access_log /var/log/nginx/{{ archive_domain }}/access.log main; error_log /var/log/nginx/{{ archive_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ archive_domain }}/fullchain.pem; diff --git a/roles/archweb/templates/nginx.d.conf.j2 b/roles/archweb/templates/nginx.d.conf.j2 index bef77dde..20ed0497 100644 --- a/roles/archweb/templates/nginx.d.conf.j2 +++ b/roles/archweb/templates/nginx.d.conf.j2 @@ -9,7 +9,7 @@ server { listen [::]:80; server_name {{ domain }}; - access_log /var/log/nginx/{{ archweb_domain }}/access.log; + access_log /var/log/nginx/{{ archweb_domain }}/access.log main; error_log /var/log/nginx/{{ archweb_domain }}/error.log; include snippets/letsencrypt.conf; @@ -24,7 +24,7 @@ server { listen [::]:443 ssl http2; server_name {{ domain }}; - access_log /var/log/nginx/{{ archweb_domain }}/access.log; + access_log /var/log/nginx/{{ archweb_domain }}/access.log main; error_log /var/log/nginx/{{ archweb_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ archweb_domain }}/fullchain.pem; @@ -51,7 +51,7 @@ server { listen [::]:80; server_name {{ archweb_domain }}; - access_log /var/log/nginx/{{ archweb_domain }}/access.log; + access_log /var/log/nginx/{{ archweb_domain }}/access.log main; error_log /var/log/nginx/{{ archweb_domain }}/error.log; include snippets/letsencrypt.conf; @@ -71,7 +71,7 @@ server { listen [::]:443 ssl http2; server_name {{ archweb_domain }}; - access_log /var/log/nginx/{{ archweb_domain }}/access.log; + access_log /var/log/nginx/{{ archweb_domain }}/access.log main; error_log /var/log/nginx/{{ archweb_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ archweb_domain }}/fullchain.pem; diff --git a/roles/flyspray/templates/nginx.d.conf.j2 b/roles/flyspray/templates/nginx.d.conf.j2 index 867e59bd..0dd8b9d1 100644 --- a/roles/flyspray/templates/nginx.d.conf.j2 +++ b/roles/flyspray/templates/nginx.d.conf.j2 @@ -7,7 +7,7 @@ server { listen [::]:80; server_name {{ flyspray_domain }}; - access_log /var/log/nginx/{{ flyspray_domain }}/access.log; + access_log /var/log/nginx/{{ flyspray_domain }}/access.log main; error_log /var/log/nginx/{{ flyspray_domain }}/error.log; include snippets/letsencrypt.conf; @@ -22,7 +22,7 @@ server { listen [::]:443 ssl http2; server_name {{ flyspray_domain }}; - access_log /var/log/nginx/{{ flyspray_domain }}/access.log; + access_log /var/log/nginx/{{ flyspray_domain }}/access.log main; error_log /var/log/nginx/{{ flyspray_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ flyspray_domain }}/fullchain.pem; diff --git a/roles/grafana/templates/nginx.d.conf.j2 b/roles/grafana/templates/nginx.d.conf.j2 index 6a2d5931..73b3cef8 100644 --- a/roles/grafana/templates/nginx.d.conf.j2 +++ b/roles/grafana/templates/nginx.d.conf.j2 @@ -7,7 +7,7 @@ server { listen [::]:80; server_name {{ grafana_domain }}; - access_log /var/log/nginx/{{ grafana_domain }}/access.log; + access_log /var/log/nginx/{{ grafana_domain }}/access.log main; error_log /var/log/nginx/{{ grafana_domain }}/error.log; include snippets/letsencrypt.conf; @@ -22,7 +22,7 @@ server { listen [::]:443 ssl http2; server_name {{ grafana_domain }}; - access_log /var/log/nginx/{{ grafana_domain }}/access.log; + access_log /var/log/nginx/{{ grafana_domain }}/access.log main; error_log /var/log/nginx/{{ grafana_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ grafana_domain }}/fullchain.pem; diff --git a/roles/kanboard/templates/nginx.d.conf.j2 b/roles/kanboard/templates/nginx.d.conf.j2 index 874e52d2..bd2ca1f7 100644 --- a/roles/kanboard/templates/nginx.d.conf.j2 +++ b/roles/kanboard/templates/nginx.d.conf.j2 @@ -7,7 +7,7 @@ server { listen [::]:80; server_name {{ kanboard_domain }}; - access_log /var/log/nginx/{{ kanboard_domain }}/access.log; + access_log /var/log/nginx/{{ kanboard_domain }}/access.log main; error_log /var/log/nginx/{{ kanboard_domain }}/error.log; include snippets/letsencrypt.conf; @@ -22,7 +22,7 @@ server { listen [::]:443 ssl http2; server_name {{ kanboard_domain }}; - access_log /var/log/nginx/{{ kanboard_domain }}/access.log; + access_log /var/log/nginx/{{ kanboard_domain }}/access.log main; error_log /var/log/nginx/{{ kanboard_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ kanboard_domain }}/fullchain.pem; diff --git a/roles/mailman/templates/nginx.d.conf.j2 b/roles/mailman/templates/nginx.d.conf.j2 index c742aa71..d9fb708c 100644 --- a/roles/mailman/templates/nginx.d.conf.j2 +++ b/roles/mailman/templates/nginx.d.conf.j2 @@ -3,7 +3,7 @@ server { listen [::]:80; server_name mailman.archlinux.org; - access_log /var/log/nginx/{{ mailman_domain }}/access.log; + access_log /var/log/nginx/{{ mailman_domain }}/access.log main; error_log /var/log/nginx/{{ mailman_domain }}/error.log; include snippets/letsencrypt.conf; @@ -18,7 +18,7 @@ server { listen [::]:443 ssl http2; server_name mailman.archlinux.org; - access_log /var/log/nginx/{{ mailman_domain }}/access.log; + access_log /var/log/nginx/{{ mailman_domain }}/access.log main; error_log /var/log/nginx/{{ mailman_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/mailman.archlinux.org/fullchain.pem; diff --git a/roles/matrix/templates/nginx.d.conf.j2 b/roles/matrix/templates/nginx.d.conf.j2 index 271a9fb4..4eff48b7 100644 --- a/roles/matrix/templates/nginx.d.conf.j2 +++ b/roles/matrix/templates/nginx.d.conf.j2 @@ -7,7 +7,7 @@ server { listen [::]:80; server_name {{ matrix_domain }}; - access_log /var/log/nginx/{{ matrix_domain }}/access.log; + access_log /var/log/nginx/{{ matrix_domain }}/access.log main; error_log /var/log/nginx/{{ matrix_domain }}/error.log; include snippets/letsencrypt.conf; @@ -22,7 +22,7 @@ server { listen [::]:443 ssl http2; server_name {{ matrix_domain }}; - access_log /var/log/nginx/{{ matrix_domain }}/access.log; + access_log /var/log/nginx/{{ matrix_domain }}/access.log main; error_log /var/log/nginx/{{ matrix_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ matrix_domain }}/fullchain.pem; diff --git a/roles/nginx/templates/nginx.conf.j2 b/roles/nginx/templates/nginx.conf.j2 index f00e034f..a12a8bf2 100644 --- a/roles/nginx/templates/nginx.conf.j2 +++ b/roles/nginx/templates/nginx.conf.j2 @@ -13,6 +13,10 @@ http { include mime.types; default_type application/octet-stream; + log_format main '$remote_addr $host $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for" $request_time'; + sendfile on; keepalive_timeout 65; client_max_body_size 16M; @@ -26,7 +30,7 @@ http { index index.php index.html index.htm; - access_log syslog:server=unix:/dev/log,nohostname,tag=nginx_http; + access_log syslog:server=unix:/dev/log,nohostname,tag=nginx_http main; include snippets/sslsettings.conf; diff --git a/roles/patchwork/templates/nginx.d.conf.j2 b/roles/patchwork/templates/nginx.d.conf.j2 index b42dd26a..cd08601e 100644 --- a/roles/patchwork/templates/nginx.d.conf.j2 +++ b/roles/patchwork/templates/nginx.d.conf.j2 @@ -7,7 +7,7 @@ server { listen [::]:80; server_name {{ patchwork_domain }}; - access_log /var/log/nginx/{{ patchwork_domain }}/access.log; + access_log /var/log/nginx/{{ patchwork_domain }}/access.log main; error_log /var/log/nginx/{{ patchwork_domain }}/error.log; include snippets/letsencrypt.conf; @@ -22,7 +22,7 @@ server { listen [::]:443 ssl http2; server_name {{ patchwork_domain }}; - access_log /var/log/nginx/{{ patchwork_domain }}/access.log; + access_log /var/log/nginx/{{ patchwork_domain }}/access.log main; error_log /var/log/nginx/{{ patchwork_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ patchwork_domain }}/fullchain.pem; diff --git a/roles/planet/templates/nginx.d.conf.j2 b/roles/planet/templates/nginx.d.conf.j2 index 2e2d841a..507abd53 100644 --- a/roles/planet/templates/nginx.d.conf.j2 +++ b/roles/planet/templates/nginx.d.conf.j2 @@ -3,7 +3,7 @@ server { listen [::]:80; server_name {{ planet_domain }}; - access_log /var/log/nginx/{{ planet_domain }}/access.log; + access_log /var/log/nginx/{{ planet_domain }}/access.log main; error_log /var/log/nginx/{{ planet_domain }}/error.log; include snippets/letsencrypt.conf; @@ -18,7 +18,7 @@ server { listen [::]:443 ssl http2; server_name {{ planet_domain }}; - access_log /var/log/nginx/{{ planet_domain }}/access.log; + access_log /var/log/nginx/{{ planet_domain }}/access.log main; error_log /var/log/nginx/{{ planet_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ planet_domain }}/fullchain.pem; diff --git a/roles/public_html/templates/nginx.d.conf.j2 b/roles/public_html/templates/nginx.d.conf.j2 index 034af8e1..b1879891 100644 --- a/roles/public_html/templates/nginx.d.conf.j2 +++ b/roles/public_html/templates/nginx.d.conf.j2 @@ -4,7 +4,7 @@ server { server_name {{ public_domain }} www.{{ public_domain }}; root /srv/public_html; - access_log /var/log/nginx/{{ public_domain }}/access.log; + access_log /var/log/nginx/{{ public_domain }}/access.log main; error_log /var/log/nginx/{{ public_domain }}/error.log; include snippets/letsencrypt.conf; @@ -22,7 +22,7 @@ server { server_name {{ public_domain }} www.{{ public_domain }}; root /srv/public_html; - access_log /var/log/nginx/{{ public_domain }}/access.log; + access_log /var/log/nginx/{{ public_domain }}/access.log main; error_log /var/log/nginx/{{ public_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ public_domain }}/fullchain.pem; diff --git a/roles/security_tracker/templates/nginx.d.conf.j2 b/roles/security_tracker/templates/nginx.d.conf.j2 index c03b30c2..3163443f 100644 --- a/roles/security_tracker/templates/nginx.d.conf.j2 +++ b/roles/security_tracker/templates/nginx.d.conf.j2 @@ -7,7 +7,7 @@ server { listen [::]:80; server_name {{ security_tracker_domain }}; - access_log /var/log/nginx/{{ security_tracker_domain }}/access.log; + access_log /var/log/nginx/{{ security_tracker_domain }}/access.log main; error_log /var/log/nginx/{{ security_tracker_domain }}/error.log; include snippets/letsencrypt.conf; @@ -22,7 +22,7 @@ server { listen [::]:443 ssl http2; server_name {{ security_tracker_domain }}; - access_log /var/log/nginx/{{ security_tracker_domain }}/access.log; + access_log /var/log/nginx/{{ security_tracker_domain }}/access.log main; error_log /var/log/nginx/{{ security_tracker_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ security_tracker_domain }}/fullchain.pem; diff --git a/roles/sources/templates/nginx.d.conf.j2 b/roles/sources/templates/nginx.d.conf.j2 index e596c886..9f6f7d47 100644 --- a/roles/sources/templates/nginx.d.conf.j2 +++ b/roles/sources/templates/nginx.d.conf.j2 @@ -3,7 +3,7 @@ server { listen [::]:80; server_name {{ sources_domain }}; - access_log /var/log/nginx/{{ sources_domain }}/access.log; + access_log /var/log/nginx/{{ sources_domain }}/access.log main; error_log /var/log/nginx/{{ sources_domain }}/error.log; include snippets/letsencrypt.conf; @@ -18,7 +18,7 @@ server { listen [::]:443 ssl http2; server_name {{ sources_domain }}; - access_log /var/log/nginx/{{ sources_domain }}/access.log; + access_log /var/log/nginx/{{ sources_domain }}/access.log main; error_log /var/log/nginx/{{ sources_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ sources_domain }}/fullchain.pem; diff --git a/roles/syncrepo/templates/nginx.d.conf.j2 b/roles/syncrepo/templates/nginx.d.conf.j2 index 1e69ceb4..c6999a42 100644 --- a/roles/syncrepo/templates/nginx.d.conf.j2 +++ b/roles/syncrepo/templates/nginx.d.conf.j2 @@ -4,7 +4,7 @@ server { server_name {{ mirror_domain }}; root /srv/ftp; - access_log /var/log/nginx/{{ mirror_domain }}/access.log; + access_log /var/log/nginx/{{ mirror_domain }}/access.log main; error_log /var/log/nginx/{{ mirror_domain }}/error.log; include snippets/letsencrypt.conf; @@ -18,7 +18,7 @@ server { server_name {{ mirror_domain }}; root /srv/ftp; - access_log /var/log/nginx/{{ mirror_domain }}/access.log; + access_log /var/log/nginx/{{ mirror_domain }}/access.log main; error_log /var/log/nginx/{{ mirror_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ mirror_domain }}/fullchain.pem; diff --git a/roles/zabbix-server/templates/nginx.d.conf.j2 b/roles/zabbix-server/templates/nginx.d.conf.j2 index 6975bc54..590b6553 100644 --- a/roles/zabbix-server/templates/nginx.d.conf.j2 +++ b/roles/zabbix-server/templates/nginx.d.conf.j2 @@ -7,7 +7,7 @@ server { listen [::]:80; server_name {{ zabbix_domain }}; - access_log /var/log/nginx/{{ zabbix_domain }}/access.log; + access_log /var/log/nginx/{{ zabbix_domain }}/access.log main; error_log /var/log/nginx/{{ zabbix_domain }}/error.log; include snippets/letsencrypt.conf; @@ -22,7 +22,7 @@ server { listen [::]:443 ssl http2; server_name {{ zabbix_domain }}; - access_log /var/log/nginx/{{ zabbix_domain }}/access.log; + access_log /var/log/nginx/{{ zabbix_domain }}/access.log main; error_log /var/log/nginx/{{ zabbix_domain }}/error.log; ssl_certificate /etc/letsencrypt/live/{{ zabbix_domain }}/fullchain.pem;