65 lines
2 KiB
YAML
65 lines
2 KiB
YAML
---
|
|
|
|
nginx_ssl_dir: '/etc/letsencrypt/live'
|
|
|
|
#nginx_ssl_dir: '/mnt'
|
|
|
|
nginx_etc_dir: '/etc/nginx'
|
|
nginx_user: 'www-data'
|
|
nginx_worker_processes: '4'
|
|
nginx_pid: '/run/nginx.pid'
|
|
nginx_events_worker_connections: '10000'
|
|
nginx_events_multi_accept: 'on'
|
|
nginx_root: "/srv/www"
|
|
nginx_log_dir: '/var/log/nginx'
|
|
nginx_events_use: 'epoll'
|
|
nginx_www_dir: '/var/www/'
|
|
nginx_HSTS_policy: 'false'
|
|
nginx_http_types_hash_max_size: 4096
|
|
nginx_http_default_type: 'application/octet-stream'
|
|
nginx_http_access_log: 'off'
|
|
nginx_http_error_log: 'off'
|
|
nginx_http_client_body_buffer_size: '1M'
|
|
nginx_http_client_header_buffer_size: '1M'
|
|
nginx_http_client_max_body_size: '10M'
|
|
nginx_http_large_client_header_buffers: '8 8k'
|
|
nginx_http_client_body_timeout: '60'
|
|
nginx_http_client_header_timeout: '60'
|
|
nginx_http_keepalive_timeout: '30 30'
|
|
nginx_http_send_timeout: '120'
|
|
nginx_http_ignore_invalid_headers: 'on'
|
|
nginx_http_keepalive_requests: '100'
|
|
nginx_http_recursive_error_pages: 'on'
|
|
nginx_http_sendfile: 'on'
|
|
nginx_http_server_name_in_redirect: 'off'
|
|
nginx_http_server_tokens: 'off'
|
|
nginx_http_tcp_nodelay: 'on'
|
|
nginx_http_tcp_nopush: 'on'
|
|
nginx_http_reset_timedout_connection: 'on'
|
|
nginx_proxy_buffers: '16 16k'
|
|
nginx_proxy_buffer_size: '16k'
|
|
nginx_http_gzip: 'on'
|
|
nginx_http_gzip_buffers: '16 8k'
|
|
nginx_http_gzip_comp_level: '9'
|
|
nginx_http_gzip_http_version: '1.0'
|
|
nginx_http_gzip_min_length: '0'
|
|
nginx_http_gzip_types: 'text/plain text/css application/json application/x-javascript application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml'
|
|
nginx_http_gzip_vary: 'on'
|
|
nginx_http_gzip_disable: '"msie6"'
|
|
|
|
nginx_gen_dh: 'false'
|
|
nginx_dh_path: '{{ nginx_ssl_dir }}/dhparam.pem'
|
|
nginx_dh_length: 4096
|
|
nginx_ssl_protocols: 'TLSv1.2'
|
|
nginx_ssl_ciphers: 'EECDH+AESGCM:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305'
|
|
nginx_ssl_ecdh_curve: 'secp384r1'
|
|
|
|
letsencrypt_webroot_path: ''
|
|
install_letsencrypt: 'false'
|
|
letsencrypt_domains:
|
|
- name: ''
|
|
|
|
letsencrypt_copy_certs: 'false'
|
|
letsencrypt_copy_cert_from:
|
|
- name: ''
|
|
letsencrypt_dest: ''
|