From 7757387dd5451fb546ea1c6687ac8fd782c84f02 Mon Sep 17 00:00:00 2001
From: Tobias Hachmer <tobias@hachmer.de>
Date: Fri, 29 Dec 2017 20:31:46 +0100
Subject: [PATCH] Role service-nginx: add nginx.conf templating

---
 roles/service-nginx/README.md               |  1 +
 roles/service-nginx/tasks/main.yml          |  9 ++++++
 roles/service-nginx/templates/nginx.conf.j2 | 31 +++++++++++++++++++++
 3 files changed, 41 insertions(+)
 create mode 100644 roles/service-nginx/templates/nginx.conf.j2

diff --git a/roles/service-nginx/README.md b/roles/service-nginx/README.md
index b45bba2..c0179d4 100644
--- a/roles/service-nginx/README.md
+++ b/roles/service-nginx/README.md
@@ -4,6 +4,7 @@ Diese Ansible role installiert und konfiguriert den Web Server nginx.
 
 - installiert das offizielle Debian Repository von nginx.org
 - installiert nginx
+- schreibt nginx.conf
 - schreibt default.conf
 - installiert die Standard MWU Gateway Webseite
 
diff --git a/roles/service-nginx/tasks/main.yml b/roles/service-nginx/tasks/main.yml
index 912e588..1fd1d4f 100644
--- a/roles/service-nginx/tasks/main.yml
+++ b/roles/service-nginx/tasks/main.yml
@@ -20,6 +20,15 @@
     name: nginx
     state: present
 
+- name: write nginx configuration nginx.conf
+  template:
+    src: nginx.conf.j2
+    dest: /etc/nginx/nginx.conf
+    mode: 0644
+    owner: root
+    group: root
+  notify: reload nginx
+
 - name: write nginx configuration default.conf
   template:
     src: default.conf.j2
diff --git a/roles/service-nginx/templates/nginx.conf.j2 b/roles/service-nginx/templates/nginx.conf.j2
new file mode 100644
index 0000000..2347b39
--- /dev/null
+++ b/roles/service-nginx/templates/nginx.conf.j2
@@ -0,0 +1,31 @@
+user  nginx;
+worker_processes  1;
+
+error_log  /var/log/nginx/error.log warn;
+pid        /var/run/nginx.pid;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    #access_log  /var/log/nginx/access.log  main;
+    access_log  off;
+
+    sendfile        on;
+    tcp_nopush      on;
+    tcp_nodelay     on;
+
+    keepalive_timeout  65;
+
+    gzip  on;
+
+    include /etc/nginx/conf.d/*.conf;
+}