Commit 9580d41f authored by Jocelyn Delalande's avatar Jocelyn Delalande

nginx: Document the role

parent 64a3dbcf
*see also: letsencrypt*
Install nginx and setup vhosts.
### Required
- *nginx_vhosts* : a list of vhosts, relevant properties to each elements are
documented in *Vhosts configuration*.
### Optionelle
- *nginx_letsencrypt_webroot* : where *.well-known* folder (containing
challenges proofs) will be stored (default */var/www*)
- *nginx_ssl_fullchain_path* : default cert chain path (PEM format), defaults
to a snakeoil cert.
- *nginx_ssl_privkey_path* : path to the private key path (PEM format),
defaults to a snakeoil key.
Vhosts configuration
Plusieurs clefs sont disponibles pour chaque vhost de la liste *nginx_vhosts*.
### Required
- *domain* : the domain name
- *type* : `http` or `https`
### Optional
- *features* : a list that may contain one or more from the following:
- *letsencrypt-check* : to answer ACME letsencrypt challenges on this domain
- *ssl-redirection* : to redirect all this domain to its https counterpart
- *no-robots* : to disable indexing on the whole vhost
- *locations* : a list of "folders" located within this vhost (in most cases
you will only have one "path=/" entry), with those properties:
- *path*: the path (eg: `/`, `/images/`)
- *type*: a value among:
- *fastcgi* : Forwards traffic to a fastcgi servers whose address is
provided in *target* property
- *reverse-proxy* : proxies the traffic to another HTTP server whose
address is provided in *target* property. est précisée dans *target*
- *reverse-proxy-websockets* : same, but also proxies websockets
- *static* : serve a static files folder whose path is provided in *target*
property précisé dans *target*
- *domain-redirection* : redirects (301) to another domain mentioned in
- *target* : depends on *type*.
- *vars*: a list of key/value couples, that will be appended as-is to nginx
settings for that *path*.
- domain:
type: http
- letsencrypt-check
- ssl-redirection
- domain:
type: https