-
Notifications
You must be signed in to change notification settings - Fork 48
/
nginx.yml
57 lines (53 loc) · 2.16 KB
/
nginx.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
---
# tasks file to start nginx container
- name: copy uploadsize.conf to {{ nextcloud_config_dir }}
copy:
src: 'uploadsize.conf'
dest: '{{ nextcloud_config_dir }}/uploadsize.conf'
owner: '33'
group: '33'
mode: 0644
- name: copy nginx.conf
template:
src: 'nginx.conf.j2'
dest: '{{ nextcloud_config_dir }}/nginx.conf'
owner: '33'
group: '33'
mode: 0644
- name: "{{ 'Create' if (state is undefined or 'absent' not in state) else 'Terminate' }} the nginx container"
docker_container:
name: nginx
image: nginx:{{ docker_nginx_image | default('latest') }}
restart_policy: always
links:
- 'nextcloud:nextcloud'
networks:
- name: backend
networks_cli_compatible: true
volumes:
- "{{ nextcloud_config_dir }}/nginx.conf:/etc/nginx/nginx.conf"
- "{{ nextcloud_config_dir }}/uploadsize.conf:/etc/nginx/conf.d/uploadsize.conf"
volumes_from:
- nextcloud
labels:
traefik.docker.network: "frontend"
traefik.enable: "true"
traefik.frontend.rule: "Host:{{ nextcloud_server_fqdn }}"
traefik.port: "80"
traefik.protocol: "http"
traefik.frontend.headers.referrerPolicy: "no-referrer"
traefik.frontend.headers.SSLRedirect: "true"
traefik.frontend.headers.STSSeconds: "315360000"
traefik.frontend.headers.browserXSSFilter: "true"
traefik.frontend.headers.contentTypeNosniff: "true"
traefik.frontend.headers.forceSTSHeader: "true"
traefik.frontend.headers.STSIncludeSubdomains: "true"
traefik.frontend.headers.STSPreload: "true"
traefik.frontend.headers.customFrameOptionsValue: "SAMEORIGIN"
traefik.frontend.redirect.permanent: "true"
traefik.frontend.redirect.regex: "https://(.*)/.well-known/(card|cal)dav"
traefik.frontend.redirect.replacement: "https://$1/remote.php/dav/"
traefik.frontend.whiteList.useXForwardedFor: "true"
com.centurylinklabs.watchtower.enable: "true"
state: "{{ state | default('started') }}"
register: docker_result