openstack/openstack-ansible-repo_server
Code Issues Proposed changes
openstack-ansible-repo_server/templates/openstack-slushee.vhost.j2
Damian Dabrowski 2d0e465fd3 Add TLS support to repo_server backends 
By overriding the variable `repo_backend_ssl: True` HTTPS will
be enabled, disabling HTTP support on the repo_server backend.

The ansible-role-pki is used to generate the required TLS
certificates if this functionality is enabled.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/879085
Change-Id: I5c5d3dd5689ac122781303ad21dacc8a1fa746eb
2023-04-28 11:27:09 +02:00

26 lines
697 B
Django/Jinja
Raw Blame History

server {
listen {{ repo_server_bind_address }}:{{ repo_server_port }};
server_name {{ repo_server_name }};
{% if repo_backend_ssl | bool -%}
ssl on;
ssl_certificate {{ repo_ssl_cert }};
ssl_certificate_key {{ repo_ssl_key }};
{% if repo_user_ssl_ca_cert is defined -%}
ssl_trusted_certificate {{ repo_ssl_ca_cert }};
{% endif -%}
{% endif -%}
# Logging
access_log /var/log/nginx/{{ repo_server_name }}.access.log gzip buffer=32k;
error_log /var/log/nginx/{{ repo_server_name }}.error.log notice;
absolute_redirect off;
location / {
root {{ repo_service_home_folder }}/repo/;
autoindex on;
expires 5h;
}
}
View Git Blame Copy Permalink