{% if ansible_prolog -%} {% from 'templates/ansible/prolog.j2' import prolog with context %} {{ prolog() }} {% endif -%} # Nginx vhost for phpmyadmin server { {% if phpmyadmin_vhostip or phpmyadmin_vhostport %} listen {% if phpmyadmin_vhostip %}{{ phpmyadmin_vhostip }}{% endif %}{% if phpmyadmin_vhostip and phpmyadmin_vhostport %}:{% endif %}{% if phpmyadmin_vhostport %}{{ phpmyadmin_vhostport }}{% endif %}; {% endif %} server_name {{ phpmyadmin_vhostname }}; access_log /var/log/nginx/pma.access.log main; error_log /var/log/nginx/pma.error.log; {% if phpmyadmin_ssl %} include letsencrypt; {% endif %} {% if phpmyadmin_ssl and ssl_certs_auto_installed.stdout_lines is defined and phpmyadmin_vhostname in ssl_certs_auto_installed.stdout_lines %} location / { return 301 https://{{ phpmyadmin_vhostname }}$request_uri; } {% else %} root /usr/share/phpmyadmin; index index.php; try_files $uri $uri/ /index.php; {% if phpmyadmin_http_auth %} location / { auth_basic "Restricted Access"; auth_basic_user_file /etc/nginx/auth_admin; {% if phpmyadmin_http_whitelist_ip|length > 0 %} {% for ip in phpmyadmin_http_whitelist_ip %} allow {{ ip }}; {% endfor %} deny all; satisfy any; {% endif %} } {% endif %} client_max_body_size 128m; location ~ \.php(/|$) { include fastcgi_pass_fpm; fastcgi_read_timeout 300s; {% if nginx_fpm_openbasedir_enforced %} fastcgi_param PHP_ADMIN_VALUE "upload_tmp_dir=/tmp\nopen_basedir=$document_root:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share:/tmp:/dev/random:/dev/urandom\nmax_execution_time=300\nupload_max_filesize=128M\npost_max_size=128M\nmax_input_vars=10000"; {% else %} fastcgi_param PHP_ADMIN_VALUE "max_execution_time=240\nupload_max_filesize=128M\npost_max_size=128M\nmax_input_vars=10000"; {% endif %} } {% endif %} } {% if phpmyadmin_ssl and ssl_certs_auto_installed.stdout_lines is defined and phpmyadmin_vhostname in ssl_certs_auto_installed.stdout_lines %} server { listen {% if phpmyadmin_vhostip %}{{ phpmyadmin_vhostip }}:{% endif %}{% if phpmyadmin_vhostport %}{{ phpmyadmin_vhostport }}{% else %}443{% endif %} ssl; server_name {{ phpmyadmin_vhostname }}; include vhost_ssl_auto-{{ phpmyadmin_vhostname }}; access_log /var/log/nginx/pma.access.log main; error_log /var/log/nginx/pma.error.log; root /usr/share/phpmyadmin; index index.php; try_files $uri $uri/ /index.php; {% if phpmyadmin_http_auth %} auth_basic "Restricted Access"; auth_basic_user_file /etc/nginx/auth_admin; {% if phpmyadmin_http_whitelist_ip|length > 0 %} {% for ip in phpmyadmin_http_whitelist_ip %} allow {{ ip }}; {% endfor %} deny all; satisfy any; {% endif %} {% endif %} client_max_body_size 128m; location ~ \.php(/|$) { include fastcgi_pass_fpm; fastcgi_read_timeout 300s; {% if nginx_fpm_openbasedir_enforced %} fastcgi_param PHP_ADMIN_VALUE "upload_tmp_dir=/tmp\nopen_basedir=$document_root:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share:/tmp:/dev/random:/dev/urandom\nmax_execution_time=300\nupload_max_filesize=128M\npost_max_size=128M\nmax_input_vars=10000"; {% else %} fastcgi_param PHP_ADMIN_VALUE "max_execution_time=240\nupload_max_filesize=128M\npost_max_size=128M\nmax_input_vars=10000"; {% endif %} } } {% endif %}