{% if ansible_prolog -%} {% from 'templates/ansible/prolog.j2' import prolog with context %} {{ prolog() }} {% endif -%} # Nginx vhost for PHP system checks server { {% if phpsyscheck_vhostip or phpsyscheck_vhostport %} listen {% if phpsyscheck_vhostip %}{{ phpsyscheck_vhostip }}{% endif %}{% if phpsyscheck_vhostip and phpsyscheck_vhostport %}:{% endif %}{% if phpsyscheck_vhostport %}{{ phpsyscheck_vhostport }}{% endif %}; {% endif %} server_name {{ phpsyscheck_vhostname }}; access_log /var/log/nginx/sys.access.log main; error_log /var/log/nginx/sys.error.log; {% if phpsyscheck_ssl %} include letsencrypt; {% endif %} {% if phpsyscheck_ssl and ssl_certs_auto_installed.stdout_lines is defined and phpsyscheck_vhostname in ssl_certs_auto_installed.stdout_lines %} location / { return 301 https://{{ phpsyscheck_vhostname }}$request_uri; } {% else %} root /etc/phpsyscheck; index index.php; try_files $uri $uri/ /index.php; {% if http_auth_syscheck %} auth_basic "Restricted Access"; auth_basic_user_file /etc/nginx/auth_admin; {% endif %} location ~ \.php(/|$) { include fastcgi_pass_fpm; } {% endif %} } {% if phpsyscheck_ssl and ssl_certs_auto_installed.stdout_lines is defined and phpsyscheck_vhostname in ssl_certs_auto_installed.stdout_lines %} server { listen {% if phpsyscheck_vhostip %}{{ phpsyscheck_vhostip }}:{% endif %}{% if phpsyscheck_vhostport %}{{ phpsyscheck_vhostport }}{% else %}443{% endif %} ssl; server_name {{ phpsyscheck_vhostname }}; include vhost_ssl_auto-{{ phpsyscheck_vhostname }}; access_log /var/log/nginx/sys.access.log main; error_log /var/log/nginx/sys.error.log; root /etc/phpsyscheck; index index.php; try_files $uri $uri/ /index.php; {% if http_auth_syscheck %} auth_basic "Restricted Access"; auth_basic_user_file /etc/nginx/auth_admin; {% endif %} location ~ \.php(/|$) { include fastcgi_pass_fpm; } } {% endif %}