ansible-base/roles/forgejo-and-nginx/templates/conf.j2

{% macro forgejo_common() %}
	location / {
		proxy_pass http://localhost:{{var_forgejo_and_nginx_port | string}};
		client_max_body_size 20M;
	}
{% endmacro %}

server {
	listen 80;
	listen [::]:80;
	
	server_name {{var_forgejo_and_nginx_domain}};
	
{% if var_forgejo_and_nginx_tls_mode == 'force' %}
	return 301 https://$http_host$request_uri;
{% else %}
{{ forgejo_common() }}
{% endif %}
}

{% if var_forgejo_and_nginx_tls_mode != 'disable' %}
server {
	listen 443 ssl;
	listen [::]:443 ssl;
	
	server_name {{var_forgejo_and_nginx_domain}};
	
	ssl_certificate_key /etc/ssl/private/{{var_forgejo_and_nginx_domain}}.pem;
	ssl_certificate /etc/ssl/fullchains/{{var_forgejo_and_nginx_domain}}.pem;
	include /etc/nginx/ssl-hardening.conf;
	
{{ forgejo_common() }}
}
{% endif %}
[fix] gitea/forgejo files 2024-07-10 15:36:32 +02:00			`{% macro forgejo_common() %}`
[add] role:gitea-and-nginx 2024-07-04 22:54:59 +02:00			`location / {`
[fix] gitea/forgejo files 2024-07-10 15:36:32 +02:00			`proxy_pass http://localhost:{{var_forgejo_and_nginx_port \| string}};`
[add] role:gitea-and-nginx 2024-07-04 22:54:59 +02:00			`client_max_body_size 20M;`
			`}`
			`{% endmacro %}`

			`server {`
			`listen 80;`
			`listen [::]:80;`

[fix] gitea/forgejo files 2024-07-10 15:36:32 +02:00			`server_name {{var_forgejo_and_nginx_domain}};`
[add] role:gitea-and-nginx 2024-07-04 22:54:59 +02:00
[fix] gitea/forgejo files 2024-07-10 15:36:32 +02:00			`{% if var_forgejo_and_nginx_tls_mode == 'force' %}`
[add] role:gitea-and-nginx 2024-07-04 22:54:59 +02:00			`return 301 https://$http_host$request_uri;`
			`{% else %}`
[fix] gitea/forgejo files 2024-07-10 15:36:32 +02:00			`{{ forgejo_common() }}`
[add] role:gitea-and-nginx 2024-07-04 22:54:59 +02:00			`{% endif %}`
			`}`

[fix] gitea/forgejo files 2024-07-10 15:36:32 +02:00			`{% if var_forgejo_and_nginx_tls_mode != 'disable' %}`
[add] role:gitea-and-nginx 2024-07-04 22:54:59 +02:00			`server {`
			`listen 443 ssl;`
			`listen [::]:443 ssl;`

[fix] gitea/forgejo files 2024-07-10 15:36:32 +02:00			`server_name {{var_forgejo_and_nginx_domain}};`
[add] role:gitea-and-nginx 2024-07-04 22:54:59 +02:00
[fix] gitea/forgejo files 2024-07-10 15:36:32 +02:00			`ssl_certificate_key /etc/ssl/private/{{var_forgejo_and_nginx_domain}}.pem;`
			`ssl_certificate /etc/ssl/fullchains/{{var_forgejo_and_nginx_domain}}.pem;`
[add] role:gitea-and-nginx 2024-07-04 22:54:59 +02:00			`include /etc/nginx/ssl-hardening.conf;`

[fix] gitea/forgejo files 2024-07-10 15:36:32 +02:00			`{{ forgejo_common() }}`
[add] role:gitea-and-nginx 2024-07-04 22:54:59 +02:00			`}`
			`{% endif %}`