我正在使用this nginx role。尝试通过角色变量配置角色时,它看起来像这样:
- role: nginx
nginx_sites:
- server:
file_name: 'ssl.mydomain.eu'
listen: '443'
server_name: 'mydomain.eu'
root: '/dev/null'
ssl: 'on'
ssl_certificate: '/etc/nginx/ssl/mydomain.eu.crt'
ssl_certificate_key: '/etc/nginx/ssl/mydomain.eu.key'
ssl_protocols: 'TLSv1 TLSv1.1 TLSv1.2'
ssl_ciphers: 'RC4:HIGH:!aNULL:!MD5'
ssl_prefer_server_ciphers: 'on'
location1:
name: '/'
proxy_pass: 'http://localhost:10080'
gzip: 'off'
proxy_read_timeout: '300'
proxy_connect_timeout: '300'
proxy_redirect: 'off'
proxy_set_header: 'Host $http_host'
proxy_set_header: 'X-Real-IP $remote_addr'
proxy_set_header: 'X-Forwarded-For $proxy_add_x_forwarded_for'
proxy_set_header: 'X-Forwarded-Proto https'
proxy_set_header: 'X-Frame-Options SAMEORIGIN'
但是,当由ansible解析时,结果要短得多:
"nginx_sites": [
{
"server": {
"file_name": "ssl.mydomain.eu",
"listen": "443",
"location1": {
"gzip": "off",
"name": "/",
"proxy_connect_timeout": "300",
"proxy_pass": "http://localhost:10080",
"proxy_read_timeout": "300",
"proxy_redirect": "off",
"proxy_set_header": "X-Forwarded-Proto https"
},
"root": "/dev/null",
"server_name": "mydomain.eu",
"ssl": "on",
"ssl_certificate": "/etc/nginx/ssl/mydomain.eu.crt",
"ssl_certificate_key": "/etc/nginx/ssl/mydomain.eu.key",
"ssl_ciphers": "RC4:HIGH:!aNULL:!MD5",
"ssl_prefer_server_ciphers": "on",
"ssl_protocols": "TLSv1 TLSv1.1 TLSv1.2"
}
}
]
如您所见,缺少一些proxy_set_header条目。我做了一些错误,或者变量是否存在大小限制?
修改:我无法使用多个具有相同名称的密钥。知道如何解决这个问题吗?
答案 0 :(得分:0)
解决方案:
重新组织YML:
proxy_set_header:
- '$http_host'
- 'X-Real-IP $remote_addr'
- 'X-Forwarded-For $proxy_add_x_forwarded_for'
- 'X-Forwarded-Proto https'
- 'X-Frame-Options SAMEORIGIN'
并在模板中循环遍历此数组