add Wordpress role

2022-12-15 22:36:34 +00:00
parent 6d1b0d1183
commit 5dd8777095
8 changed files with 309 additions and 4 deletions
--- a/roles/webserver/templates/conf.d/twirling.conf.j2
+++ b/roles/webserver/templates/conf.d/twirling.conf.j2
@@ -13,15 +13,41 @@ server {
    listen 443 ssl http2 default_server;
    listen [::]:443 ssl http2 default_server;
    server_name {{ webserver_domain }} www.{{ webserver_domain }};
-
    include global/cert.conf;
    include global/header.conf;

+    # Path to the root of your installation
+    root {{ wordpress_dir }};
+
    add_header Strict-Transport-Security "max-age=63072000" always;

-    # deny access and return teapot
+    index  index.php index.html index.htm;
+
+    client_max_body_size 500M;
+
    location / {
-        deny all;
-        return 418;
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
+        expires max;
+        log_not_found off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~ \.php$ {
+         fastcgi_pass php-handler;
+         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+         include fastcgi_params;
    }
 }
--- a/roles/webserver/templates/conf.d/wordpress.conf.j2
+++ b/roles/webserver/templates/conf.d/wordpress.conf.j2
@@ -0,0 +1,53 @@
+## Managed by Ansible ##
+
+server {
+    listen 80;
+    listen [::]:80;
+    server_name dev.{{ webserver_domain }} www.dev.{{ webserver_domain }};
+    # enforce https
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    # Enable HTTP/2
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name dev.{{ webserver_domain }} www.dev.{{ webserver_domain }};
+    include global/cert.conf;
+    include global/header.conf;
+
+    # Path to the root of your installation
+    root {{ wordpress_dir }};
+
+    add_header Strict-Transport-Security "max-age=63072000" always;
+
+    index  index.php index.html index.htm;
+
+    client_max_body_size 500M;
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+    }
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
+        expires max;
+        log_not_found off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location ~ \.php$ {
+         fastcgi_pass php-handler;
+         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+         include fastcgi_params;
+    }
+}