1 files changed, 71 insertions, 17 deletions

diff --git a/defaults/main.yml b/defaults/main.yml
index f7bc1b7..f6382fd 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1,6 +1,4 @@
-nginx_worker_processes: 1
-nginx_worker_connections: 1024
-
+---
 # These need to be strings to be parsed properly
 nginx_conf_dir_mode: '0770'
 nginx_conf_file_mode: '0640'
@@ -8,19 +6,8 @@ nginx_conf_file_mode: '0640'
 nginx_conf_owner: root
 nginx_conf_group: adm
 
-# RFC 1918 addresses are already included. Inserted directly into
-# nginx configuration with an `include`
-nginx_acl_block: ""
-
 nginx_conf_dir: "/etc/nginx"
 
-nginx_acme_challenge_block: |
-  location /.well-known/acme-challenge {
-    # This works for acmetool. If using letsencrypt change 'alias' to 'root'
-    alias /var/run/acme/acme-challenge/;
-    # alias /var/lib/acme-challenge;
-  }
-
 
 # The default server listens on port 80 normally, you can change that if you
 # like
@@ -29,6 +16,27 @@ nginx_default_listen: |
   listen	   [::]:80;
 
 
+nginx_includes:
+  acl: |
+    # RFC 1918 addresses
+    allow 172.16.0.0/12;
+    allow 192.168.0.0/16;
+    allow 10.0.0.0/8;
+    allow 127.0.0.0/8;
+    deny all;
+
+nginx_confd:
+  node_exporter.conf: |
+    server {
+      listen 49050;
+      listen [::]:49050;
+
+      location / {
+        include acl;
+        proxy_pass http://127.0.0.1:9100;
+      }
+    }
+
 nginx_robots:
   - name: allow
     robots_txt: |
@@ -45,6 +53,52 @@ nginx_robots:
       User-agent: *
       Disallow: /
 
-# If "True" it will template out {{ansible_hostname}}/nginx/nginx.conf instead
-# of nginx/nginx.conf
-nginx_custom_template: False
+nginx_conf: |
+  worker_processes  auto;
+
+  events {
+    worker_connections 1024;
+  }
+
+
+  http {
+    include     mime.types;
+    default_type  application/octet-stream;
+
+    sendfile    on;
+    #tcp_nopush   on;
+
+    #keepalive_timeout  0;
+    keepalive_timeout  65;
+
+    gzip  on;
+
+    server_tokens off;
+
+    server {
+      {{nginx_default_listen}}
+      server_name  localhost;
+
+      include acme-challenge;
+
+      location / {
+        root   /usr/share/nginx/html;
+        index  index.html index.htm;
+      }
+
+      location /stub_status {
+        stub_status;
+        access_log off;
+        allow 127.0.0.1;
+        deny all;
+       }
+
+      error_page   500 502 503 504  /50x.html;
+      location = /50x.html {
+        root   /usr/share/nginx/html;
+      }
+    }
+
+    include conf.d/*.conf;
+
+  }