Update to 2022-02-09 17:00

2025-07-31 03:35:45 +02:00 · 2022-02-09 17:00:06 +01:00
parent 00b3d728c8
commit 6f6d3b7382
9 changed files with 75 additions and 74 deletions
--- a/roles/nginx/tasks/conf.yml
+++ b/roles/nginx/tasks/conf.yml
@@ -20,7 +20,7 @@
    - ansible_conf.d/10-ssl.conf
    - ansible_conf.d/30-vhosts.conf
  notify: reload nginx
-  tags: [web,conf]
+  tags: web,conf,quickweb

 - name: Remove naxsi configuration
  file: path=/etc/nginx/{{ item }} state=absent
@@ -37,7 +37,7 @@
    - ansible_conf.d/10-filter.conf
    - ansible_conf.d/headers.inc
  notify: reload nginx
-  tags: [web,conf]
+  tags: web,conf

  # TODO make it configurable
 - name: Create dummy white and blacklist files for nginx
--- a/roles/nginx/tasks/facts.yml
+++ b/roles/nginx/tasks/facts.yml
@@ -1,32 +1,32 @@
 ---
 - name: List http ports
  set_fact: nginx_ports={{ nginx_ports + (nginx_vhosts | selectattr('port','defined') | map(attribute='port') | list) | flatten | unique }}
-  tags: [firewall,web]
+  tags: firewall,web,quickweb

 - name: List https ports
  set_fact: nginx_ssl_ports={{ nginx_ssl_ports + (nginx_vhosts | selectattr('ssl','defined') | selectattr('ssl.port','defined') | map(attribute='ssl.port') | list) | flatten | unique }}
-  tags: [firewall,web]
+  tags: firewall,web,quickweb

 - set_fact: nginx_cert_path={{ '/var/lib/dehydrated/certificates/certs/' + nginx_letsencrypt_cert + '/fullchain.pem' }}
  when: nginx_letsencrypt_cert is defined
-  tags: [web,conf]
+  tags: web,conf,quickweb
 - set_fact: nginx_key_path={{ '/var/lib/dehydrated/certificates/certs/' + nginx_letsencrypt_cert + '/privkey.pem' }}
  when: nginx_letsencrypt_cert is defined
-  tags: [web,conf]
+  tags: web,conf,quickweb

 - name: Merge vhosts settings with defaults
  set_fact: nginx_vhosts_conf={{ nginx_vhosts_conf | default([]) + [ nginx_default_vhost | combine(item, recursive=True) ] }}
  with_items: "{{ nginx_vhosts }}"
-  tags: [web,conf]
+  tags: web,conf,quickweb
 - set_fact: nginx_vhosts={{ nginx_vhosts_conf | default([]) }}
-  tags: [web,conf]
+  tags: web,conf,quickweb

 - name: Check if Lemonldap::NG is installed
  stat: path=/etc/lemonldap-ng/lemonldap-ng.ini
  register: nginx_llng
-  tags: web
+  tags: web,quickweb

 - name: Check if llng_header.inc conf is installed
  stat: path=/etc/nginx/ansible_conf.d/llng_headers.inc
  register: nginx_llng_headers
-  tags: web
+  tags: web,quickweb
--- a/roles/nginx/templates/ansible_conf.d/09-cacheable.conf.j2
+++ b/roles/nginx/templates/ansible_conf.d/09-cacheable.conf.j2
@@ -10,6 +10,7 @@ map $sent_http_content_type $is_client_cacheable {
  application/font-sfnt               1;
  font/ttf                            1;
  font/opentype                       1;
+  font/woff                           1;
  font/woff2                          1;
  application/font-woff               1;
  application/vnd.ms-fontobject       1;
@@ -21,6 +22,6 @@ map $request_uri $is_proxy_cacheable {
  ~*\.(png|jpe?g|bmp|gif|webp)$       1;
  ~*\.(js|css|txt)$                   1;
  ~*\.(pdf)$                          1;
-  ~*\.(ttf|ott|woff2)$                1;
+  ~*\.(ttf|ott|woff?2)$               1;
  ~*\.(mp3|mp4|avi|mpe?g|mov|flv)$    1;
 }