From af644fec108160e6c305d56d58268c4a8f0da0f9 Mon Sep 17 00:00:00 2001 From: shenlan Date: Mon, 18 Aug 2025 11:21:44 +0800 Subject: [PATCH] Combine OpenResty vhost templates into site.conf --- .../roles/vhosts/OpenResty/tasks/main.yml | 3 +- .../OpenResty/templates/artifact.conf.j2 | 35 ---------------- .../{homepage.conf.j2 => site.conf.j2} | 42 ++++++++++++++++++- 3 files changed, 42 insertions(+), 38 deletions(-) delete mode 100644 playbooks/roles/vhosts/OpenResty/templates/artifact.conf.j2 rename playbooks/roles/vhosts/OpenResty/templates/{homepage.conf.j2 => site.conf.j2} (69%) diff --git a/playbooks/roles/vhosts/OpenResty/tasks/main.yml b/playbooks/roles/vhosts/OpenResty/tasks/main.yml index ad8f1b4..ad99d7f 100644 --- a/playbooks/roles/vhosts/OpenResty/tasks/main.yml +++ b/playbooks/roles/vhosts/OpenResty/tasks/main.yml @@ -38,7 +38,8 @@ - name: Deploy vhost configurations template: - src: "{{ item.template }}" + # Use item.template if provided; otherwise default to the unified site template + src: "{{ item.template | default('site.conf.j2') }}" dest: "/usr/local/openresty/nginx/conf/sites-available/{{ item.name }}.conf" loop: "{{ domain | default([]) }}" notify: Restart OpenResty diff --git a/playbooks/roles/vhosts/OpenResty/templates/artifact.conf.j2 b/playbooks/roles/vhosts/OpenResty/templates/artifact.conf.j2 deleted file mode 100644 index a209ded..0000000 --- a/playbooks/roles/vhosts/OpenResty/templates/artifact.conf.j2 +++ /dev/null @@ -1,35 +0,0 @@ -{% set name = 'artifact.svc.plus' if 'artifact' in item.name else item.name %} -# {{ name }} 文件下载服务 -server { - listen 443 ssl http2; - server_name {{ name }}; - - ssl_certificate {{ item.ssl_certificate }}; - ssl_certificate_key {{ item.ssl_certificate_key }}; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers HIGH:!aNULL:!MD5; - - root /data/update-server; - index index.html; - - autoindex on; - autoindex_exact_size off; - autoindex_localtime on; - - location / { - add_header Accept-Ranges bytes; - try_files $uri $uri/ =404; - } - - location ~* \.(dmg|zip|tar\.gz|deb|rpm|exe|pkg|AppImage|apk|ipa)$ { - expires 7d; - access_log off; - add_header Cache-Control "public"; - add_header Accept-Ranges bytes; - try_files $uri =404; - } - - location ~ /\. { - deny all; - } -} diff --git a/playbooks/roles/vhosts/OpenResty/templates/homepage.conf.j2 b/playbooks/roles/vhosts/OpenResty/templates/site.conf.j2 similarity index 69% rename from playbooks/roles/vhosts/OpenResty/templates/homepage.conf.j2 rename to playbooks/roles/vhosts/OpenResty/templates/site.conf.j2 index 490ec41..2b1c223 100644 --- a/playbooks/roles/vhosts/OpenResty/templates/homepage.conf.j2 +++ b/playbooks/roles/vhosts/OpenResty/templates/site.conf.j2 @@ -1,3 +1,40 @@ +{% if 'artifact' in item.name %} +{% set name = 'artifact.svc.plus' if 'artifact' in item.name else item.name %} +# {{ name }} 文件下载服务 +server { + listen 443 ssl http2; + server_name {{ name }}; + + ssl_certificate {{ item.ssl_certificate }}; + ssl_certificate_key {{ item.ssl_certificate_key }}; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + + root /data/update-server; + index index.html; + + autoindex on; + autoindex_exact_size off; + autoindex_localtime on; + + location / { + add_header Accept-Ranges bytes; + try_files $uri $uri/ =404; + } + + location ~* \.(dmg|zip|tar\.gz|deb|rpm|exe|pkg|AppImage|apk|ipa)$ { + expires 7d; + access_log off; + add_header Cache-Control "public"; + add_header Accept-Ranges bytes; + try_files $uri =404; + } + + location ~ /\\. { + deny all; + } +} +{% else %} {% set name = item.name %} lua_package_path "/usr/local/openresty/lualib/?.lua;;"; @@ -73,14 +110,15 @@ server { } # 静态资源缓存 - location ~* \.(?:ico|css|js|gif|jpe?g|png|woff2?)$ { + location ~* \\.(?:ico|css|js|gif|jpe?g|png|woff2?)$ { expires 30d; access_log off; add_header Cache-Control "public"; } # 隐藏 . 文件 - location ~ /\. { + location ~ /\\. { deny all; } } +{% endif %}