42 lines
1.3 KiB
YAML
42 lines
1.3 KiB
YAML
---
|
|
# Nginx configuration directory for service vhosts
|
|
nginx_conf_dir: /etc/nginx/conf.d
|
|
|
|
# Nginx stream configuration directory (TCP/UDP proxies)
|
|
nginx_streams_dir: /etc/nginx/streams.d
|
|
|
|
# Worker processes (auto = number of CPU cores)
|
|
nginx_worker_processes: auto
|
|
|
|
# Worker connections
|
|
nginx_worker_connections: 1024
|
|
|
|
# Client max body size (for file uploads)
|
|
nginx_client_max_body_size: 100M
|
|
|
|
# SSL configuration (volontarily omit TLSv1.2 here)
|
|
nginx_ssl_protocols: TLSv1.3
|
|
nginx_ssl_prefer_server_ciphers: true
|
|
|
|
# Logging configuration
|
|
# Backend: 'file' (traditional /var/log/nginx/*.log) or 'journald' (systemd journal)
|
|
nginx_log_backend: journald
|
|
|
|
# Logrotate configuration (only used when nginx_log_backend: file)
|
|
nginx_logrotate_rotate: 14 # Keep 14 days of logs
|
|
nginx_logrotate_frequency: daily # daily|weekly|monthly
|
|
nginx_logrotate_compress: true # Compress rotated logs
|
|
|
|
# Forwarder configuration (transparent proxy to other hosts)
|
|
# Example:
|
|
# nginx_forwarder:
|
|
# "blog.hello.com":
|
|
# forward_to: "you.domain.org"
|
|
# http: true # Forward port 80 (default: true)
|
|
# https: true # Forward port 443 (default: true)
|
|
nginx_forwarder: {}
|
|
|
|
# Let's Encrypt / Certbot configuration
|
|
# acme_email: "" # Required for Let's Encrypt - intentionally undefined
|
|
# Set this variable to enable Certbot installation and certificate management
|