81 lines
3.5 KiB
Markdown
81 lines
3.5 KiB
Markdown
To use Nginx instead of Apache, change the `drupalvm_webserver` variable inside your customized `config.yml`, from `apache` to `nginx`.
|
|
|
|
Because Nginx server directives behave a little differently than Apache's VirtualHosts, Drupal VM includes a custom Drupal-optimized Nginx server block configuration, and you can control all the servers ('virtual hosts') Nginx will run using the `nginx_vhosts` configuration. A few simple examples are shown in `default.config.yml`, but you have some extra flexibility if you need it. See the `nginx-vhost.conf.j2` template for more information.
|
|
|
|
Also, see the examples included in the [`geerlingguy.nginx` Ansible role's README](https://github.com/geerlingguy/ansible-role-nginx#readme) for more info, as well as many other variables you can override to configure Nginx exactly how you like it.
|
|
|
|
_Note: if you're using php-fpm, you may want to reflect your use of nginx by setting `php_fpm_pool_user` and `php_fpm_pool_group` in your `config.yml`._
|
|
|
|
## Enable SSL Support with Nginx
|
|
|
|
To enable SSL support for you virtual hosts you first need a certificate file. See the same section under the [Apache documentation](webservers-apache.md#enable-ssl-support-with-apache) for how to generate a self-signed certficiate.
|
|
|
|
Modify your nginx host configuration by adding the following `extra_parameters` to the first entry in `nginx_vhosts`:
|
|
|
|
```yaml
|
|
- server_name: "{{ drupal_domain }} www.{{ drupal_domain }}"
|
|
root: "{{ drupal_core_path }}"
|
|
is_php: true
|
|
extra_parameters: |
|
|
listen 443 ssl;
|
|
ssl_certificate /vagrant/example.crt;
|
|
ssl_certificate_key /vagrant/example.key;
|
|
ssl_protocols TLSv1.1 TLSv1.2;
|
|
ssl_ciphers HIGH:!aNULL:!MD5;
|
|
```
|
|
|
|
### Using Ubuntu's snakeoil certificate
|
|
|
|
If you are using Ubuntu as your base OS and you want to get started quickly with a local development environment you can use the snakeoil certificate that is already generated.
|
|
|
|
```yaml
|
|
- server_name: "{{ drupal_domain }} www.{{ drupal_domain }}"
|
|
root: "{{ drupal_core_path }}"
|
|
is_php: true
|
|
extra_parameters: |
|
|
listen 443 ssl;
|
|
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
|
|
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
|
|
ssl_protocols TLSv1.1 TLSv1.2;
|
|
ssl_ciphers HIGH:!aNULL:!MD5;
|
|
```
|
|
|
|
## Customizing server block configuration
|
|
|
|
If you can't customize via variables because an option isn't exposed, you can override the template used to generate the the virtualhost configuration file.
|
|
|
|
```yaml
|
|
nginx_vhost_template: "{{ config_dir }}/templates/nginx-vhost.conf.j2"
|
|
```
|
|
|
|
You can either copy and modify the provided `nginx-vhost.conf.j2` template, or extend it and use [template inheritace](http://jinja.pocoo.org/docs/2.9/templates/#template-inheritance) to override the specific template block you need to change.
|
|
|
|
_If you extend Drupal VM's provided base template, the path referenced should to be relative to playbook.yml._
|
|
|
|
```
|
|
{% extends 'templates/nginx-vhost.conf.j2' %}
|
|
|
|
{% block location_primary %}
|
|
location / {
|
|
try_files $uri @rewrite; # For Drupal <= 6
|
|
}
|
|
{% endblock %}
|
|
|
|
{% block location_image_styles %}
|
|
location ~ ^/sites/.*/files/imagecache/ {
|
|
try_files $uri @rewrite; # For Drupal <= 6
|
|
}
|
|
{% endblock %}
|
|
```
|
|
|
|
If you need to append or prepend content to a block, you can use the `{{ super() }}` Jinja2 function to return the original block content from the base template.
|
|
|
|
```
|
|
{% block location_deny %}
|
|
{{ super() }}
|
|
location ~* \.(txt|log)$ {
|
|
allow 192.168.0.0/16;
|
|
deny all;
|
|
}
|
|
{% endblock %}
|
|
```
|