alanorth/ansible-personal
1
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity
919 Commits 2 Branches 0 Tags 4.2 MiB
f7598d8f1c
Commit Graph

14 Commits

Author SHA1 Message Date
Alan Orth
ffe7a872dd
roles: strict truthy values 
According to Ansible we can use yes, true, True, "or any quoted st-
ring" for a boolean true, but ansible-lint wants us to use either
true or false.

See: https://chronicler.tech/red-hat-ansible-yes-no-and/
 2022-09-10 22:33:19 +03:00
Alan Orth
96cefc7f74
roles/nginx: Parameterize HSTS header 
This parameterizes the HTTP Strict Transport Security header so we
can use it consistently across all templates. Also, it updates the
max-age to be ~1 year in seconds, which is recommended by Google.

See: https://hstspreload.org/
 2021-03-23 15:36:28 +02:00
Alan Orth
d694616cf3
roles/nginx: Make sure to set HSTS headers on WordPress static files 
I realized the other day that due to complex logic in the location
blocks, various WordPress static files like images and stylesheets
didn't get the HTTP Strict Transport Security header set. We need
to include it on each level where we are setting headers, because
nginx overwrites headers if you set them again in a child block.
 2016-11-20 17:25:01 +02:00
Alan Orth
3a8b64a5ab
roles/nginx: Remove 'public' from Cache-Control header 
If a max-age is specified the 'public' is implicit.

See: https://developers.google.com/web/fundamentals/performance/optimizing-content-efficiency/http-caching
 2016-11-14 07:58:46 +02:00
Alan Orth
99caf49a90
roles/nginx: Minor typo in comment 2016-10-18 21:41:46 -04:00
Alan Orth
24ca33c605
roles/nginx: Disable rules for Yoast SEO 
Not using Yoast anymore. Now using the much simpler SEO Framework:

https://github.com/sybrew/the-seo-framework
 2016-06-02 11:03:35 +03:00
Alan Orth
cd77b088e9
Fix a few references to php5-fpm 
Unless we really mean php5-fpm, let's just say php-fpm.
 2016-04-25 12:33:12 +03:00
Alan Orth
27a3ee9651
roles/nginx: Add cache control header for SVG images 
Signed-off-by: Alan Orth <alan.orth@gmail.com>
 2016-03-12 19:17:40 +02:00
Alan Orth
cd65475d0d
roles/nginx: Add protection for PHP scripts in uploads directory 
By the way, :? starts a non-capturing group (ie, don't save the
back references).

Signed-off-by: Alan Orth <alan.orth@gmail.com>
 2015-02-26 17:05:50 +03:00
Alan Orth
c3bc6d949d
roles/nginx: Add nginx rewrites for Yoast WordPress SEO plugin 
Signed-off-by: Alan Orth <alan.orth@gmail.com>
 2015-01-23 12:26:24 +03:00
Alan Orth
3f5634110a
roles/nginx: Add comment about try_files for serving static files from disk 
Signed-off-by: Alan Orth <alan.orth@gmail.com>
 2014-11-07 00:41:07 +03:00
Alan Orth
c870044584
roles/nginx: Adjust Cache-Control headers 
Use "public" with "max-age" instead of Expires, as "max-age" is always
preferred if it's present.  Note: setting "public" doesn't make the
resource "more cacheable", but it is just more explicit.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
 2014-11-07 00:29:53 +03:00
Alan Orth
42b893b2a7
roles/nginx: Add expires to static files 
Signed-off-by: Alan Orth <alan.orth@gmail.com>
 2014-10-10 11:05:42 +03:00
Alan Orth
2156f8b07d
roles/nginx: Tweaks for vhosts with WordPress 
My WordPress blogs have a /wordpress subdirectory in the document
root, but I don't serve from the /wordpress URI.

Technically, all we need is the tweaks to the try_files:
    - `?args` passes query strings to php5-fpm
    - removing 404 from the vhost's try_files so we don't return 404
    when the requested file doesn't exist (obviously not all request
    URI's in WordPress are actual files on the disk)

Signed-off-by: Alan Orth <alan.orth@gmail.com>
 2014-09-07 22:51:34 +03:00