Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
#user nobody;
worker_processes 5;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
pid /var/run/{{ version }}.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
error_log logs/error.log debug;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
root html;
index index.html index.htm index.xml;
}
location /YOUR/PATH/ {
proxy_pass http://{{ s3_bucket_name }}.s3-ap-northeast-1.amazonaws.com/;
aws_access_key {{ aws_access_key }};
aws_secret_key {{ aws_secret_key }};
s3_bucket {{ s3_bucket_name }};
chop_prefix /YOUR/PATH; # Take out this part of the URL before signing it, since '/myfiles' will not be part of the URI sent to Amazon
proxy_set_header Authorization $s3_auth_token;
proxy_set_header x-amz-date $aws_date;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
#!/bin/sh
#
# nginx Startup script for nginx
#
# chkconfig: - 85 15
# processname: {{ version }}
# config: {{ install_path }}/{{ version }}/conf/nginx.conf
# config: /etc/sysconfig/nginx
# pidfile: /var/run/{{ version }}.pid
# description: nginx is a HTTP and reverse proxy server
#
### BEGIN INIT INFO
# Provides: nginx
# Required-Start: $local_fs $remote_fs $network
# Required-Stop: $local_fs $remote_fs $network
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: start and stop nginx
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
#if [ -f /etc/sysconfig/nginx ]; then
# . /etc/sysconfig/nginx
#fi
prog={{ version }}
nginx=${NGINX-{{ install_path }}/{{ version }}/sbin/nginx}
conffile=${CONFFILE-{{ install_path }}/{{ version }}/conf/nginx.conf}
lockfile=${LOCKFILE-/var/lock/subsys/{{ version }}}
pidfile=${PIDFILE-/var/run/{{ version }}.pid}
SLEEPMSEC=100000
RETVAL=0
start() {
echo -n $"Starting $prog: "
daemon --pidfile=${pidfile} ${nginx} -c ${conffile}
RETVAL=$?
echo
echo "pidfile is ${pidfile}"
[ $RETVAL = 0 ] && touch ${lockfile}
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc -p ${pidfile} ${prog}
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile}
}
reload() {
echo -n $"Reloading $prog: "
killproc -p ${pidfile} ${prog} -HUP
RETVAL=$?
echo
}
upgrade() {
oldbinpidfile=${pidfile}.oldbin
configtest -q || return 6
echo -n $"Staring new master $prog: "
killproc -p ${pidfile} ${prog} -USR2
RETVAL=$?
echo
/bin/usleep $SLEEPMSEC
if [ -f ${oldbinpidfile} -a -f ${pidfile} ]; then
echo -n $"Graceful shutdown of old $prog: "
killproc -p ${oldbinpidfile} ${prog} -QUIT
RETVAL=$?
echo
else
echo $"Upgrade failed!"
return 1
fi
}
configtest() {
if [ "$#" -ne 0 ] ; then
case "$1" in
-q)
FLAG=$1
;;
*)
;;
esac
shift
fi
${nginx} -t -c ${conffile} $FLAG
RETVAL=$?
return $RETVAL
}
rh_status() {
status -p ${pidfile} ${nginx}
}
# See how we were called.
case "$1" in
start)
rh_status >/dev/null 2>&1 && exit 0
start
;;
stop)
stop
;;
status)
rh_status
RETVAL=$?
;;
restart)
configtest -q || exit $RETVAL
stop
start
;;
upgrade)
upgrade
;;
condrestart|try-restart)
if rh_status >/dev/null 2>&1; then
stop
start
fi
;;
force-reload|reload)
reload
;;
configtest)
configtest
;;
*)
echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|force-reload|upgrade|reload|status|help|configtest}"
RETVAL=2
esac
exit $RETVAL
- hosts: YOUR_HOSTS
user: YOUR_USER
sudo: yes
vars:
version: "nginx-1.5.4"
src: 'YOUR_SRC_PATH'
install_path: 'YOUR_INSTALL_PATH'
aws_access_key: 'YOUR_ACCESS_KEY'
aws_secret_key: 'YOUR_SECRET_KEY'
s3_bucket_name: 'YOUR_BUCKET_NAME'
tasks:
- name: "be sure gd package for image_filter_module of nginx"
yum: name={{ item }} state=installed
with_items:
- gd
- gd-devel
- name: "get source"
get_url: url=http://nginx.org/download/{{ version }}.tar.gz dest={{ src }}
- name: "get nginx aws_auth"
git: repo=git://github.com/anomalizer/ngx_aws_auth.git dest={{ src }}/ngx_aws_aut
- name: "expand source"
command: tar xvfz {{ version }}.tar.gz chdir={{ src }} creates={{ src }}/{{ version }}
- name: "configure source"
command: >
./configure
--prefix={{ install_path }}/{{ version }}
--with-http_image_filter_module
--with-http_ssl_module
--with-debug
--add-module={{ src }}/ngx_aws_auth
chdir={{ src }}/{{ version }}
- name: "make"
command: make chdir={{ src }}/{{ version }}
- name: "make install"
command: make install chdir={{ src }}/{{ version }}
- name: "copy nginx.conf"
template: src=template/nginx.conf.j2 dest={{ install_path }}/{{ version }}/conf/nginx.conf
- name: "copy nginx for init.d"
template: src=template/nginx_init.j2 dest=/etc/init.d/{{ version }} mode=0755
- name: "resister service "
command: chkconfig --add {{ version }}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment