dataset/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/dictionaries/25_nginx.xml
2022-03-11 18:41:49 +01:00

75 lines
3.8 KiB
XML

<?xml version='1.0' encoding='UTF-8'?>
<rougail version="0.10">
<services>
<service name='nginx'>
<override engine="creole"/>
<file source="nginx-options-rp.conf">/etc/nginx/conf.d/options-rp.conf</file>
<file source="revprox-nginx.conf">/etc/nginx/conf.d/risotto.conf</file>
<file source="ca.crt" file_type="variable" mode="600">nginx_chain_filename</file>
<file>/etc/pki/ca-trust/source/anchors/ca_ReverseProxy.crt</file>
<file source="certificate.crt" file_type="variable" mode="600" variable="revprox_domainnames_all">nginx_certificate_filename</file>
<file source="private.key" file_type="variable" mode="600" variable="revprox_domainnames_all">nginx_private_key_filename</file>
</service>
</services>
<variables>
<variable name="external_ports" redefine="True">
<value>80</value>
<value>443</value>
</variable>
<family name="interface_">
<variable name="ip_eth" redefine="True" provider="ip"/>
</family>
<family name="nginx" description="NGINX" help="Paramétrage global de NGINX">
<variable name="nginx_default" redefine="True" remove_fill="True"/>
<variable name="revprox_domainnames" type="domainname" description="Nom des domaines à configurer dans le serveur mandataire inverse" help="Liste des domaines gérés par le serveur mandataire inverse" multi="True"/>
<variable name="revprox_domainnames_auto" type="domainname" description="Nom des domaines auto-configurés dans le serveur mandataire inverse" multi="True" provider="revprox_clients" hidden="True"/>
<variable name="revprox_domainnames_all" type="domainname" description="Tous les noms de domaines" multi="True" hidden="True"/>
<variable name='nginx_private_key_filename' type="filename" description="Private key filename" hidden='True' multi='True'/>
<variable name='nginx_certificate_filename' type="filename" description="Certificate filename" hidden='True' multi='True'/>
<variable name='nginx_chain_filename' type="filename" description="Chain filename" hidden='True' multi='True'/>
<variable name='nginx_chain' type="string" description="Certificate" hidden='True' multi='True'/>
<variable name='internal_nginx_chain' type="string" description="Certificate" hidden='True'/>
</family>
</variables>
<constraints>
<fill name="nginx_concat_lists">
<param type="variable">revprox_domainnames</param>
<param type="variable">revprox_domainnames_auto</param>
<target>revprox_domainnames_all</target>
</fill>
<fill name="calc_value">
<param>/etc/pki/tls/certs/</param>
<param type="variable">revprox_domainnames_all</param>
<param>.crt</param>
<param name="join"></param>
<param name="multi" type="boolean">True</param>
<target>nginx_certificate_filename</target>
</fill>
<fill name="calc_value">
<param>/etc/pki/tls/private/</param>
<param type="variable">revprox_domainnames_all</param>
<param>.key</param>
<param name="join"></param>
<param name="multi" type="boolean">True</param>
<target>nginx_private_key_filename</target>
</fill>
<fill name="calc_value">
<param>/etc/nginx/</param>
<param type="variable">revprox_domainnames_all</param>
<param>.ca</param>
<param name="join"></param>
<param name="multi" type="boolean">True</param>
<target>nginx_chain_filename</target>
</fill>
<fill name="get_chain">
<param name="authority_cn" type="variable">revprox_domainnames_all</param>
<param name="authority_name">ReverseProxy</param>
<target>nginx_chain</target>
</fill>
<fill name="get_chain">
<param name="authority_cn" type="variable">domain_name_eth0</param>
<param name="authority_name">ReverseProxy</param>
<target>internal_nginx_chain</target>
</fill>
</constraints>
</rougail>