kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-09-24 11:06:24 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
c181c7f6cdd739045b9e329fae9e1ad9bc5bf4d0
computer-playbook/group_vars/all/05_webserver.yml
Kevin Veen-Birkenbach c181c7f6cd fix(webserver): ensure numeric casting for worker_processes and worker_connections 
- Cast WEBSERVER_CPUS_EFFECTIVE to float before comparison to avoid
  'AnsibleUnsafeText < int' type errors.
- Ensure correct numeric coercion for pids_limit values.
- This prevents runtime templating errors when rendering nginx config.

Ref: https://chatgpt.com/share/68d3b047-56ac-800f-a73f-2fb144dbb7c4
2025-09-24 10:48:23 +02:00

60 lines
3.0 KiB
YAML
Raw Blame History

# Webserver Configuration
# Helper
_nginx_www_dir: "{{ applications | get_app_conf('svc-prx-openresty','docker.volumes.www') }}"
_nginx_dir: "{{ applications | get_app_conf('svc-prx-openresty','docker.volumes.nginx') }}"
_nginx_conf_dir: "{{ _nginx_dir }}conf.d/"
_nginx_http_dir: "{{ _nginx_conf_dir }}http/"
## Nginx-Specific Path Configurations
NGINX:
FILES:
CONFIGURATION: "{{ _nginx_dir }}nginx.conf"
DIRECTORIES:
CONFIGURATION: "{{ _nginx_conf_dir }}" # Configuration directory
HTTP:
GLOBAL: "{{ _nginx_http_dir }}global/" # Contains global configurations which will be loaded into the http block
SERVERS: "{{ _nginx_http_dir }}servers/" # Contains one configuration per domain
MAPS: "{{ _nginx_http_dir }}maps/" # Contains mappings
STREAMS: "{{ _nginx_conf_dir }}streams/" # Contains streams configuration e.g. for ldaps
DATA:
WWW: "{{ _nginx_www_dir }}"
WELL_KNOWN: "/usr/share/nginx/well-known/" # Path where well-known files are stored
HTML: "{{ _nginx_www_dir }}public_html/" # Path where the static homepage files are stored
FILES: "{{ _nginx_www_dir }}public_files/" # Path where the web accessable files are stored
CDN: "{{ _nginx_www_dir }}public_cdn/" # Contains files which will be accessable via the content delivery network
GLOBAL: "{{ _nginx_www_dir }}global/" # Directory containing files which will be globaly accessable, @Todo remove this when css migrated to CDN
CACHE:
GENERAL: "/tmp/cache_nginx_general/" # Directory which nginx uses to cache general data
IMAGE: "/tmp/cache_nginx_image/" # Directory which nginx uses to cache images
USER: "http" # Default nginx user in ArchLinux
# Effective CPUs (float) across proxy and the current app
WEBSERVER_CPUS_EFFECTIVE: >-
{{
[
(applications | resource_filter('svc-prx-openresty', 'cpus', service_name | default(''), RESOURCE_CPUS)) | float,
(applications | resource_filter(application_id, 'cpus', service_name | default(''), RESOURCE_CPUS)) | float
] | min
}}
# Nginx requires an integer for worker_processes:
# - if cpus < 1 → 1
# - else → floor to int
WEBSERVER_WORKER_PROCESSES: >-
{{
1 if (WEBSERVER_CPUS_EFFECTIVE | float) < 1
else (WEBSERVER_CPUS_EFFECTIVE | float | int)
}}
# worker_connections from pids_limit (use the smaller one), with correct key/defaults
WEBSERVER_WORKER_CONNECTIONS: >-
{{
[
(applications | resource_filter('svc-prx-openresty', 'pids_limit', service_name | default(''), RESOURCE_PIDS_LIMIT)) | int,
(applications | resource_filter(application_id, 'pids_limit', service_name | default(''), RESOURCE_PIDS_LIMIT)) | int
] | min
}}
# @todo It propably makes sense to distinguish between target and source mount path, so that the config files can be stored in the openresty volumes folder
Reference in New Issue View Git Blame Copy Permalink