ansible-role-nginx/defaults/main.yml

nginx:
  add_headers: []
  real_ip_header: "X-Forwarded-For"
  real_ip_from:
    "127.0.0.1": {}
    "::1": {}
  monitoring: true
  php: false
  force_ssl: true
  snakeoil_default: false
  upstreams: {}
  vhosts: {}
  streams: {}
  maps: {}
  resolver:
    - 8.8.8.8
    - 8.8.4.4

nginx_vhosts_defaults:
  listen:
    nossl: False
    nossl_port: 80
    ssl: True
    ssl_port: 443
    v4: True
    v4_ip:
      - '0.0.0.0'
    v6: True
    v6_ip:
      - '[::]'
    custom: []
  servername: []
  default_server: False
  locations: []
  includes: []
  add_headers: []
  letsencrypt: False
  crt: ~
  key: ~
  auth:
    enable: False
    path: ~
    satisfy: 'all'
  host: '$host'
  add_proxy_headers: {}
  hide_proxy_headers: {}
  backend: ~
  disallow_dotfiles: True
  force_forwarded_ssl_header: False

nginx_streams_defaults:
  listen:
    custom: []
  includes: []
  proxy_pass: ~
  proxy_protocol: "off"
  proxy_connect_timeout: "2s"
  proxy_next_upstream_tries: 2

nginx_forcessl_vhost:
  "https-redirect":
    listen:
      nossl: True
      ssl: False
    locations:
      - match: '/.well-known/acme-challenge/'
        alias: '/var/www/letsencrypt/'
      - match: '/'
        custom:
        - return 301 https://$host$request_uri

nginx_proxy_location:
  match: /
  backend: ~

phpinidefault:
  post_max_size: 64M
  upload_max_filesize: 64M
  memory_limit: 128M
  date_timezone: UTC