girder.nginx
girder.nginx
This is an Ansible role to set up Nginx with HTTPS support for Girder.
It uses LetsEncrypt to provide SSL/TLS certificates for HTTPS. This role also makes sure that the certificates renew automatically and configures HTTPS to get an A+ rating from SSL Labs Server Test.
Requirements
- You need Ubuntu 18.04 or higher.
- The server must be accessible from the internet using the domain name
nginx_hostname. - The server should be able to send outgoing UDP requests from port 53 for DNS resolution and OCSP stapling. This may not be allowed by default in some firewalls, like the AWS EC2 default security group.
Role Variables
| Parameter | Required | Default | Comments |
|---|---|---|---|
nginx_hostname |
Yes | The hostname for the website, which can often be {{ inventory_hostname }}. |
|
nginx_registration_email |
No | girder@kitware.com |
Email for Let's Encrypt to send expiration alerts. |
nginx_girder_location |
No | / |
The path where Girder will be available. |
nginx_extra_server_config |
No | Additional Nginx settings to include in the server configuration for Girder. |
Dependencies
This role doesn't have strict dependencies but is designed to work with the girder.girder role.
Example Playbook
Here’s an example of how to use this role in an Ansible playbook:
- name: Deploy public-facing Girder
hosts: all
vars:
ansible_python_interpreter: auto
roles:
- role: girder.mongodb
- role: girder.girder
- role: girder.nginx
vars:
nginx_hostname: data.girder.org
A typical
Ansible Galaxy requirements.yml file might look like this:
- src: girder.mongodb
version: master
- src: girder.girder
version: master
- src: girder.nginx
version: master
License
This project is licensed under Apache 2.0.
Informazioni sul progetto
Install Nginx, with HTTPS support, and configure it for use with Girder
Installa
ansible-galaxy install girder.nginxLicenza
apache-2.0
Download
1.8k
Proprietario
This organization contains repositories related to the Girder project, a data management toolkit developed and maintained by Kitware.