Jinja2 template for Nginx config

README.md

Jinja2 template for Nginx config

Mappings/dicts are transformed into Nginx blocks. You can nest dicts to nest blocks. The macro will recurse through the nested dicts.

http:
  server:
    location /: {}
    location /api: {}

http {
    server {
        location / {
        }
        location /api {
        }
    }
}

To define multiple blocks with the same name (e.g multiple server blocks), use lists. Like:

server:
  -
    parameter: value
  - 
    parameter2: value2

which becomes:

server {
    parameter value;
}
server {
    parameter2 value2;

A list of parameters (i.e. not dicts) of length n is transformed into n instances of the parameter. E.g.

listen:
  - 80
  - '[::]:80'

becomes

listen 80;
listen [::]:80;

Boolean values are translated to on or off as appropriate

access_log: false
log_not_found: true

access_log off;
log_not_found on;

Ben Crisp [email protected]

nginx.conf

user www-data;
worker_processes auto;
pid /run/nginx.pid;
http {
    error_log /var/log/nginx/error.log;
    access_log /var/log/nginx/access.log;
    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
         '$status $body_bytes_sent "$http_referer" '
         '"$http_user_agent" "$http_x_forwarded_for"';
    events {
        worker_connections 768;
    }
    upstream php-handler {
        server nix:/run/php/php-fpm.sock;
    }
    server {
        server_name example.org;
        listen 80;
        listen [::]:80;
        return 301 https://$server_name$request_uri;
    }
    server {
        server_name example.org;
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        ssl_certificate /etc/ssl/certs/example.org.pem;;
        ssl_certificate_key /etc/ssl/private/example.org.key;;
        root /var/www/html;
        index index.php index.html /index.php$request_uri;
        location /robots.txt {
            allow all;
            log_not_found off;
            access_log off;
        }
        location / {
            try_files $uri /index.php$request_uri;
            location /home {
                return 301 /;
            }
        }
    }
}

nginx.jinja2

{%- macro write_config(config) %}
{% for k, v in config.items() %}
{% if v is mapping %}
{{ k }} {
{{ write_config(v)|indent(4, true) -}}
}
{% elif v is iterable and v is not string %}
{% for i in v %}
{% if i is mapping %}
{{- write_config({k: i}) -}}
{% else %}
{{ k }} {{ i }};
{% endif %}
{% endfor %}
{% elif v is sameas true %}
{{ k }} on;
{% elif v is sameas false %}
{{ k }} off;
{% else %}
{{ k }} {{ v }};
{% endif %}
{% endfor %}
{% endmacro %}

{{- write_config(nginx_config) }}

nginx.yml

---
nginx_config:
  user: www-data
  worker_processes: auto
  pid: /run/nginx.pid
  http:
    error_log: /var/log/nginx/error.log
    access_log: /var/log/nginx/access.log
    log_format: |-
      main '$remote_addr - $remote_user [$time_local] "$request" '
           '$status $body_bytes_sent "$http_referer" '
           '"$http_user_agent" "$http_x_forwarded_for"'
    events:
      worker_connections: 768
    upstream php-handler:
      server: nix:/run/php/php-fpm.sock
    server:
      -
        server_name: example.org
        listen:
          - 80
          - '[::]:80'
        return: 301 https://$server_name$request_uri
      -
        server_name: example.org
        listen:
          - 443 ssl http2
          - '[::]:443 ssl http2'
        ssl_certificate: /etc/ssl/certs/example.org.pem;
        ssl_certificate_key: /etc/ssl/private/example.org.key;
        root: /var/www/html
        index: index.php index.html /index.php$request_uri
        location /robots.txt:
            allow: all
            log_not_found: false
            access_log: false
        location /:
          try_files: $uri /index.php$request_uri
          location /home:
            return: 301 /