Set up nginx for poudriere.

ansible/roles/poudrierenginx/files/headers.include

@@ -0,0 +1,12 @@
+# Enable HTTP Strict Transport Security (HSTS) to force clients to
+# always connect via HTTPS (do not use if only testing)
+add_header Strict-Transport-Security "max-age=31536000;" always;
+# Enable cross-site filter (XSS) and tell browser to block detected
+# attacks
+add_header X-XSS-Protection "1; mode=block" always;
+# Prevent some browsers from MIME-sniffing a response away from the
+# declared Content-Type
+add_header X-Content-Type-Options "nosniff" always;
+# Disallow the site to be rendered within a frame (clickjacking
+# protection)
+add_header X-Frame-Options "DENY" always;

ansible/roles/poudrierenginx/files/newsyslog.conf

@@ -0,0 +1,2 @@
+# logfilename          [owner:group]    mode count size when  flags [/pid_file] [sig_num]
+/var/log/nginx/*.log			640  5	   1000	@T00 GYC /var/run/nginx.pid SIGUSR1

ansible/roles/poudrierenginx/files/nginx.conf

@@ -0,0 +1,34 @@
+worker_processes  auto;
+user  www www;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       mime.types;
+    default_type  application/octet-stream;
+
+    sendfile        on;
+    tcp_nopush     on;
+    tcp_nodelay    on;
+    gzip  on;
+
+    include conf.d/headers.include;
+
+    server {
+        listen 8080 default;
+        listen [::]:8080;
+        server_name freebsdpkg.fizz.buzz;
+        
+        location / {
+            root   /usr/local/share/poudriere/html;
+            index  index.html index.htm;
+        }
+        
+        location /data {
+            alias /usr/local/poudriere/data/logs/bulk;
+            autoindex on;
+        }
+    }
+}

ansible/roles/poudrierenginx/files/rc.conf

@@ -0,0 +1 @@
+nginx_enable="YES"