Browse Source

Refactor templates

Refactor template variables and configuration scripts
devuan/0.13.0
Alessandro Fael Garcia 4 years ago
parent
commit
147410ab03
  1. 71
      README.md
  2. 64
      defaults/main.yml
  3. 0
      files/conf/stream/.gitkeep
  4. 2
      tasks/amplify/install-amplify.yml
  5. 25
      tasks/conf/push-config.yml
  6. 6
      tasks/conf/setup-api.yml
  7. 6
      tasks/conf/setup-rest-api.yml
  8. 22
      tasks/conf/template-config.yml
  9. 14
      tasks/conf/upload-files.yml
  10. 32
      tasks/conf/upload-templates.yml
  11. 16
      tasks/main.yml
  12. 4
      templates/http/api.conf.j2
  13. 4
      templates/http/default.conf.j2
  14. 21
      templates/nginx.conf.j2
  15. 60
      templates/plus/http/default.conf.j2
  16. 50
      templates/plus/nginx.conf.j2
  17. 3
      templates/stream/default.conf.j2

71
README.md

@ -85,60 +85,61 @@ This role has multiple variables. The defaults for all these variables are the f
type: opensource
# Specify which branch of Open Source NGINX you want to install.
# Options are 'mainline' or 'stable'.
# Default is stable.
# Default is mainline.
branch: mainline
# Install nginscript, perl and/or waf modules.
# Install nginscript, perl, waf, geoip, image-filter, rtmp and/or xslt modules.
# Default is false.
modules:
njs: false
perl: false
waf: false
geoip: false
image_filter: false
rtmp: false
xslt: false
# Install NGINX Amplify.
# Use your NGINX Amplify API key.
# Default is null.
amplify: null
amplify_enable: false
amplify_key: null
# Enable NGINX status data.
# Will enable 'stub_status' in open source NGINX and 'status' in NGINX Plus.
# Default is false.
status: false
# Enable NGINX Plus REST API and dashboard.
# Default is false for all three variables.
api:
enable: false
write: false
dashboard: false
status_enable: false
# Enable NGINX Plus REST API and write access.
# Default is false.
rest_api_enable: false
rest_api_write: false
# Enable NGINX Plus dashboard. REST API also needs to be enabled.
# Default is false.
dashboard: false
# Location of your NGINX Plus license in your local machine.
# Default is the files folder within the NGINX Ansible role.
license:
certificate: license/nginx-repo.crt
key: license/nginx-repo.key
# Location of the configuration files you wish to upload to NGINX.
# Default is the files folder within the NGINX Ansible role.
configuration_files:
enable: false
main: conf/nginx.conf
http: conf/http/*.conf
# Enable uploading NGINX configuration files to your system.
# Default for uploading files is false.
# Default location of files is the files folder within the NGINX Ansible role.
main_push_enable: false
main_push_location: conf/nginx.conf
http_push_enable: false
http_push_location: conf/http/*.conf
stream_push_enable: false
stream_push_location: conf/stream/*.conf
# Configuration variables to create a templated NGINX configuration.
# Defaults are the values found in a fresh NGINX installation.
configuration_templates:
enable: false
opensource:
user: nginx
worker_processes: 1
error_level: warn
worker_connections: 1024
keepalive_timeout: 65
listen: 80
server_name: localhost
plus:
user: nginx
worker_processes: auto
error_level: notice
worker_connections: 1024
keepalive_timeout: 65
listen: 80
server_name: localhost
main_template_enable: false
main_template_user: nginx
main_template_worker_processes: auto
main_template_error_level: warn
main_template_worker_connections: 1024
main_template_keepalive_timeout: 65
http_template_enable: false
http_template_listen: 80
http_template_server_name: localhost
stream_template_enable: false
stream_template_listen: 12345
Dependencies
------------

64
defaults/main.yml

@ -5,7 +5,7 @@
type: opensource
# Specify which branch of Open Source NGINX you want to install.
# Options are 'mainline' or 'stable'.
# Default is stable.
# Default is mainline.
branch: mainline
# Install nginscript, perl, waf, geoip, image-filter, rtmp and/or xslt modules.
# Default is false.
@ -20,45 +20,43 @@ modules:
# Install NGINX Amplify.
# Use your NGINX Amplify API key.
# Default is null.
amplify: null
amplify_enable: false
amplify_key: null
# Enable NGINX status data.
# Will enable 'stub_status' in open source NGINX and 'status' in NGINX Plus.
# Default is false.
status: false
# Enable NGINX Plus REST API and dashboard.
# Default is false for all three variables.
api:
enable: false
write: false
dashboard: false
status_enable: false
# Enable NGINX Plus REST API and write access.
# Default is false.
rest_api_enable: false
rest_api_write: false
# Enable NGINX Plus dashboard. REST API also needs to be enabled.
# Default is false.
dashboard: false
# Location of your NGINX Plus license in your local machine.
# Default is the files folder within the NGINX Ansible role.
license:
certificate: license/nginx-repo.crt
key: license/nginx-repo.key
# Location of the configuration files you wish to upload to NGINX.
# Default is the files folder within the NGINX Ansible role.
configuration_files:
enable: false
main: conf/nginx.conf
http: conf/http/*.conf
# Enable uploading NGINX configuration files to your system.
# Default for uploading files is false.
# Default location of files is the files folder within the NGINX Ansible role.
main_push_enable: false
main_push_location: conf/nginx.conf
http_push_enable: false
http_push_location: conf/http/*.conf
stream_push_enable: false
stream_push_location: conf/stream/*.conf
# Configuration variables to create a templated NGINX configuration.
# Defaults are the values found in a fresh NGINX installation.
configuration_templates:
enable: false
opensource:
user: nginx
worker_processes: 1
error_level: warn
worker_connections: 1024
keepalive_timeout: 65
listen: 80
server_name: localhost
plus:
user: nginx
worker_processes: auto
error_level: notice
worker_connections: 1024
keepalive_timeout: 65
listen: 80
server_name: localhost
main_template_enable: false
main_template_user: nginx
main_template_worker_processes: auto
main_template_error_level: warn
main_template_worker_connections: 1024
main_template_keepalive_timeout: 65
http_template_enable: false
http_template_listen: 80
http_template_server_name: localhost
stream_template_enable: false
stream_template_listen: 12345

0
files/conf/stream/.gitkeep

2
tasks/amplify/install-amplify.yml

@ -7,4 +7,4 @@
dest: /tmp/install.sh
- name: "(Install: All NGINX) Install NGINX Amplify"
shell: API_KEY='{{ amplify }}' sh /tmp/install.sh -y
shell: API_KEY='{{ amplify_key }}' sh /tmp/install.sh -y

25
tasks/conf/push-config.yml

@ -0,0 +1,25 @@
---
- name: "(Setup: All NGINX) Upload NGINX Main Configuration File"
copy:
src: "{{ main_upload_location }}"
dest: /etc/nginx/nginx.conf
notify: "(Handler: All OSs) Reload NGINX"
when: main_upload_enable
- name: "(Setup: All NGINX) Upload NGINX HTTP Configuration Files"
copy:
src: "{{ item }}"
dest: /etc/nginx/conf.d/
with_fileglob:
- "{{ http_upload_location }}"
notify: "(Handler: All OSs) Reload NGINX"
when: http_upload_enable
- name: "(Setup: All NGINX) Upload NGINX Stream Configuration Files"
copy:
src: "{{ item }}"
dest: /etc/nginx/conf.d/
with_fileglob:
- "{{ stream_upload_location }}"
notify: "(Handler: All OSs) Reload NGINX"
when: stream_upload_enable

6
tasks/conf/setup-api.yml

@ -1,6 +0,0 @@
---
- name: "(Setup: NGINX Plus) Setup NGINX Plus API"
template:
src: api.j2
dest: /etc/nginx/conf.d/api.conf
notify: "(Handler: All OSs) Reload NGINX"

6
tasks/conf/setup-rest-api.yml

@ -0,0 +1,6 @@
---
- name: "(Setup: NGINX Plus) Setup NGINX Plus API"
template:
src: api.conf.j2
dest: "{{ (http_template_enable) | ternary('/etc/nginx/conf.d/http/api.conf','/etc/nginx/conf.d/api.conf')}}"
notify: "(Handler: All OSs) Reload NGINX"

22
tasks/conf/template-config.yml

@ -0,0 +1,22 @@
---
- name: "(Setup: All NGINX) Dynamically Generate NGINX Main Configuration File"
template:
src: nginx.conf.j2
dest: /etc/nginx/nginx.conf
notify: "(Handler: All OSs) Reload NGINX"
- name: "(Setup: All NGINX) Dynamically Generate NGINX HTTP Configuration Files"
template:
src: "{{ item }}"
dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }}
with_fileglob:
- "../templates/http/*.j2"
notify: "(Handler: All OSs) Reload NGINX"
- name: "(Setup: All NGINX) Dynamically Generate NGINX Stream Configuration Files"
template:
src: "{{ item }}"
dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }}
with_fileglob:
- "../templates/stream/*.j2"
notify: "(Handler: All OSs) Reload NGINX"

14
tasks/conf/upload-files.yml

@ -1,14 +0,0 @@
---
- name: "(Setup: All NGINX) Upload NGINX Main Configuration File"
copy:
src: conf/nginx.conf
dest: /etc/nginx/nginx.conf
notify: "(Handler: All OSs) Reload NGINX"
- name: "(Setup: All NGINX) Upload NGINX HTTP Configuration Files"
copy:
src: "{{ item }}"
dest: /etc/nginx/conf.d/
with_fileglob:
- "conf/http/*.conf"
notify: "(Handler: All OSs) Reload NGINX"

32
tasks/conf/upload-templates.yml

@ -1,32 +0,0 @@
---
- name: "(Setup: Open Source NGINX) Upload Open Source NGINX Main Configuration File"
template:
src: opensource/nginx.conf.j2
dest: /etc/nginx/nginx.conf
when: type == "opensource"
notify: "(Handler: All OSs) Reload NGINX"
- name: "(Setup: Open Source NGINX) Upload Open Source NGINX HTTP Configuration Files"
template:
src: "{{ item }}"
dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }}
with_fileglob:
- "../templates/opensource/http/*.j2"
when: type == "opensource"
notify: "(Handler: All OSs) Reload NGINX"
- name: "(Setup: NGINX Plus) Upload NGINX Plus Main Configuration File"
template:
src: plus/nginx.conf.j2
dest: /etc/nginx/nginx.conf
when: type == "plus"
notify: "(Handler: All OSs) Reload NGINX"
- name: "(Setup: NGINX Plus) Upload NGINX Plus HTTP Configuration Files"
template:
src: "{{ item }}"
dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }}
with_fileglob:
- "../templates/plus/http/*.j2"
when: type == "plus"
notify: "(Handler: All OSs) Reload NGINX"

16
tasks/main.yml

@ -32,17 +32,17 @@
- import_tasks: modules/install-waf.yml
when: modules.waf and type == "plus"
- import_tasks: conf/upload-files.yml
when: configuration_files.enable
- import_tasks: conf/push-config.yml
when: main_push_enable or http_push_enable or stream_push_enable
- import_tasks: conf/upload-templates.yml
when: configuration_templates.enable
- import_tasks: conf/template-config.yml
when: main_template_enable or http_template_enable or stream_template_enable
- import_tasks: conf/setup-status.yml
when: status
when: status_enable
- import_tasks: conf/setup-api.yml
when: api.enable and type == "plus"
- import_tasks: conf/setup-rest-api.yml
when: rest_api_enable and type == "plus"
- import_tasks: amplify/install-amplify.yml
when: amplify is defined and amplify
when: amplify_enable and amplify_key is defined and amplify_key

4
templates/api.j2 → templates/http/api.conf.j2

@ -1,13 +1,13 @@
server {
listen 8080;
location /api {
{% if api.write %}
{% if rest_api_write %}
api write=on;
{% else %}
api;
{% endif %}
}
{% if api.dashboard %}
{% if dashboard %}
location = /dashboard.html {
root /usr/share/nginx/html;
}

4
templates/opensource/http/default.conf.j2 → templates/http/default.conf.j2

@ -1,6 +1,6 @@
server {
listen {{ configuration_templates.opensource.listen }};
server_name {{ configuration_templates.opensource.server_name }};
listen {{ http_template_listen }};
server_name {{ http_template_server_name }};
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;

21
templates/opensource/nginx.conf.j2 → templates/nginx.conf.j2

@ -1,15 +1,15 @@
user {{ configuration_templates.opensource.user }};
worker_processes {{ configuration_templates.opensource.worker_processes }};
user {{ main_template_user }};
worker_processes {{ main_teamplate_worker_processes }};
error_log /var/log/nginx/error.log {{ configuration_templates.opensource.error_level }};
error_log /var/log/nginx/error.log {{ main_template_error_level }};
pid /var/run/nginx.pid;
events {
worker_connections {{ configuration_templates.opensource.worker_connections }};
worker_connections {{ main_template_worker_connections }};
}
{% if http_template_enable %}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
@ -23,9 +23,16 @@ http {
sendfile on;
#tcp_nopush on;
keepalive_timeout {{ configuration_templates.opensource.keepalive_timeout }};
keepalive_timeout {{ main_template_keepalive_timeout }};
#gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/conf.d/http/*.conf;
}
{% endif %}
{% if stream_template_enable %}
stream {
include /etc/nginx/conf.d/stream/*.conf;
}
{% endif %}

60
templates/plus/http/default.conf.j2

@ -1,60 +0,0 @@
server {
listen {{ configuration_templates.plus.listen }} default_server;
server_name {{ configuration_templates.plus.server_name }};
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
# enable /api/ location with appropriate access control in order
# to make use of NGINX Plus API
#
#location /api/ {
# api write=on;
# allow 127.0.0.1;
# deny all;
#}
# enable NGINX Plus Dashboard; requires /api/ location to be
# enabled and appropriate access control for remote access
#
#location = /dashboard.html {
# root /usr/share/nginx/html;
#}
}

50
templates/plus/nginx.conf.j2

@ -1,50 +0,0 @@
user {{ configuration_templates.plus.user }};
worker_processes {{ configuration_templates.plus.worker_processes }};
error_log /var/log/nginx/error.log {{ configuration_templates.plus.error_level }};
pid /var/run/nginx.pid;
events {
worker_connections {{ configuration_templates.plus.worker_connections }};
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout {{ configuration_templates.plus.keepalive_timeout }};
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
# TCP/UDP proxy and load balancing block
#
#stream {
# Example configuration for TCP load balancing
#upstream stream_backend {
# zone tcp_servers 64k;
# server backend1.example.com:12345;
# server backend2.example.com:12345;
#}
#server {
# listen 12345;
# status_zone tcp_server;
# proxy_pass stream_backend;
#}
#}

3
templates/stream/default.conf.j2

@ -0,0 +1,3 @@
server {
listen {{ stream_template_listen }};
}
Loading…
Cancel
Save