Browse Source

Adapt project to Devuan

devuan/0.14.0
Beer 1 year ago
parent
commit
f06ad4cc5a
No known key found for this signature in database GPG Key ID: E7D86E358DC831A4
82 changed files with 146 additions and 2459 deletions
  1. +0
    -15
      .gitignore
  2. +0
    -0
      .gitlab/ISSUE_TEMPLATE/bug_report.md
  3. +0
    -0
      .gitlab/ISSUE_TEMPLATE/feature_request.md
  4. +1
    -1
      .gitlab/pull_request_template.md
  5. +4
    -32
      .travis.yml
  6. +3
    -3
      CONTRIBUTING.md
  7. +15
    -192
      README.md
  8. +0
    -7
      defaults/main/amplify.yml
  9. +0
    -26
      defaults/main/bsd.yml
  10. +0
    -13
      defaults/main/linux.yml
  11. +11
    -70
      defaults/main/main.yml
  12. +8
    -17
      defaults/main/template.yml
  13. +0
    -6
      defaults/main/unit.yml
  14. +6
    -27
      handlers/main.yml
  15. +0
    -50
      meta/main.yml
  16. +0
    -15
      molecule/common/playbook_default.yml
  17. +0
    -9
      molecule/common/playbook_module.yml
  18. +0
    -44
      molecule/default_alpine/molecule.yml
  19. +0
    -33
      molecule/default_centos/molecule.yml
  20. +0
    -44
      molecule/module_alpine/molecule.yml
  21. +0
    -33
      molecule/module_centos/molecule.yml
  22. +0
    -44
      molecule/source/molecule.yml
  23. +0
    -44
      molecule/source_alpine/molecule.yml
  24. +0
    -30
      molecule/source_centos/molecule.yml
  25. +0
    -47
      molecule/stable_push_alpine/molecule.yml
  26. +0
    -36
      molecule/stable_push_centos/molecule.yml
  27. +0
    -47
      molecule/template_alpine/molecule.yml
  28. +0
    -36
      molecule/template_centos/molecule.yml
  29. +0
    -41
      molecule/unit/molecule.yml
  30. +0
    -41
      molecule/unit_alpine/molecule.yml
  31. +0
    -30
      molecule/unit_centos/molecule.yml
  32. +0
    -24
      tasks/amplify/install-amplify.yml
  33. +0
    -5
      tasks/amplify/setup-debian.yml
  34. +0
    -8
      tasks/amplify/setup-redhat.yml
  35. +31
    -2
      tasks/conf/cleanup-config.yml
  36. +2
    -2
      tasks/conf/debug-output.yml
  37. +2
    -19
      tasks/conf/setup-status.yml
  38. +12
    -21
      tasks/conf/template-config.yml
  39. +16
    -16
      tasks/conf/upload-config.yml
  40. +6
    -0
      tasks/install.yml
  41. +0
    -13
      tasks/keys/apk-key.yml
  42. +0
    -12
      tasks/keys/apt-key.yml
  43. +0
    -14
      tasks/keys/rpm-key.yml
  44. +12
    -60
      tasks/main.yml
  45. +0
    -29
      tasks/modules/install-geoip.yml
  46. +0
    -20
      tasks/modules/install-image-filter.yml
  47. +0
    -28
      tasks/modules/install-modules.yml
  48. +0
    -23
      tasks/modules/install-njs.yml
  49. +0
    -25
      tasks/modules/install-perl.yml
  50. +0
    -13
      tasks/modules/install-rtmp.yml
  51. +0
    -13
      tasks/modules/install-waf.yml
  52. +0
    -20
      tasks/modules/install-xslt.yml
  53. +0
    -103
      tasks/opensource/install-oss-bsd.yml
  54. +0
    -28
      tasks/opensource/install-oss-linux.yml
  55. +0
    -8
      tasks/opensource/install-oss.yml
  56. +0
    -29
      tasks/opensource/setup-alpine.yml
  57. +0
    -26
      tasks/opensource/setup-debian.yml
  58. +0
    -31
      tasks/opensource/setup-redhat.yml
  59. +0
    -437
      tasks/opensource/setup-source.yml
  60. +0
    -21
      tasks/opensource/setup-suse.yml
  61. +0
    -34
      tasks/plus/delete-license.yml
  62. +0
    -9
      tasks/plus/install-plus-bsd.yml
  63. +0
    -18
      tasks/plus/install-plus-linux.yml
  64. +0
    -11
      tasks/plus/install-plus.yml
  65. +0
    -7
      tasks/plus/setup-alpine.yml
  66. +0
    -21
      tasks/plus/setup-bsd.yml
  67. +0
    -22
      tasks/plus/setup-debian.yml
  68. +0
    -41
      tasks/plus/setup-license.yml
  69. +0
    -28
      tasks/plus/setup-redhat.yml
  70. +0
    -11
      tasks/plus/setup-suse.yml
  71. +1
    -1
      tasks/prerequisites.yml
  72. +0
    -8
      tasks/prerequisites/install-prerequisites.yml
  73. +0
    -17
      tasks/prerequisites/setup-freebsd.yml
  74. +0
    -16
      tasks/unit/install-modules.yml
  75. +0
    -26
      tasks/unit/install-unit.yml
  76. +0
    -7
      tasks/unit/setup-debian.yml
  77. +0
    -10
      tasks/unit/setup-freebsd.yml
  78. +0
    -18
      tasks/unit/setup-redhat.yml
  79. +0
    -17
      templates/http/api.conf.j2
  80. +0
    -3
      templates/http/default.conf.j2
  81. +16
    -46
      templates/nginx.conf.j2
  82. +0
    -5
      templates/stream/default.conf.j2

+ 0
- 15
.gitignore View File

@@ -1,15 +0,0 @@
# Any private crt and keys #
############################
*.crt
*.key
__pycache__
*~
\#*

# OS Specific
Thumbs.db
.DS_Store
.vscode

# Ansible specific
*.retry

.github/ISSUE_TEMPLATE/bug_report.md → .gitlab/ISSUE_TEMPLATE/bug_report.md View File


.github/ISSUE_TEMPLATE/feature_request.md → .gitlab/ISSUE_TEMPLATE/feature_request.md View File


.github/pull_request_template.md → .gitlab/pull_request_template.md View File

@@ -4,7 +4,7 @@ Describe the use case and detail of the change. If this PR addresses an issue on
### Checklist
Before creating a PR, run through this checklist and mark each as complete.

- [ ] I have read the [CONTRIBUTING](https://github.com/nginxinc/ansible-role-nginx/blob/master/CONTRIBUTING.md) document
- [ ] I have read the [CONTRIBUTING](https://git.devuan.org/configuration-management/ansible-role-nginx/blob/master/CONTRIBUTING.md) document
- [ ] I have added Molecule tests that prove my fix is effective or that my feature works
- [ ] I have checked that all unit tests pass after adding my changes
- [ ] If required, I have updated necessary documentation (`defaults/main/` and `README.md`)

+ 4
- 32
.travis.yml View File

@@ -4,42 +4,14 @@ services:
- docker
jobs:
include:
- name: "Install Specific Version Test - Debian"
- name: "Install Specific Version Test"
env: scenario=default
- name: "Install Specific Version Test - Alpine"
env: scenario=default_alpine
- name: "Install Specific Version Test - CentOS"
env: scenario=default_centos
- name: "Install Modules Test - Debian"
- name: "Install Modules Test"
env: scenario=module
- name: "Install Modules Test - Alpine"
env: scenario=module_alpine
- name: "Install Modules Test - CentOS"
env: scenario=module_centos
- name: "Install Stable Branch and Push Configuration Test - Debian"
- name: "Install Stable Branch and Push Configuration Test"
env: scenario=stable_push
- name: "Install Stable Branch and Push Configuration Test - Alpine"
env: scenario=stable_push_alpine
- name: "Install Stable Branch and Push Configuration Test - CentOS"
env: scenario=stable_push_centos
- name: "Use Template Setting Test - Debian"
- name: "Use Template Setting Test"
env: scenario=template
- name: "Use Template Setting Test - Alpine"
env: scenario=template_alpine
- name: "Use Template Setting Test - CentOS"
env: scenario=template_centos
- name: "Install Unit Test - Debian"
env: scenario=unit
- name: "Install Unit Test - Alpine"
env: scenario=unit_alpine
- name: "Install Unit Test - CentOS"
env: scenario=unit_centos
- name: "Install from Source Test - Debian"
env: scenario=source
- name: "Install from Source Test - Alpine"
env: scenario=source_alpine
- name: "Install from Source Test - CentOS"
env: scenario=source_centos
before_install:
- sudo apt-get -qq update
install:


+ 3
- 3
CONTRIBUTING.md View File

@@ -14,7 +14,7 @@ The following is a set of guidelines for contributing to the NGINX Ansible role.
* [Git Guidelines](#git-guidelines)
* [Ansible Guidelines](#ansible-guidelines)

[Code of Conduct](https://github.com/nginxinc/ansible-role-nginx/blob/master/CODE_OF_CONDUCT.md)
[Code of Conduct](https://git.devuan.org/configuration-management/ansible-role-nginx/blob/master/CODE_OF_CONDUCT.md)

## Ask a Question

@@ -22,7 +22,7 @@ Please open an Issue on GitHub with the label `question`.

## Getting Started

Follow our [Installation Guide](https://github.com/nginxinc/ansible-role-nginx/blob/master/README.md#Installation) to install Ansible and Molecule and get ready to use the NGINX Ansible role.
Follow our [Installation Guide](https://git.devuan.org/configuration-management/ansible-role-nginx/blob/master/README.md#Installation) to install Ansible and Molecule and get ready to use the NGINX Ansible role.

### Project Structure

@@ -47,7 +47,7 @@ To suggest an enhancement, please create an issue on GitHub with the label `enha
### Open a Pull Request

* Fork the repo, create a branch, submit a PR when your changes are tested and ready for review
* Fill in [our pull request template](https://github.com/nginxinc/ansible-role-nginx/blob/master/.github/PULL_REQUEST_TEMPLATE.md)
* Fill in [our pull request template](https://git.devuan.org/configuration-management/ansible-role-nginx/blob/master/.gitlab/PULL_REQUEST_TEMPLATE.md)

Note: if you’d like to implement a new feature, please consider creating a feature request issue first to start a discussion about the feature.



+ 15
- 192
README.md View File

@@ -1,10 +1,9 @@
Ansible NGINX Role
Ansible nginx Role for Devuan
==================

[![Ansible Galaxy](https://img.shields.io/badge/galaxy-nginxinc.nginx-5bbdbf.svg)](https://galaxy.ansible.com/nginxinc/nginx)
[![Build Status](https://travis-ci.org/nginxinc/ansible-role-nginx.svg?branch=master)](https://travis-ci.org/nginxinc/ansible-role-nginx)
This role is a fork from the [original nginx project](https://github.com/nginxinc/ansible-role-nginx).

This role installs NGINX Open Source, NGINX Plus, the NGINX Amplify agent, or NGINX Unit on your target host.
It installs nginx on your target Devuan host.

**Note:** This role is still in active development. There may be unidentified issues and the role variables may change as development continues.

@@ -24,157 +23,20 @@ Molecule is used to test the various functionailities of the role. Instructions
Installation
------------

**Ansible Galaxy**

Use `ansible-galaxy install nginxinc.nginx` to install the latest stable release of the role on your system.

**Git**

Use `git clone https://github.com/nginxinc/ansible-role-nginx.git` to pull the latest edge commit of the role from GitHub.
Use `git clone https://git.devuan.org/configuration-management/ansible-role-nginx` to pull the latest edge commit of the role from Devuan GitLab.

Platforms
---------

The NGINX Ansible role supports all platforms supported by [NGINX Open Source](https://nginx.org/en/linux_packages.html#mainline), [NGINX Plus](https://www.nginx.com/products/technical-specs/), the [NGINX Amplify agent](https://github.com/nginxinc/nginx-amplify-doc/blob/master/amplify-faq.md#21-what-operating-systems-are-supported), and [NGINX Unit](https://unit.nginx.org/installation/#official-packages):

**NGINX Open Source**

```yaml
Alpine:
versions:
- 3.8
- 3.9
- 3.10
- 3.11
CentOS:
versions:
- 6
- 7
- 8
Debian:
versions:
- stretch
- buster
FreeBSD:
versions:
- 11.2+
- 12
RedHat:
versions:
- 6
- 7.4+
- 8
SUSE/SLES:
versions:
- 12
- 15
Ubuntu:
versions:
- xenial
- bionic
```

**NGINX Plus**

```yaml
Alpine:
versions:
- 3.8
- 3.9
- 3.10
- 3.11
Amazon Linux:
versions:
- 2018.03
Amazon Linux 2:
versions:
- LTS
CentOS:
versions:
- 6.5+
- 7.4+
- 8
Debian:
versions:
- stretch
- buster
FreeBSD:
versions:
- 11.2+
- 12
Oracle Linux:
versions:
- 6.5+
- 7.4+
RedHat:
versions:
- 6.5+
- 7.4+
- 8
SUSE/SLES:
versions:
- 12
- 15
Ubuntu:
versions:
- xenial
- bionic
```

**NGINX Amplify Agent**

```yaml
Amazon Linux:
versions:
- 2017.09
CentOS:
versions:
- 6
- 7
Debian:
versions:
- jessie
- stretch
Ubuntu:
versions:
- xenial
- bionic
RedHat:
versions:
- 6
- 7
```

**NGINX Unit**
This nginx Ansible role supports all platforms supported by Devuan:

```yaml
CentOS:
versions:
- 6
- 7
RedHat:
versions:
- 6
- 7
Debian:
versions:
- jessie
- stretch
- buster
Ubuntu:
Devuan:
versions:
- xenial
- bionic
Amazon Linux:
versions:
- 2018.03
Amazon Linux 2:
versions:
- 2
FreeBSD:
versions:
- 10
- 11
- ascii
- beowulf
```

Role Variables
@@ -183,12 +45,8 @@ Role Variables
This role has multiple variables. The descriptions and defaults for all these variables can be found in the directory **`defaults/main`** in the following files:

- **[defaults/main/main.yml](./defaults/main/main.yml):** NGINX installation variables
- **[defaults/main/amplify.yml](./defaults/main/amplify.yml):** NGINX Amplify agent installation variables
- **[defaults/main/template.yml](./defaults/main/template.yml):** NGINX configuration templating variables
- **[defaults/main/upload.yml](./defaults/main/upload.yml):** NGINX configuration/HTML/SSL upload variables
- **[defaults/main/linux.yml](./defaults/main/linux.yml):** Linux installation variables
- **[defaults/main/bsd.yml](./defaults/main/bsd.yml):** BSD installation variables
- **[defaults/main/unit.yml](./defaults/main/unit.yml):** NGINX Unit installation variables

Dependencies
------------
@@ -225,7 +83,7 @@ This is a sample playbook file for deploying the Ansible Galaxy NGINX role in a
- hosts: localhost
become: true
roles:
- role: nginxinc.nginx
- role: ansible-role-nginx
vars:
nginx_http_template_enable: true
nginx_http_template:
@@ -259,7 +117,7 @@ This is a sample playbook file for deploying the Ansible Galaxy NGINX role in a
- hosts: localhost
become: true
roles:
- role: nginxinc.nginx
- role: ansible-role-nginx
vars:
nginx_http_template_enable: true
nginx_http_template:
@@ -292,25 +150,21 @@ This is a sample playbook file for deploying the Ansible Galaxy NGINX role in a
lb_method: least_conn
zone_name: frontend
zone_size: 64k
sticky_cookie: false
servers:
frontend_server_1:
address: 0.0.0.0
port: 8081
weight: 1
health_check: max_fails=3 fail_timeout=5s
upstream_2:
name: backend_servers
lb_method: least_conn
zone_name: backend
zone_size: 64k
sticky_cookie: false
servers:
backend_server_1:
address: 0.0.0.0
port: 8082
weight: 1
health_check: max_fails=3 fail_timeout=5s
frontend:
template_file: http/default.conf.j2
conf_file_name: frontend_default.conf
@@ -361,52 +215,21 @@ This is a sample playbook file for deploying the Ansible Galaxy NGINX role in a
http_demo_conf: false
```


This is a sample playbook file for deploying the Ansible Galaxy NGINX role in a localhost and installing NGINX Plus.

```yaml
---
- hosts: localhost
become: true
roles:
- role: nginxinc.nginx
vars:
nginx_type: plus
```

This is a sample playbook file for deploying the Ansible Galaxy NGINX role in a localhost to install NGINX Unit and the PHP/Perl NGINX Unit language modules.

```yaml
---
- hosts: localhost
become: true
roles:
- role: nginxinc.nginx
vars:
nginx_enable: false
nginx_unit_enable: true
nginx_unit_modules:
- unit-php
- unit-perl
```

To run any of the above sample playbooks create a `setup-nginx.yml` file and paste the contents. Executing the Ansible Playbook is then as simple as executing `ansible-playbook setup-nginx.yml`.

Alternatively, you can also clone this repository instead of installing it from Ansible Galaxy. If you decide to do so, replace the role variable in the previous sample playbooks from `nginxinc.nginx` to `ansible-role-nginx`.

Other NGINX Roles
-----------------

You can find an Ansible collection of roles to help you install and configure NGINX Controller [here](https://github.com/nginxinc/ansible-collection-nginx_controller)

License
-------

[Apache License, Version 2.0](https://github.com/nginxinc/ansible-role-nginx/blob/master/LICENSE)
[Apache License, Version 2.0](LICENSE)

Author Information
------------------

[Bernard Rosset](https://git.devuan.org/Beer)

Original module:

[Alessandro Fael Garcia](https://github.com/alessfg)

[Grzegorz Dzien](https://github.com/gdzien)


+ 0
- 7
defaults/main/amplify.yml View File

@@ -1,7 +0,0 @@
---
# Install NGINX Amplify.
# Use your NGINX Amplify API key.
# Requires access to either the NGINX stub status or the NGINX Plus REST API.
# Default is null.
nginx_amplify_enable: false
nginx_amplify_api_key: null

+ 0
- 26
defaults/main/bsd.yml View File

@@ -1,26 +0,0 @@
---
# Supported distributions
nginx_bsd_systems: ['FreeBSD', 'NetBSD', 'OpenBSD', 'DragonFlyBSD', 'HardenedBSD']

# Supported distributions NGINX Plus
# https://docs.nginx.com/nginx/technical-specs/
nginx_plus_bsd_systems: ['FreeBSD']

# Choose to install BSD packages or ports.
# Options are True for packages or False for ports.
# Default is True.
nginx_bsd_install_packages: true

# Choose to update BSD ports collection.
# Options are True for update or False for do not update.
# Default is True.
nginx_bsd_update_ports: true

# Choose to install packages built from BSD ports collection if
# available.
# Options are True for use packages or False for do not use packages.
# Default is True.
nginx_bsd_portinstall_use_packages: true

# FreeBSD extra packages
nginx_freebsd_extra_packages: ['security/ca_root_nss']

+ 0
- 13
defaults/main/linux.yml View File

@@ -1,13 +0,0 @@
---
# Supported distributions
nginx_linux_families: ['Alpine', 'Debian', 'RedHat', 'Suse']

# Supported distributions NGINX Plus
# https://docs.nginx.com/nginx/technical-specs/
# RedHat={Amazon,CentOS,OracleLinux,RHEL} Debian={Ubuntu,Debian}
nginx_plus_linux_families: ['Alpine', 'Debian', 'RedHat', 'Suse']

# Default locations and versions for install from source
pcre_version: pcre-8.43
zlib_version: zlib-1.2.11
openssl_version: openssl-1.1.1c

+ 11
- 70
defaults/main/main.yml View File

@@ -1,93 +1,34 @@
---
# Install NGINX.
# Install nginx.
# Default is true.
nginx_enable: true

# Start NGINX service.
# Start nginx service.
# Default is true.
nginx_start: true

# Print NGINX configuration file to terminal after executing playbook.
# Print nginx configuration file to terminal after executing playbook.
nginx_debug_output: false

# Specify which type of NGINX you want to install.
# Options are 'opensource' or 'plus'.
# Default is 'opensource'.
nginx_type: opensource

# Specify which version of NGINX you want to install.
# Specify which version of nginx you want to install.
# Default is empty.
# nginx_version: "=19-1~bionic"
# For Plus and modules you'll need a wilcard like below (which installs plus-20 and modules)
# nginx_version: "-20*"

# Specify whether you want to maintain your version of NGINX, upgrade to the latest version, or remove NGINX.
# Can be used with `nginx_version` to achieve fine tune control on which version of NGINX is installed/used on each playbook execution.
# Using 'present' will install the latest version (or 'nginx_version') of NGINX on a fresh install.
# Using 'latest' will upgrade NGINX to the latest version (that matches your 'nginx_version') of NGINX on every playbook execution.
# Using 'absent' will remove NGINX from your system.
# Specify whether you want to maintain your version of nginx, upgrade to the latest version, or remove nginx.
# Can be used with `nginx_version` to achieve fine tune control on which version of nginx is installed/used on each playbook execution.
# Using 'present' will install the latest version (or 'nginx_version') of nginx on a fresh install.
# Using 'latest' will upgrade nginx to the latest version (that matches your 'nginx_version') of nginx on every playbook execution.
# Using 'absent' will remove nginx from your system.
# Default is present.
nginx_state: present

# Specify repository origin for NGINX Open Source.
# Options are 'nginx_repository', 'source' or 'os_repository'.
# Only works if 'nginx_type' is set to 'opensource'.
# Default is nginx_repository.
nginx_install_from: nginx_repository

# Specify source install options for NGINX Open Source.
# Options represent whether to install from source also
# or to install from packages (default). These only apply
# if 'nginx_install_from' is set to 'source'
# For the tools, true means we will isntall from a package
# and false means install from source.
# 'nginx_install_source_build_tools' will install compiler
# and build tools from packages. If false, you need to have
# these present.
nginx_install_source_build_tools: true
nginx_install_source_pcre: false
nginx_install_source_openssl: true
nginx_install_source_zlib: false

# Choose where to fetch the NGINX signing key from.
# Default is the official NGINX signing key host.
# nginx_signing_key: http://nginx.org/keys/nginx_signing.key

# Specify source repository for NGINX Open Source.
# Only works if 'install_from' is set to 'nginx_repository'.
# Defaults are the official NGINX repositories.
# nginx_repository: deb https://nginx.org/packages/mainline/debian/ stretch nginx

# Specify which branch of NGINX Open Source you want to install.
# Options are 'mainline' or 'stable'.
# Only works if 'install_from' is set to 'nginx_repository' or 'source'.
# Default is mainline.
nginx_branch: mainline

# Location of your NGINX Plus license in your local machine.
# Default is the files folder within the NGINX Ansible role.
nginx_license:
certificate: license/nginx-repo.crt
key: license/nginx-repo.key

# Remove NGINX Plus license and repository after installation for security purposes.
# Default is false.
nginx_delete_license: false

# Install NGINX JavaScript, Perl, ModSecurity WAF (NGINX Plus only), GeoIP, Image-Filter, RTMP Media Streaming (NGINX Plus only), and/or XSLT modules.
# Default is false.
nginx_modules:
njs: false
perl: false
waf: false
geoip: false
image_filter: false
rtmp: false
xslt: false

# Remove previously existing NGINX configuration files.
# Use a list of paths you wish to remove.
# Default is false.
nginx_cleanup_config: false
nginx_cleanup_config_path:
- /etc/nginx/conf.d
- /etc/nginx/sites-available
- /etc/nginx/sites-enabled

+ 8
- 17
defaults/main/template.yml View File

@@ -15,12 +15,16 @@ nginx_main_template:
template_file: nginx.conf.j2
conf_file_name: nginx.conf
conf_file_location: /etc/nginx/
user: nginx
custom_options:
- "include /etc/nginx/modules-enabled/*.conf"
user: www-data
worker_processes: auto
# worker_rlimit_nofile: 1024
error_log:
location: /var/log/nginx/error.log
level: warn
events_custom_options:
- "multi_accept on"
worker_connections: 1024
http_enable: true
http_settings:
@@ -34,12 +38,12 @@ nginx_main_template:
- name: main
location: /var/log/nginx/access.log
tcp_nopush: true
tcp_nodelay: true
# tcp_nodelay: true
keepalive_timeout: 65
cache: false
rate_limit: false
keyval: false
# server_tokens: "off"
server_tokens: "off"
http_global_autoindex: false
sub_filter:
# sub_filters: []
@@ -294,7 +298,6 @@ nginx_http_template:
lb_method: least_conn
zone_name: backend_mem_zone
zone_size: 64k
sticky_cookie: false
servers:
server1:
address: localhost
@@ -305,23 +308,12 @@ nginx_http_template:
# custom_options: []

# Enable NGINX status data.
# Will enable 'stub_status' in NGINX Open Source and 'status' in NGINX Plus.
# Note - 'status' has been deprecated since NGINX Plus R13.
# Will enable 'stub_status'
# Default is false.
nginx_status_enable: false
nginx_status_location: /etc/nginx/conf.d/stub_status.conf
nginx_status_port: 80

# Enable NGINX Plus REST API, write access to the REST API, and NGINX Plus dashboard.
# Requires NGINX Plus.
# Default is false.
nginx_rest_api_enable: false
nginx_rest_api_template_file: http/api.conf.j2
nginx_rest_api_file_location: /etc/nginx/conf.d/api.conf
nginx_rest_api_port: 80
nginx_rest_api_write: false
nginx_rest_api_dashboard: false

# Enable creating dynamic templated NGINX stream configuration files.
# Defaults will not produce a valid configuration. Instead they are meant to showcase
# the options available for templating. Each key represents a new configuration file.
@@ -358,7 +350,6 @@ nginx_stream_template:
lb_method: least_conn
zone_name: backend
zone_size: 64k
sticky_cookie: false
servers:
server1:
address: localhost


+ 0
- 6
defaults/main/unit.yml View File

@@ -1,6 +0,0 @@
---
# Install NGINX Unit and NGINX Unit modules.
# Use a list of supported NGINX Unit modules.
# Default is false.
nginx_unit_enable: false
nginx_unit_modules: null

+ 6
- 27
handlers/main.yml View File

@@ -1,39 +1,18 @@
---
- name: "(Handler: All OSs) Run NGINX"
- name: "Run nginx"
block:

- name: "(Handler: All OSs) Start NGINX"
- name: "Start nginx"
service:
name: nginx
state: started
enabled: yes
notify: "(Handler: All OSs) Check NGINX"

- name: "(Handler: All OSs) Reload NGINX"
command: "nginx -s reload"
changed_when: false
- name: "Reload nginx"
service:
name: nginx
state: reloaded

when:
- nginx_start | bool
- not ansible_check_mode

- name: "(Handler: All OSs) Start NGINX Amplify Agent"
service:
name: amplify-agent
state: started

- name: "(Handler: Debian/Ubuntu/CentOS/RedHat) Start NGINX Unit"
service:
name: unit
state: started
enabled: yes

- name: "(Handler: FreeBSD) Start NGINX Unit"
service:
name: unitd
state: started
enabled: yes

- name: "(Handler: All OSs) Check NGINX"
command: "nginx -t"
changed_when: false

+ 0
- 50
meta/main.yml View File

@@ -1,50 +0,0 @@
---
galaxy_info:
author: Alessandro Fael Garcia
description: Official Ansible role for NGINX
company: NGINX, Inc.

license: Apache License, Version 2.0

min_ansible_version: 2.9

platforms:
- name: Alpine
versions:
- all
- name: Amazon
versions:
- Candidate
- name: Debian
versions:
- jessie
- stretch
- buster
- name: EL
versions:
- 6
- 7
- name: FreeBSD
versions:
- 11.2
- 12.0
- name: Ubuntu
versions:
- xenial
- bionic
- name: SLES
versions:
- 12
- 15

galaxy_tags:
- nginx
- oss
- plus
- amplify
- unit
- web
- server
- development

dependencies: []

+ 0
- 15
molecule/common/playbook_default.yml View File

@@ -1,20 +1,5 @@
---
- name: Converge
hosts: all
pre_tasks:
- name: "Set repo if Alpine"
set_fact:
version: "=1.17.8-r1"
when: ansible_os_family == "Alpine"
- name: "Set repo if Debian"
set_fact:
version: "=1.17.8-1~{{ ansible_distribution_release }}"
when: ansible_os_family == "Debian"
- name: "Set repo if RedHat"
set_fact:
version: "-1.17.8-1.el{{ ansible_distribution_major_version }}.ngx"
when: ansible_os_family == "RedHat"
roles:
- role: ansible-role-nginx
vars:
nginx_version: "{{ version }}"

+ 0
- 9
molecule/common/playbook_module.yml View File

@@ -5,12 +5,3 @@
- role: ansible-role-nginx
vars:
nginx_debug_output: true

nginx_modules:
njs: true
perl: true
waf: false
geoip: true
image_filter: true
rtmp: true
xslt: true

+ 0
- 44
molecule/default_alpine/molecule.yml View File

@@ -1,44 +0,0 @@
---
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: alpine-3.8
image: alpine:3.8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.9
image: alpine:3.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.10
image: alpine:3.10
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.11
image: alpine:3.11
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_default.yml
verifier:
name: testinfra
directory: ../common/test_default

+ 0
- 33
molecule/default_centos/molecule.yml View File

@@ -1,33 +0,0 @@
---
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: centos-6
image: centos:6
dockerfile: ../common/Dockerfile.j2
- name: centos-7
image: centos:7
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: centos-8
image: centos:8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_default.yml
verifier:
name: testinfra
directory: ../common/test_default

+ 0
- 44
molecule/module_alpine/molecule.yml View File

@@ -1,44 +0,0 @@
---
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: alpine-3.8
image: alpine:3.8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.9
image: alpine:3.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.10
image: alpine:3.10
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.11
image: alpine:3.11
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_module.yml
verifier:
name: testinfra
directory: ../common/test_module

+ 0
- 33
molecule/module_centos/molecule.yml View File

@@ -1,33 +0,0 @@
---
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: centos-6
image: centos:6
dockerfile: ../common/Dockerfile.j2
- name: centos-7
image: centos:7
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: centos-8
image: centos:8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_module.yml
verifier:
name: testinfra
directory: ../common/test_module

+ 0
- 44
molecule/source/molecule.yml View File

@@ -1,44 +0,0 @@
---
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: debian-stretch
image: debian:stretch-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: debian-buster
image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-xenial
image: ubuntu:xenial
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-bionic
image: ubuntu:bionic
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_source.yml
verifier:
name: testinfra
directory: ../common/test_source

+ 0
- 44
molecule/source_alpine/molecule.yml View File

@@ -1,44 +0,0 @@
---
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: alpine-3.8
image: alpine:3.8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.9
image: alpine:3.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.10
image: python:alpine3.10
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.11
image: python:alpine3.11
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_source.yml
verifier:
name: testinfra
directory: ../common/test_source

+ 0
- 30
molecule/source_centos/molecule.yml View File

@@ -1,30 +0,0 @@
---
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: centos-7
image: centos:7
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: centos-8
image: centos:8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_source.yml
verifier:
name: testinfra
directory: ../common/test_source

+ 0
- 47
molecule/stable_push_alpine/molecule.yml View File

@@ -1,47 +0,0 @@
---
dependency:
name: shell
command: pip install python-nginx
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: alpine-3.8
image: alpine:3.8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.9
image: alpine:3.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.10
image: alpine:3.10
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.11
image: alpine:3.11
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_stable_push.yml
verifier:
name: testinfra
directory: ../common/test_stable_push

+ 0
- 36
molecule/stable_push_centos/molecule.yml View File

@@ -1,36 +0,0 @@
---
dependency:
name: shell
command: pip install python-nginx
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: centos-6
image: centos:6
dockerfile: ../common/Dockerfile.j2
- name: centos-7
image: centos:7
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: centos-8
image: centos:8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_stable_push.yml
verifier:
name: testinfra
directory: ../common/test_stable_push

+ 0
- 47
molecule/template_alpine/molecule.yml View File

@@ -1,47 +0,0 @@
---
dependency:
name: shell
command: pip install python-nginx
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: alpine-3.8
image: alpine:3.8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.9
image: alpine:3.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.10
image: alpine:3.10
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.11
image: alpine:3.11
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_template.yml
verifier:
name: testinfra
directory: ../common/test_template

+ 0
- 36
molecule/template_centos/molecule.yml View File

@@ -1,36 +0,0 @@
---
dependency:
name: shell
command: pip install python-nginx
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: centos-6
image: centos:6
dockerfile: ../common/Dockerfile.j2
- name: centos-7
image: centos:7
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: centos-8
image: centos:8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_template.yml
verifier:
name: testinfra
directory: ../common/test_template

+ 0
- 41
molecule/unit/molecule.yml View File

@@ -1,41 +0,0 @@
---
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: debian-stretch
image: debian:stretch-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: debian-buster
image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-xenial
image: ubuntu:xenial
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-bionic
image: ubuntu:bionic
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_unit.yml

+ 0
- 41
molecule/unit_alpine/molecule.yml View File

@@ -1,41 +0,0 @@
---
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: alpine-3.8
image: alpine:3.8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.9
image: alpine:3.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.10
image: alpine:3.10
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.11
image: alpine:3.11
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_unit.yml

+ 0
- 30
molecule/unit_centos/molecule.yml View File

@@ -1,30 +0,0 @@
---
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: centos-6
image: centos:6
dockerfile: ../common/Dockerfile.j2
- name: centos-7
image: centos:7
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: centos-8
image: centos:8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_unit.yml

+ 0
- 24
tasks/amplify/install-amplify.yml View File

@@ -1,24 +0,0 @@
---
- import_tasks: setup-debian.yml
when: ansible_os_family == "Debian"

- import_tasks: setup-redhat.yml
when: ansible_os_family == "RedHat"

- name: "(Install: All OSs) Install NGINX Amplify Agent"
package:
name: nginx-amplify-agent
state: present

- name: "(Setup: All OSs) Copy NGINX Configurator Agent Configuration Template"
copy:
remote_src: yes
src: /etc/amplify-agent/agent.conf.default
dest: /etc/amplify-agent/agent.conf

- name: "(Setup: All OSs) Configure NGINX Amplify Agent API Key"
lineinfile:
dest: /etc/amplify-agent/agent.conf
regexp: api_key =.*
line: "api_key = {{ nginx_amplify_api_key }}"
notify: "(Handler: All OSs) Start NGINX Amplify Agent"

+ 0
- 5
tasks/amplify/setup-debian.yml View File

@@ -1,5 +0,0 @@
---
- name: "(Install: Debian/Ubuntu) Add NGINX Amplify Agent Repository"
apt_repository:
filename: nginx-amplify
repo: deb [arch=amd64] http://packages.amplify.nginx.com/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release|lower }} amplify-agent

+ 0
- 8
tasks/amplify/setup-redhat.yml View File

@@ -1,8 +0,0 @@
---
- name: "(Install: CentOS/RedHat/Amazon Linux) Add NGINX Amplify Agent Repository"
yum_repository:
name: nginx-amplify
baseurl: http://packages.amplify.nginx.com/{{ (ansible_distribution == "Amazon") | ternary('amzn/', 'centos/') }}/$releasever/$basearch/
description: NGINX Amplify Agent
enabled: yes
gpgcheck: yes

+ 31
- 2
tasks/conf/cleanup-config.yml View File

@@ -1,8 +1,37 @@
---
- name: "(Setup: All OSs) Remove NGINX configuration files"
- name: "Remove nginx configuration files"
file:
path: "{{ item }}"
state: absent
with_items:
- "{{ nginx_cleanup_config_path }}"
notify: "(Handler: All OSs) Reload NGINX"
notify: "Reload nginx"

- name: "Delete default data"
file:
path: /var/www/html/index.nginx-debian.html
state: absent

- name: "Check /var/www/html contents"
find:
path: /var/www/html
file_type: any
register: files

- name: "Remove empty /var/www/html"
file:
path: /var/www/html
state: absent
when: files.matched|int == 0

- name: "Check /var/www contents"
find:
path: /var/www
file_type: any
register: files

- name: "Remove empty /var/www"
file:
path: /var/www
state: absent
when: files.matched|int == 0

+ 2
- 2
tasks/conf/debug-output.yml View File

@@ -1,9 +1,9 @@
---
- name: "(Setup: All OSs) Register NGINX configuration"
- name: "Register nginx configuration"
command: nginx -T
changed_when: false
register: nginx_configuration

- name: "(Setup: All OSs) Print NGINX configuration"
- name: "Print nginx configuration"
debug:
var: nginx_configuration.stdout_lines

+ 2
- 19
tasks/conf/setup-status.yml View File

@@ -1,5 +1,5 @@
---
- name: "(Setup: NGINX Open Source) Enable NGINX Open Source Status"
- name: "Enable nginx open source status"
blockinfile:
path: "{{ nginx_status_location }}"
create: yes
@@ -12,21 +12,4 @@
deny all;
}
}
when: nginx_type == "opensource"
notify: "(Handler: All OSs) Reload NGINX"

- name: "(Setup: NGINX Plus) Enable NGINX Plus Status"
blockinfile:
path: "{{ nginx_status_location }}"
create: yes
block: |
server {
listen 127.0.0.1:{{ nginx_status_port | default('80') }};
location /status {
status;
allow 127.0.0.1;
deny all;
}
}
when: nginx_type == "plus"
notify: "(Handler: All OSs) Reload NGINX"
notify: "Reload nginx"

+ 12
- 21
tasks/conf/template-config.yml View File

@@ -1,12 +1,12 @@
---
- name: "(Setup: All NGINX) Ensure HTML Directory Exists"
- name: "Ensure HTML directory exists"
file:
path: "{{ item.value.html_file_location | default('/usr/share/nginx/html') }}"
state: directory
with_dict: "{{ nginx_html_demo_template }}"
when: nginx_html_demo_template_enable | bool

- name: "(Setup: All NGINX) Dynamically Generate HTML Files"
- name: "Dynamically generate HTML files"
template:
src: "{{ item.value.template_file | default('www/index.html.j2') }}"
dest: "{{ item.value.html_file_location | default('/usr/share/nginx/html') }}/{{ item.value.html_file_name | default('index.html') }}"
@@ -14,28 +14,28 @@
with_dict: "{{ nginx_html_demo_template }}"
when: nginx_html_demo_template_enable | bool

- name: "(Setup: All NGINX) Ensure NGINX Main Directory Exists"
- name: "Ensure nginx main directory exists"
file:
path: "{{ nginx_main_template.conf_file_location | default('/etc/nginx') }}"
state: directory
when: nginx_main_template_enable | bool

- name: "(Setup: All NGINX) Dynamically Generate NGINX Main Configuration File"
- name: "Dynamically generate nginx main configuration file"
template:
src: "{{ nginx_main_template.template_file | default('nginx.conf.j2') }}"
dest: "{{ nginx_main_template.conf_file_location | default('/etc/nginx') }}/{{ nginx_main_template.conf_file_name | default('nginx.conf') }}"
backup: yes
when: nginx_main_template_enable | bool
notify: "(Handler: All OSs) Reload NGINX"
notify: "Reload nginx"

- name: "(Setup: All NGINX) Ensure NGINX HTTP Directory Exists"
- name: "Ensure nginx HTTP directory exists"
file:
path: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/') }}"
state: directory
with_dict: "{{ nginx_http_template }}"
when: nginx_http_template_enable | bool

- name: "(Setup: All NGINX) Ensure NGINX Proxy Cache Directories Exist"
- name: "Ensure nginx proxy cache directories exist"
file:
path: "{{ item.1.path }}"
state: directory
@@ -46,36 +46,27 @@
- skip_missing: true
when: nginx_http_template_enable | bool

- name: "(Setup: All NGINX) Dynamically Generate NGINX HTTP Configuration Files"
- name: "Dynamically generate nginx HTTP configuration files"
template:
src: "{{ item.value.template_file | default('http/default.conf.j2') }}"
dest: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/') }}/{{ item.value.conf_file_name | default('default.conf') }}"
backup: yes
with_dict: "{{ nginx_http_template }}"
when: nginx_http_template_enable | bool
notify: "(Handler: All OSs) Reload NGINX"
notify: "Reload nginx"


- name: "(Setup: All NGINX) Dynamically Generate NGINX API Configuration File"
template:
src: "{{ nginx_rest_api_template_file | default('http/api.conf.j2') }}"
dest: "{{ nginx_rest_api_file_location | default('/etc/nginx/conf.d/api.conf') }}"
backup: yes
notify: "(Handler: All OSs) Reload NGINX"
when: nginx_rest_api_enable | bool

- name: "(Setup: All NGINX) Ensure NGINX Stream Directory Exists"
- name: "Ensure nginx stream directory exists"
file:
path: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/stream/') }}"
state: directory
with_dict: "{{ nginx_stream_template }}"
when: nginx_stream_template_enable | bool

- name: "(Setup: All NGINX) Dynamically Generate NGINX Stream Configuration Files"
- name: "Dynamically generate nginx stream configuration files"
template:
src: "{{ item.value.template_file | default('stream/default.conf.j2') }}"
dest: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/stream/') }}/{{ item.value.conf_file_name | default('default.conf') }}"
backup: yes
with_dict: "{{ nginx_stream_template }}"
notify: "(Handler: All OSs) Reload NGINX"
notify: "Reload nginx"
when: nginx_stream_template_enable | bool

+ 16
- 16
tasks/conf/upload-config.yml View File

@@ -1,76 +1,76 @@
---
- name: "(Setup: All NGINX) Ensure NGINX Main Directory Exists"
- name: "Ensure nginx main directory exists"
file:
path: "{{ nginx_main_upload_dest | default('/etc/nginx/') }}"
state: directory
when: nginx_main_upload_enable | bool

- name: "(Setup: All NGINX) Upload NGINX Main Configuration File"
- name: "Upload nginx main configuration file"
copy:
src: "{{ nginx_main_upload_src | default('conf/nginx.conf') }}"
dest: "{{ nginx_main_upload_dest | default('/etc/nginx/') }}"
backup: yes
when: nginx_main_upload_enable | bool
notify: "(Handler: All OSs) Reload NGINX"
notify: "Reload nginx"

- name: "(Setup: All NGINX) Ensure NGINX HTTP Directory Exists"
- name: "Ensure nginx HTTP directory exists"
file:
path: "{{ nginx_http_upload_dest | default('/etc/nginx/conf.d/') }}"
state: directory
when: nginx_http_upload_enable | bool

- name: "(Setup: All NGINX) Upload NGINX HTTP Configuration Files"
- name: "Upload nginx HTTP configuration files"
copy:
src: "{{ item }}"
dest: "{{ nginx_http_upload_dest | default('/etc/nginx/conf.d/') }}"
backup: yes
with_fileglob: "{{ nginx_http_upload_src }}"
when: nginx_http_upload_enable | bool
notify: "(Handler: All OSs) Reload NGINX"
notify: "Reload nginx"

- name: "(Setup: All NGINX) Ensure NGINX Stream Directory Exists"
- name: "Ensure nginx stream directory exists"
file:
path: "{{ nginx_stream_upload_dest | default('/etc/nginx/conf.d/') }}"
state: directory
when: nginx_stream_upload_enable | bool

- name: "(Setup: All NGINX) Upload NGINX Stream Configuration Files"
- name: "Upload nginx stream configuration files"
copy:
src: "{{ item }}"
dest: "{{ nginx_stream_upload_dest | default('/etc/nginx/conf.d/') }}"
backup: yes
with_fileglob: "{{ nginx_stream_upload_src }}"
when: nginx_stream_upload_enable | bool
notify: "(Handler: All OSs) Reload NGINX"
notify: "Reload nginx"

- name: "(Setup: All NGINX) Ensure NGINX HTML Directory Exists"
- name: "Ensure nginx HTML directory exists"
file:
path: "{{ nginx_html_upload_dest | default('/usr/share/nginx/html') }}"
state: directory
when: nginx_html_upload_enable | bool

- name: "(Setup: All NGINX) Upload NGINX HTML Files"
- name: "Upload nginx HTML files"
copy:
src: "{{ item }}"
dest: "{{ nginx_html_upload_dest | default('/usr/share/nginx/html') }}"
backup: yes
with_fileglob: "{{ nginx_html_upload_src }}"
when: nginx_html_upload_enable | bool
notify: "(Handler: All OSs) Reload NGINX"
notify: "Reload nginx"

- name: "(Setup: All NGINX) Ensure SSL Certificate Directory Exists"
- name: "Ensure SSL certificate directory exists"
file:
path: "{{ nginx_ssl_crt_upload_dest | default('/etc/ssl/certs/') }}"
state: directory
when: nginx_ssl_upload_enable | bool

- name: "(Setup: All NGINX) Ensure SSL Key Directory Exists"
- name: "Ensure SSL key directory exists"
file:
path: "{{ nginx_ssl_key_upload_dest | default('/etc/ssl/private/') }}"
state: directory
when: nginx_ssl_upload_enable | bool

- name: "(Setup: All NGINX) Upload NGINX SSL Certificates"
- name: "Upload nginx SSL certificates"
copy:
src: "{{ item }}"
dest: "{{ nginx_ssl_crt_upload_dest | default('/etc/ssl/certs/') }}"
@@ -80,7 +80,7 @@
with_fileglob: "{{ nginx_ssl_crt_upload_src }}"
when: nginx_ssl_upload_enable | bool

- name: "(Setup: All NGINX) Upload NGINX SSL Keys"
- name: "Upload nginx SSL keys"
copy:
src: "{{ item }}"
dest: "{{ nginx_ssl_key_upload_dest | default('/etc/ssl/private/') }}"


+ 6
- 0
tasks/install.yml View File

@@ -0,0 +1,6 @@
---
- name: "Install nginx package"
package:
name: "nginx{{ nginx_version | default('') }}"
state: "{{ nginx_state }}"
notify: "Start nginx"

+ 0
- 13
tasks/keys/apk-key.yml View File

@@ -1,13 +0,0 @@
---
- name: "(Install: APK OSs) Set Default APK NGINX Signing Key URL"
set_fact:
default_keysite: https://nginx.org/keys/nginx_signing.rsa.pub

- name: "(Install: APK OSs) Set APK NGINX Signing Key URL"
set_fact:
keysite: "{{ nginx_signing_key | default(default_keysite) }}"

- name: "(Install: APK OSs) Download NGINX Signing Key"
get_url:
url: "{{ keysite }}"
dest: /etc/apk/keys/nginx_signing.rsa.pub

+ 0
- 12
tasks/keys/apt-key.yml View File

@@ -1,12 +0,0 @@
---
- name: "(Install: APT OSs) Set Default APT NGINX Signing Key URL"
set_fact:
default_keysite: https://nginx.org/keys/nginx_signing.key

- name: "(Install: APT OSs) Set APT NGINX Signing Key URL"
set_fact:
keysite: "{{ nginx_signing_key | default(default_keysite) }}"

- name: "(Install: APT OSs) Add APT NGINX Signing Key"
apt_key:
url: "{{ keysite }}"

+ 0
- 14
tasks/keys/rpm-key.yml View File

@@ -1,14 +0,0 @@
---
- name: "(Install: RPM OSs) Set Default RPM NGINX Signing Key"
set_fact:
default_keysite: >-
{{ (ansible_distribution_major_version|int == 6)
| ternary('http://nginx.org/keys/nginx_signing.key', 'https://nginx.org/keys/nginx_signing.key') }}

- name: "(Install: RPM OSs) Set RPM NGINX Signing Key URL"
set_fact:
keysite: "{{ nginx_signing_key | default(default_keysite) }}"

- name: "(Install: RPM OSs) Add RPM NGINX Signing Key"
rpm_key:
key: "{{ keysite }}"

+ 12
- 60
tasks/main.yml View File

@@ -1,85 +1,37 @@
---
- import_tasks: prerequisites/install-prerequisites.yml
- import_tasks: prerequisites.yml
tags: nginx_prerequisites

- import_tasks: keys/apt-key.yml
when:
- ansible_os_family == "Debian"
- nginx_install_from == "nginx_repository"
or nginx_amplify_enable
or nginx_unit_enable
tags: nginx_aptkey

- import_tasks: keys/rpm-key.yml
when:
- ansible_os_family == "RedHat"
or ansible_os_family == "Suse"
- nginx_install_from == "nginx_repository"
or nginx_amplify_enable
or nginx_unit_enable
tags: nginx_rpmkey

- import_tasks: keys/apk-key.yml
when: ansible_os_family == "Alpine"
tags: nginx_apkkey

- name: "(Install: Debian/Ubuntu/CentOS/RedHat/FreeBSD) Install NGINX"
- name: "Install nginx"
block:

- import_tasks: opensource/install-oss.yml
when: nginx_type == "opensource"
tags: nginx_install_oss

- import_tasks: plus/install-plus.yml
when: nginx_type == "plus"
tags: nginx_install_plus
- import_tasks: install.yml
tags: nginx_install

- import_tasks: conf/cleanup-config.yml
when: nginx_cleanup_config | bool
tags: nginx_cleanup_config

- import_tasks: conf/upload-config.yml
when: nginx_main_upload_enable
or nginx_http_upload_enable
or nginx_stream_upload_enable
or nginx_html_upload_enable
or nginx_ssl_upload_enable
when: nginx_main_upload_enable | bool
or nginx_http_upload_enable | bool
or nginx_stream_upload_enable | bool
or nginx_html_upload_enable | bool
or nginx_ssl_upload_enable | bool
tags: nginx_upload_config

- import_tasks: conf/template-config.yml
when: nginx_main_template_enable
or nginx_http_template_enable
or nginx_stream_template_enable
or nginx_rest_api_enable
when: nginx_main_template_enable | bool
or nginx_http_template_enable | bool
or nginx_stream_template_enable | bool
tags: nginx_template_config

- import_tasks: conf/setup-status.yml
when: nginx_status_enable | bool
tags: nginx_setup_status

- import_tasks: modules/install-modules.yml
when: true in nginx_modules.values()
tags: nginx_install_modules

- import_tasks: conf/debug-output.yml
when: nginx_debug_output | bool
tags: nginx_debug_output

- import_tasks: plus/delete-license.yml
when:
- nginx_type == "plus"
- nginx_delete_license
tags: nginx_delete_license

when: nginx_enable | bool

- import_tasks: amplify/install-amplify.yml
when:
- nginx_amplify_enable | bool
- nginx_amplify_api_key is defined
- nginx_amplify_api_key | length > 0
tags: nginx_install_amplify

- import_tasks: unit/install-unit.yml
when: nginx_unit_enable | bool
tags: nginx_install_unit

+ 0
- 29
tasks/modules/install-geoip.yml View File

@@ -1,29 +0,0 @@
---
- name: "(Install: CentOS) Install GeoIP Required CentOS Dependencies"
yum:
name:
- epel-release
when: ansible_distribution == "CentOS"

- name: "(Install: All OSs) Install NGINX Open Source GeoIP Module"
package:
name: "nginx-module-geoip{{ nginx_version | default('') }}"
state: present
when: nginx_type == "opensource"

- name: "(Install: All OSs) Install NGINX Plus GeoIP Module"
package:
name: "nginx-plus-module-geoip{{ nginx_version | default('') }}"
state: present
when: nginx_type == "plus"

- name: "(Setup: All NGINX) Load NGINX GeoIP Module"
lineinfile:
path: /etc/nginx/nginx.conf
insertbefore: BOF
line: "{{ item }}"
with_items:
- load_module modules/ngx_http_geoip_module.so;
- load_module modules/ngx_stream_geoip_module.so;
when: not nginx_main_template_enable
notify: "(Handler: All OSs) Reload NGINX"

+ 0
- 20
tasks/modules/install-image-filter.yml View File

@@ -1,20 +0,0 @@
---
- name: "(Install: All OSs) Install NGINX Open Source Image Filter Module"
package:
name: "nginx-module-image-filter{{ nginx_version | default('') }}"
state: present
when: nginx_type == "opensource"

- name: "(Install: All OSs) Install NGINX Plus Image Filter Module"
package:
name: "nginx-plus-module-image-filter{{ nginx_version | default('') }}"
state: present
when: nginx_type == "plus"

- name: "(Setup: All NGINX) Load NGINX Image Filter Module"
lineinfile:
path: /etc/nginx/nginx.conf
insertbefore: BOF
line: load_module modules/ngx_http_image_filter_module.so;
when: not nginx_main_template_enable
notify: "(Handler: All OSs) Reload NGINX"

+ 0
- 28
tasks/modules/install-modules.yml View File

@@ -1,28 +0,0 @@
---
- import_tasks: install-njs.yml
when: nginx_modules.njs | default(false)

- import_tasks: install-perl.yml
when: nginx_modules.perl | default(false)

- import_tasks: install-geoip.yml
when:
- nginx_modules.geoip | default(false)
- ansible_os_family != "RedHat"
- ansible_distribution_major_version != "8"

- import_tasks: install-image-filter.yml
when: nginx_modules.image_filter | default(false)

- import_tasks: install-rtmp.yml
when:
- nginx_modules.rtmp | default(false)
- nginx_type == "plus"

- import_tasks: install-xslt.yml
when: nginx_modules.xslt | default(false)

- import_tasks: install-waf.yml
when:
- nginx_modules.waf | default(false)
- nginx_type == "plus"

+ 0
- 23
tasks/modules/install-njs.yml View File

@@ -1,23 +0,0 @@
---
- name: "(Install: All OSs) Install NGINX Open Source JavaScript Module"
package:
name: "nginx-module-njs{{ nginx_version | default('') }}"
state: present
when: nginx_type == "opensource"

- name: "(Install: All OSs) Install NGINX Plus JavaScript Module"
package:
name: "nginx-plus-module-njs{{ nginx_version | default('') }}"
state: present
when: nginx_type == "plus"

- name: "(Setup: All NGINX) Load NGINX JavaScript Module"
lineinfile:
path: /etc/nginx/nginx.conf
insertbefore: BOF
line: "{{ item }}"
with_items:
- load_module modules/ngx_http_js_module.so;
- load_module modules/ngx_stream_js_module.so;
when: not nginx_main_template_enable
notify: "(Handler: All OSs) Reload NGINX"

+ 0
- 25
tasks/modules/install-perl.yml View File

@@ -1,25 +0,0 @@
---
- name: "(Install: All OSs) Install Perl Dependency"
package:
name: perl
state: present

- name: "(Install: All OSs) Install NGINX Open Source Perl Module"
package:
name: "nginx-module-perl{{ nginx_version | default('') }}"
state: present
when: nginx_type == "opensource"

- name: "(Install: All OSs) Install NGINX Plus Perl Module"
package:
name: "nginx-plus-module-perl{{ nginx_version | default('') }}"
state: present
when: nginx_type == "plus"

- name: "(Setup: All NGINX) Load NGINX Perl Module"
lineinfile:
path: /etc/nginx/nginx.conf
insertbefore: BOF
line: load_module modules/ngx_http_perl_module.so;
when: not nginx_main_template_enable