2016-03-07 18:05:58 +07:00
Nginx for Debian/FreeBSD Ansible role
=====================================
2015-07-15 17:14:39 +07:00
2016-03-16 01:48:00 +07:00
[![Ansible Galaxy ](http://img.shields.io/badge/ansible--galaxy-HanXHX.nginx-blue.svg )](https://galaxy.ansible.com/HanXHX/nginx/) [![Build Status ](https://travis-ci.org/HanXHX/ansible-nginx.svg?branch=master )](https://travis-ci.org/HanXHX/ansible-nginx)
2015-08-04 17:40:54 +07:00
2016-03-07 18:05:58 +07:00
Install and configure Nginx on Debian/FreeBSD.
2015-07-31 17:28:25 +07:00
2016-01-12 20:48:53 +07:00
Features:
- SSL/TLS "hardened" support
2017-04-25 17:27:08 +07:00
- Manage basic auth on site / location
2016-01-12 20:48:53 +07:00
- Proxy + Upstream
- Fast PHP configuration
2017-04-25 17:27:08 +07:00
- Preconfigured site templates (should work on many app)
- Auto-configure HTTP2 on SSL/TLS sites
2016-11-23 17:43:13 +07:00
- Manage dynamic modules (install and loading)
2016-11-29 20:32:27 +07:00
- Deploy custom facts.d with sites config
2017-01-03 17:16:28 +07:00
- Can listen with proxy protocol
2017-12-03 04:22:28 +07:00
- Generate certificates with acme.sh (let's encrypt) -- *EXPERIMENTAL*
2015-07-15 17:14:39 +07:00
2018-03-17 18:24:19 +07:00
Supported OS:
| OS | Working | Stable (active support) |
| ------------------ | ------- | ----------------------- |
2019-02-13 20:39:32 +07:00
| Debian Jessie (8) | Yes | Check latest supported version ([1.5.0](https://github.com/HanXHX/ansible-nginx/releases/tag/1.5.0)) |
2018-03-17 18:24:19 +07:00
| Debian Stretch (9) | Yes | Yes |
| FreeBSD 11 | Yes | No |
| FreeBSD 12 | Yes | No |
2015-07-15 17:14:39 +07:00
Requirements
------------
2019-02-13 20:39:32 +07:00
Ansible 2.6+. If you set true to `nginx_backports` , you must install backports repository before lauching this role.
2015-07-15 17:14:39 +07:00
Role Variables
--------------
2016-01-12 18:14:36 +07:00
### Packaging
2016-03-07 18:08:34 +07:00
Debian:
2016-01-12 20:48:53 +07:00
- `nginx_apt_package` : APT nginx package (try: apt-cache search ^nginx)
- `nginx_backports` : Install nginx from backport repository (bool)
2016-01-12 18:14:36 +07:00
2016-03-07 18:08:34 +07:00
FreeBSD:
- `nginx_pkgng_package` : PKGNG nginx package (should be "nginx" or "nginx-devel")
2016-01-12 18:14:36 +07:00
### Shared
2016-01-12 20:48:53 +07:00
- `nginx_root` : root directory where you want to have your files
- `nginx_log_dir` : log directory (if you change it, don't forget to change logrotate config)
- `nginx_resolver` : list of DNS resolver (default: OpenDNS)
- `nginx_error_log_level` : default log level
2016-01-12 21:10:43 +07:00
- `nginx_auto_config_httpv2` : boolean, auto configure HTTP2 where possible
2016-08-30 22:14:34 +07:00
- `nginx_fastcgi_fix_realpath` : boolean, use realpath for fastcgi (fix problems with symlinks and PHP opcache)
2015-07-16 16:44:25 +07:00
### Nginx Configuration
2016-01-12 20:48:53 +07:00
- `nginx_user`
- `nginx_worker_processes`
- `nginx_pid` : daemon pid file
- `nginx_events_*` : all variables in events block
- `nginx_http_*` : all variables in http block
- `nginx_custom_http` : instructions list (will put data in `/etc/nginx/conf.d/custom.conf` )
2018-03-17 18:54:57 +07:00
- `nginx_module_packages` : package list module to install (Debian)
- `nginx_load_modules` : module list to load (full path), should be used only on FreeBSD
2015-07-16 16:44:25 +07:00
2018-03-15 22:10:37 +07:00
### Misc
- `nginx_debug_role` : set _true_ if you need to see output of no\_log tasks
2017-03-13 15:51:06 +07:00
About modules
-------------
Last updates from Debian backports loads modules from /etc/nginx/modules-enabled directory. Disabling/Enabling is not supported anymore. Please wait further update.
2016-01-12 18:14:36 +07:00
Fine configuration
------------------
2015-10-09 22:54:07 +07:00
2017-04-25 17:27:08 +07:00
[Site configuration ](doc/site.md )
2015-10-09 22:54:07 +07:00
2016-01-12 18:14:36 +07:00
[PHP configuration ](doc/php.md )
2015-07-15 17:14:39 +07:00
2016-01-12 18:14:36 +07:00
[Upstream Configuration ](doc/upstream.md )
2015-12-03 23:24:58 +07:00
2016-01-12 18:14:36 +07:00
[SSL/TLS Configuration ](doc/ssl.md )
2015-12-03 23:24:58 +07:00
2016-01-12 18:14:36 +07:00
[Basic Auth ](doc/auth.md )
2015-12-03 23:24:58 +07:00
2016-03-07 18:05:58 +07:00
[FreeBSD ](doc/freebsd.md )
2017-12-03 04:22:28 +07:00
[acme.sh ](doc/acme.md )
2015-12-03 23:24:58 +07:00
2016-03-06 00:43:49 +07:00
Note
----
- Active support for Debian.
- FreeBSD support is experimental (no Travis). I only test (for the moment) 10.2 (but it can work on other versions).
- I don't manage BackupPC for FreeBSD (PR welcome).
2015-07-15 17:14:39 +07:00
Dependencies
------------
2015-07-16 16:44:25 +07:00
None
2015-07-15 17:14:39 +07:00
Example Playbook
----------------
2015-12-01 22:35:56 +07:00
See [tests/test.yml ](tests/test.yml ).
2015-07-15 17:14:39 +07:00
License
-------
2015-07-16 16:44:25 +07:00
GPLv2
2015-07-15 17:14:39 +07:00
2017-12-09 23:05:02 +07:00
Donation
--------
If this code helped you, or if you’ ve used them for your projects, feel free to buy me some :beers:
- Bitcoin: `1BQwhBeszzWbUTyK4aUyq3SRg7rBSHcEQn`
- Ethereum: `63abe6b2648fd892816d87a31e3d9d4365a737b5`
- Litecoin: `LeNDw34zQLX84VvhCGADNvHMEgb5QyFXyD`
- Monero: `45wbf7VdQAZS5EWUrPhen7Wo4hy7Pa7c7ZBdaWQSRowtd3CZ5vpVw5nTPphTuqVQrnYZC72FXDYyfP31uJmfSQ6qRXFy3bQ`
No crypto-currency? :star: the project is also a way of saying thank you! :sunglasses:
2015-07-15 17:14:39 +07:00
Author Information
------------------
2015-12-01 22:35:56 +07:00
- Twitter: [@hanxhx_ ](https://twitter.com/hanxhx_ )