radityo
/
ansible-nginx
mirror of https://github.com/HanXHX/ansible-nginx.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
ansible-nginx/tests/test.yml

554 lines
18 KiB
YAML
Raw Normal View History

Init repo
2015-07-15 17:14:39 +07:00
---
- hosts: all
PHP works
2015-07-15 21:26:27 +07:00
pre_tasks:
Drop PHP version support (useless) + fix some bugs
2019-12-29 22:29:18 +07:00
Compat with modern ansible versions
2019-02-05 03:25:25 +07:00
- name: INCLUDE_TASKS | Pre_tasks related to OS version
include_tasks: "includes/pre_{{ ansible_distribution }}.yml"
Manage FreeBSD 11
2018-03-17 03:56:15 +07:00
Compat with modern ansible versions
2019-02-05 03:25:25 +07:00
- name: IMPORT_TASKS | Pre_tasks common
import_tasks: "includes/pre_common.yml"
Manage FreeBSD 11
2018-03-17 03:56:15 +07:00
Cleanup tests
2016-01-21 21:34:18 +07:00
- name: FILE | Create an internal SSL dir
YAML cleaning
2017-10-26 20:47:30 +07:00
file:
path: "{{ int_ansible_ssl_dir }}"
state: directory
Manage FreeBSD 11
2018-03-17 03:56:15 +07:00
Cleanup tests
2016-01-21 21:34:18 +07:00
- name: COPY | Deploy test certificate
YAML cleaning
2017-10-26 20:47:30 +07:00
copy:
src: "file/test.crt"
dest: "{{ int_ansible_ssl_dir }}/test.crt"
Manage FreeBSD 11
2018-03-17 03:56:15 +07:00
Cleanup tests
2016-01-21 21:34:18 +07:00
- name: COPY | Deploy test key
YAML cleaning
2017-10-26 20:47:30 +07:00
copy:
src: "file/test.key"
dest: "{{ int_ansible_ssl_dir }}/test.key"
Manage FreeBSD 11
2018-03-17 03:56:15 +07:00
Fix lints warnings (#40) * Add new filter plugins related to SSL * Ignore lint on few tasks
2019-04-26 18:29:06 +07:00
- name: COPY | Add all hosts in /etc/hosts
copy:
content: |
127.0.0.1 localhost
{% for s in nginx_sites %}
{% if s.name is string %}
127.0.0.1 {{ s.name }}
{% else %}
127.0.0.1 {% for n in s.name %}{{ n }} {% endfor %}
{% endif %}
{% if s.redirect_from is defined %}
127.0.0.1 {% for rf in s.redirect_from %}{{ rf }} {% endfor %}
{% endif %}
{% endfor %}
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
dest: "/etc/hosts"
unsafe_writes: yes
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
Vhost static OK (dirty)
2015-07-15 20:18:51 +07:00
vars:
Cleanup tests
2016-01-21 21:34:18 +07:00
# Internal vars
int_ansible_ssl_dir: '/etc/ansible-ssl'
# Role vars
[WIP] FreeBSD install ok
2016-03-05 21:07:39 +07:00
nginx_worker_processes: 1 # Ansible+FreeBSD can't detect CPU number
Add owncloud and prevent nginx from dotdeb
2016-08-11 02:29:03 +07:00
nginx_apt_package: 'nginx-extras'
Install modules OK
2017-12-15 01:55:22 +07:00
nginx_module_packages: ['libnginx-mod-http-headers-more-filter']
First shot proxy (unstable)
2015-10-08 23:21:40 +07:00
nginx_upstreams:
- name: 'test'
servers:
Fix jessie and add doc
2015-10-09 22:54:07 +07:00
- path: '127.0.0.1:80'
First shot proxy (unstable)
2015-10-08 23:21:40 +07:00
max_conns: 150
weight: 10
down: false
New feature: upstream state (remove upstream if needed)
2016-05-11 22:21:52 +07:00
- name: 'test-absent'
servers:
- path: '127.0.0.1:80'
max_conns: 150
weight: 10
down: false
state: 'absent'
Meilleure gestion des dossiers et htpasswd par location
2015-12-03 22:32:08 +07:00
nginx_htpasswd:
- name: 'hello'
description: 'Please login!'
users:
- name: 'hx'
password: 'asdfg'
state: 'absent'
- name: 'hanx'
password: 'qwerty'
- name: 'deleteme'
description: 'Please login!'
users: []
state: 'absent'
Let's encript certificate with acme.sh
2017-12-03 04:22:28 +07:00
nginx_acmesh: true
nginx_acmesh_test: true
Refactoring + SSL support
2016-01-12 00:20:42 +07:00
nginx_ssl_pairs:
Better SSL management - Use filter plugins - Acme: can use proxy protocol - Acme: uses all sites name - Acme: add more tests while crashing
2019-12-31 18:43:43 +07:00
- name: '{{ ngrok.stdout }}'
Let's encript certificate with acme.sh
2017-12-03 04:22:28 +07:00
acme: true
Add self-signed cert feature
2018-04-20 14:32:46 +07:00
- name: 'test-ssl-selfsigned.local'
self_signed: true
force: false
SSL with existing keys
2016-01-12 23:26:30 +07:00
- name: 'test-ssl-predeployed.local'
Cleanup tests
2016-01-21 21:34:18 +07:00
dest_key: "{{ int_ansible_ssl_dir }}/test.key"
dest_cert: "{{ int_ansible_ssl_dir }}/test.crt"
Refactoring + SSL support
2016-01-12 00:20:42 +07:00
- name: 'test-ssl.local'
key: |
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAvavrJWFp3Al2VwRgKx+4Y2mbRRvoxvyd2pyN0xMJ/tCJscaG
8s60v6WZ9FcCOeMkSI2DXsk4z7pbQdQn0h2GDr/5MOJkPAVWSWEN46tpaLZ3v0zp
88ZIbnEk1G0PsdFuW/pnLsakPlAMrl1VArFsV6YsatLt30UIYYcRO97StkoOehCx
A5w+XqtfHZeQZ0/DS81633gwYUcMuSTUFZ60r7ge1/m77DTSKg3rTVk5sebP8cjS
+aWHvxP/GyvvDsT+3gjRJx2/5O3JkfH0zaOsaU2Avj0PR0c5rhynrNO/l1k+GJJB
cbBrM+yA8Ofzp4oXUrCfaIq3RuL3Pd+khcKsiwIDAQABAoIBAQCPpAMQ7BUfbosQ
m1+5SOx7XR8Z12kSSX3CcY12rJSFRakB2TeZ6rE38lIFmV82N67iw0kaH4nGx3sU
/3aoyXMc+IXfX5RJYEFYkQfTw5ywkH9fgQAsfZ2dBlK+DVo1cEYDoj9CTW1VQ4pX
Ape+0l8agd5hiBxdWgpe0ctbbARnx584viLiA/iPBDNxKi9zEYw+WP7hSj5QWahr
a09tubcC4L6tjvv8CoZTRSKfCW64vWRDvE6vmA+zJN9Arc1WTYzF1KO1Gybwf8h7
stJb191smAgGDFhKo0j58ncyAnrS1k4mapm86QQhlfIA6DKvvC0qm3KdQns5b7HM
PyzW0hwBAoGBAO2mTVTOsziom9vtBwM0nRMMEgynR2X3EKMJz2mjcCf66f1F+aQ5
DvQFM2V8S2s1nGnPh8NKKZ8DxW1NKuR4qx82zeAXpUs9ibHxOnw4YRC485zqc2Wt
fSO1OEDYeKyzWP1nGGtCntYUXzJnWn/wz0mBGKzLKTuLwyFIKx1b7bybAoGBAMxR
N+lT57rX6d4GUqcgNOuWMZ/D8egnE5+hsoiFnHOisRLOgUgBBSy4rwAZx+rdHYT+
RO11L1PLYEzyvnO0f13R+N7aqKwNXDSzZGA+jb4pjkVidIC2smG/JYKJH5Z+kakw
mwMKP0wdRZJsCaMgScHmWJS8d6Ox/XJJoWrTWTbRAoGAWJlEgVaiaIArwz1F/QLz
gHNik0cWDkSi9jWlFxwwpycbbypUXM5M7dq2g6JoN6sACk6trbgLdlYgl5RKZm06
VuPGs0H9hOSHXkix5jfasDJT2G9r4D9ixRo9w6cwriobBjYWW3612tgzeYYgrkwn
655uhZUkZSfA8rqGIGbyZfsCgYAf5WH8G+wmIATTc1s92epJCOZwUY+XNVp75itP
4sPczX4lOHW4PuiG5cH0GxI5mRE9rNAn3c5on2xGNvMCbyAfDmNyruH8Eg3d8E9w
MvO/xw79x/P2EA9i8QszCKMUxGeK6RqZ6+SbxkoRJKqQe77n9UTI228179hoGhSH
77ySsQKBgQC8SSZn6a8PpSIIFXB9WCFMwfGFYbUz0wvpaeZP8GKx3BEzMeJqSUaJ
hrQgpwQXkueeamlCQcvV3AUCoBRWTYRLDrWiUIXuIgikDWBFp6TBvTnVRI7iktly
fNED7jXOSjJqnFmdkZlAI5V8dM++mVYVykJD6jcaVRQvxqFLrhSaRg==
-----END RSA PRIVATE KEY-----
cert: |
-----BEGIN CERTIFICATE-----
MIIDBTCCAe2gAwIBAgIJALKJfbk5vuieMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
BAMMDnRlc3Qtc3NsLmxvY2FsMB4XDTE2MDExMTE2NDI0NFoXDTI2MDEwODE2NDI0
NFowGTEXMBUGA1UEAwwOdGVzdC1zc2wubG9jYWwwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9q+slYWncCXZXBGArH7hjaZtFG+jG/J3anI3TEwn+0Imx
xobyzrS/pZn0VwI54yRIjYNeyTjPultB1CfSHYYOv/kw4mQ8BVZJYQ3jq2lotne/
TOnzxkhucSTUbQ+x0W5b+mcuxqQ+UAyuXVUCsWxXpixq0u3fRQhhhxE73tK2Sg56
ELEDnD5eq18dl5BnT8NLzXrfeDBhRwy5JNQVnrSvuB7X+bvsNNIqDetNWTmx5s/x
yNL5pYe/E/8bK+8OxP7eCNEnHb/k7cmR8fTNo6xpTYC+PQ9HRzmuHKes07+XWT4Y
kkFxsGsz7IDw5/OnihdSsJ9oirdG4vc936SFwqyLAgMBAAGjUDBOMB0GA1UdDgQW
BBRaSF1L+ivPhmIVGQjtviBqZWDS9DAfBgNVHSMEGDAWgBRaSF1L+ivPhmIVGQjt
viBqZWDS9DAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCjrgB9+Zuq
Rx7T2mRUl4jf75dLabuBQD0ePALTtvNyBSghhzSr90mE7GlFOYAv0JsmEa3R1LVF
wLPIdrIhNHpt7hN0PkhUlfgmxBnRSCfhpiq4xxsDVFM7ehtDz4+dv1LUDMXo07+E
f24g9aqmypiFzHisUQrYIhtQmHxRpKyGp6kDAW9qNxg6k/Um00aHdYfuD9ER4ksR
f8Hto7f+vssKxCRY2OZXqq13PxEwC5+hgAUkTdrycA/moXFuHJi3lCnCND7sSzvG
tXBggOusyFZFC4bs2m+V+Z+RN+tK2c/c0nq5HR8MV5HwIm4Z8GoT2/0BfJ00cgWL
lVz0gDBfdH8f
-----END CERTIFICATE-----
Add feature: new custom instructions
2015-12-09 23:06:59 +07:00
nginx_custom_http:
- 'add_header X-ansible 1;'
Manage FreeBSD 11
2018-03-17 03:56:15 +07:00
- 'geoip_country {% if ansible_distribution == "Debian" %}/usr/share/GeoIP/GeoIP.dat{% else %}/usr/local/share/GeoIP/GeoIP.dat{% endif %};'
Dynamic module management (closes #23)
2016-10-12 23:13:59 +07:00
- 'map $geoip_country_code $allowed_country {'
- ' default yes;'
- ' MA no;'
- ' DZ no;'
- ' TN no;'
- '}'
Fix some issues: - "main_name" is name/name[0] not filename - improve some tests - better proxy protocol handling (not necessary to declare ports twice)
2019-12-30 23:28:34 +07:00
nginx_default_site: 'test.local'
Renaming variables *vhost* -> *site* Vhost is an Apache configuration, not Nginx. Manages backward compatibility.
2017-04-25 17:27:08 +07:00
nginx_default_site_ssl: 'test-ssl-predeployed.local'
Remove legacy code
2017-10-03 22:38:06 +07:00
nginx_sites:
Migrate to jinja block ok
2015-07-30 18:02:21 +07:00
- name:
- 'test.local'
- 'test-alias.local'
- 'test2-alias.local'
template: '_base'
Each vhost can have his own filename
2016-03-04 22:38:40 +07:00
filename : 'first-test'
Fix some issues: - "main_name" is name/name[0] not filename - improve some tests - better proxy protocol handling (not necessary to declare ports twice)
2019-12-30 23:28:34 +07:00
override_try_files: '$uri/ $uri =404'
Add custom headers in vhost (moved from ssl helpers)
2016-03-15 16:51:14 +07:00
headers:
always directive managed for add_header option
2016-03-15 21:30:22 +07:00
'X-Frame-Options': 'deny always'
Add custom headers in vhost (moved from ssl helpers)
2016-03-15 16:51:14 +07:00
'X-ansible-default': '1'
New vhost option: manage_local_content
2015-10-19 14:39:51 +07:00
manage_local_content: false
vhost.filename used by log and directories creation
2016-10-07 15:50:05 +07:00
use_error_log: true
Add "more" info on vhost
2015-09-09 22:44:53 +07:00
more:
Fix more params and add upstream params
2015-09-21 16:47:49 +07:00
- 'autoindex off;'
New feature: custom location in vhost
2015-07-31 05:38:16 +07:00
location:
'/test':
- 'return 403;'
'/gunther':
- 'return 404;'
Test stub status on default http vhost
2016-02-09 22:57:13 +07:00
'/status':
- 'stub_status on;'
- 'access_log off;'
- 'allow 127.0.0.1;'
- 'deny all;'
Meilleure gestion des dossiers et htpasswd par location
2015-12-03 22:32:08 +07:00
- name: 'test-htpasswd.local'
template: '_base'
Manages locations before "/"
2019-02-20 21:13:25 +07:00
location_before:
Meilleure gestion des dossiers et htpasswd par location
2015-12-03 22:32:08 +07:00
'/hello':
- htpasswd: 'hello'
Manages locations before "/"
2019-02-20 21:13:25 +07:00
location:
Disabling htpasswd by setting false
2017-03-08 17:10:14 +07:00
'/public':
- htpasswd: false
Secure files permission
2016-11-25 17:33:20 +07:00
use_error_log: true
Meilleure gestion des dossiers et htpasswd par location
2015-12-03 22:32:08 +07:00
- name: 'test-htpasswd-all.local'
template: '_base'
htpasswd: 'hello'
location / can be overwrited
2015-11-03 20:31:50 +07:00
- name: 'test-location.local'
template: '_base'
Manages locations before "/"
2019-02-20 21:13:25 +07:00
location_before:
'/b':
- 'alias /var/tmp;'
'/c':
- 'alias /var/tmp;'
location / can be overwrited
2015-11-03 20:31:50 +07:00
location:
'/':
- 'alias /var/tmp;'
New feature: provide location order (#24 related)
2016-11-23 17:43:13 +07:00
'/a':
- 'alias /var/tmp;'
Manages locations before "/"
2019-02-20 21:13:25 +07:00
location_order_before:
- '/b'
- '/c'
New feature: provide location order (#24 related)
2016-11-23 17:43:13 +07:00
location_order:
- '/'
- '/a'
nginx_vhosts[x].name now accepts list or string
2015-10-22 15:25:30 +07:00
- name: 'test-php.local'
Drop PHP version support (useless) + fix some bugs
2019-12-29 22:29:18 +07:00
php_upstream: "manual"
Fix more params and add upstream params
2015-09-21 16:47:49 +07:00
upstream_params:
- 'fastcgi_param FOO bar;'
Add redirection_from test
2015-07-30 20:53:45 +07:00
redirect_from:
- 'www.test-php.local'
Migrate to jinja block ok
2015-07-30 18:02:21 +07:00
template: '_php'
PHP works on FreeBSD
2016-03-05 23:26:05 +07:00
use_error_log: true
use_access_log: true
Fix and improve tests/vhosts + php_index vhost
2015-11-02 22:30:46 +07:00
- name: 'test-php-index.local'
template: '_php_index'
Use upstream config from HanXHX.php role
2019-12-26 23:16:13 +07:00
php_upstream: 'hx_unix'
Add new site template: _php_index2
2017-11-27 19:33:41 +07:00
- name: 'test-php-index2.local'
template: '_php_index2'
Use upstream config from HanXHX.php role
2019-12-26 23:16:13 +07:00
php_upstream: 'hx_ip'
nginx_vhosts[x].name now accepts list or string
2015-10-22 15:25:30 +07:00
- name: 'test-proxy.local'
Test proxy with a real back-end: himself
2015-10-09 19:31:01 +07:00
listen:
- 8080
First shot proxy (unstable)
2015-10-08 23:21:40 +07:00
template: '_proxy'
upstream_name: 'test'
use headers instead of more
2016-03-15 23:15:46 +07:00
headers:
'X-proxyfied': '1'
nginx_vhosts[x].name now accepts list or string
2015-10-22 15:25:30 +07:00
- name: 'deleted.local'
Async task: generate dh
2016-12-07 13:48:32 +07:00
state: 'absent'
New feature on vhosts: "redirect_to"
2015-12-01 21:46:57 +07:00
- name: 'redirect-to.local'
redirect_to: 'http://test.local'
Support BackupPC
2015-12-23 23:37:58 +07:00
- name: 'backuppc.local'
template: '_backuppc'
htpasswd: 'hello'
Refactoring + SSL support
2016-01-12 00:20:42 +07:00
- name: 'test-ssl.local'
proto: ['http', 'https']
template: '_base'
Better SSL management - Use filter plugins - Acme: can use proxy protocol - Acme: uses all sites name - Acme: add more tests while crashing
2019-12-31 18:43:43 +07:00
- name:
- 'test-ssl-selfsigned.local'
- 'www.test-ssl-selfsigned.local'
Add self-signed cert feature
2018-04-20 14:32:46 +07:00
proto: ['http', 'https']
template: '_base'
SSL with existing keys
2016-01-12 23:26:30 +07:00
- name: 'test-ssl-predeployed.local'
proto: ['http', 'https']
template: '_base'
ssl_name: 'test-ssl-predeployed.local'
use headers instead of more
2016-03-15 23:15:46 +07:00
headers:
'X-ansible-default': '1'
SSL helper can be disabled
2016-03-15 18:16:57 +07:00
ssl_template: false
New feature: redirect_https (HTTP -> HTTPS)
2016-03-15 01:20:08 +07:00
- name: 'test-ssl-redirect.local'
proto: ['https']
template: '_base'
ssl_name: 'test-ssl.local'
redirect_https: true
Bug fix : redirect https with many names On a multiple name vhost with redirect_https, redirection is done with the origin name not the main name.
2017-04-13 19:21:14 +07:00
- name:
- 'test-ssl-redirect-many.local'
- 'test-ssl-redirect-many2.local'
fix redirect https : show port only if not 443
2017-04-13 20:16:53 +07:00
listen_ssl: [8443]
Bug fix : redirect https with many names On a multiple name vhost with redirect_https, redirection is done with the origin name not the main name.
2017-04-13 19:21:14 +07:00
proto: ['https']
template: '_base'
ssl_name: 'test-ssl.local'
redirect_https: true
redirect_from manages now https sites
2018-03-15 18:54:12 +07:00
redirect_from:
- 'www.test-ssl-redirect-many.local'
- 'www.test-ssl-redirect-many2.local'
Manage proxy protocol
2017-01-03 17:16:28 +07:00
- name: 'test-ssl-proxy-protocol.local'
proto: ['http', 'https']
Bind proxy_protocol on port
2017-01-03 18:07:31 +07:00
http_proxy_protocol_port: [20080]
https_proxy_protocol_port: [20443]
Manage proxy protocol
2017-01-03 17:16:28 +07:00
template: '_base'
ssl_name: 'test-ssl.local'
Add tests on proxy protocol
2019-12-30 23:43:18 +07:00
headers:
'X-Proxy-Protocol': '1'
Let's encript certificate with acme.sh
2017-12-03 04:22:28 +07:00
- name: '{{ ngrok.stdout }}'
proto: ['http', 'https']
Better SSL management - Use filter plugins - Acme: can use proxy protocol - Acme: uses all sites name - Acme: add more tests while crashing
2019-12-31 18:43:43 +07:00
http_proxy_protocol_port: [21080]
https_proxy_protocol_port: [21443]
Let's encript certificate with acme.sh
2017-12-03 04:22:28 +07:00
template: '_base'
ssl_name: '{{ ngrok.stdout }}'
headers:
'X-acme': '1'
Drop PHP version support (useless) + fix some bugs
2019-12-29 22:29:18 +07:00
nginx_php: "{{ [{'upstream_name': 'manual', 'sockets': [{'host': '127.0.0.1', 'port': '9636' }] }] }}"
Travis major changes: - Use Vagrant + Docker - Test multiple Ansible versions
2017-06-05 21:21:47 +07:00
nginx_dh_length: 1024
Init repo
2015-07-15 17:14:39 +07:00
roles:
- ../../
Add vhost testing
2015-07-15 22:24:50 +07:00
post_tasks:
Cleanup tests
2016-01-21 21:34:18 +07:00
# --------------------------------
# Apps
# --------------------------------
Compat with modern ansible versions
2019-02-05 03:25:25 +07:00
- name: INCLUDE_TASKS | Post_tasks related to OS version
include_tasks: "includes/post_{{ ansible_distribution }}.yml"
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
Cleanup tests
2016-01-21 21:34:18 +07:00
# --------------------------------
# Deploy index files
# --------------------------------
Add files to test vhosts
2015-07-16 21:24:44 +07:00
- name: -- Add PHP file --
YAML cleaning
2017-10-26 20:47:30 +07:00
copy:
dest: "{{ nginx_root }}/{{ item }}/public/index.php"
content: "<?php phpinfo();"
Fix deprecations (#35) * Drop Nagios support * Fix start PHP-FPM on Docker * Fix deprecations on Ansible 2.7 - with_ -> loop - fix filters as test - test version_compare -> version - set min_version to 2.5
2019-01-24 17:05:46 +07:00
loop:
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
- 'test-php.local'
- 'test-php-index.local'
Add new site template: _php_index2
2017-11-27 19:33:41 +07:00
- 'test-php-index2.local'
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
Add files to test vhosts
2015-07-16 21:24:44 +07:00
- name: -- Add HTML file --
YAML cleaning
2017-10-26 20:47:30 +07:00
copy:
dest: "{{ item }}/index.html"
content: "Index HTML test OK\n"
Fix deprecations (#35) * Drop Nagios support * Fix start PHP-FPM on Docker * Fix deprecations on Ansible 2.7 - with_ -> loop - fix filters as test - test version_compare -> version - set min_version to 2.5
2019-01-24 17:05:46 +07:00
loop:
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
- '{{ nginx_root }}/first-test/public'
- '/var/tmp'
- '{{ nginx_root }}/test-htpasswd-all.local/public'
- '{{ nginx_root }}/test-ssl.local/public'
Add self-signed cert feature
2018-04-20 14:32:46 +07:00
- '{{ nginx_root }}/test-ssl-selfsigned.local/public'
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
- '{{ nginx_root }}/test-ssl-predeployed.local/public'
- '{{ nginx_root }}/test-ssl-proxy-protocol.local/public'
Let's encript certificate with acme.sh
2017-12-03 04:22:28 +07:00
- '{{ nginx_root }}/{{ ngrok.stdout }}/public'
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
Config seems ok
2016-03-05 21:36:25 +07:00
- name: -- Create directory --
YAML cleaning
2017-10-26 20:47:30 +07:00
file:
path: "{{ nginx_root }}/test-htpasswd.local/public/hello"
state: directory
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
Config seems ok
2016-03-05 21:36:25 +07:00
- name: -- Add HTML file hello --
YAML cleaning
2017-10-26 20:47:30 +07:00
copy:
dest: "{{ nginx_root }}/test-htpasswd.local/public/hello/index.html"
content: "hello\n"
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
Cleanup tests
2016-01-21 21:34:18 +07:00
# --------------------------------
Deploy custom facts with nginx_vhosts
2016-11-29 20:32:27 +07:00
# Test custom facts
# --------------------------------
- name: -- CHECK FACTS --
assert:
Renaming variables *vhost* -> *site* Vhost is an Apache configuration, not Nginx. Manages backward compatibility.
2017-04-25 17:27:08 +07:00
that: "'{{ ansible_local.nginx.fact_nginx_sites[0].name[0] }}' == 'test.local'"
Deploy custom facts with nginx_vhosts
2016-11-29 20:32:27 +07:00
# --------------------------------
Renaming variables *vhost* -> *site* Vhost is an Apache configuration, not Nginx. Manages backward compatibility.
2017-04-25 17:27:08 +07:00
# Simple sites tests
Cleanup tests
2016-01-21 21:34:18 +07:00
# --------------------------------
Renaming variables *vhost* -> *site* Vhost is an Apache configuration, not Nginx. Manages backward compatibility.
2017-04-25 17:27:08 +07:00
- name: -- VERIFY SITES --
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
uri:
url: "http://{{ item | nginx_site_name }}{% if item.listen is defined %}:{{ item.listen[0] }}{% endif %}/"
status_code: '200,301,302,401,403'
follow_redirects: none
Fix deprecations (#35) * Drop Nagios support * Fix start PHP-FPM on Docker * Fix deprecations on Ansible 2.7 - with_ -> loop - fix filters as test - test version_compare -> version - set min_version to 2.5
2019-01-24 17:05:46 +07:00
loop: "{{ nginx_sites }}"
Vhost state (closes #19)
2016-08-30 16:06:38 +07:00
when: item.state is undefined or item.state != "absent"
Add vhost testing
2015-07-15 22:24:50 +07:00
changed_when: false
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
Fix and improve tests/vhosts + php_index vhost
2015-11-02 22:30:46 +07:00
- name: -- VERIFY FORBIDDEN --
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
uri:
url: "http://test-php-index.local/phpinfo.php"
status_code: 403
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
Renaming variables *vhost* -> *site* Vhost is an Apache configuration, not Nginx. Manages backward compatibility.
2017-04-25 17:27:08 +07:00
- name: -- VERIFY REDIRECT SITES --
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
uri:
url: "http://{{ item.redirect_from[0] }}/"
status_code: 301
follow_redirects: none
Fix deprecations (#35) * Drop Nagios support * Fix start PHP-FPM on Docker * Fix deprecations on Ansible 2.7 - with_ -> loop - fix filters as test - test version_compare -> version - set min_version to 2.5
2019-01-24 17:05:46 +07:00
loop: "{{ nginx_sites }}"
redirect_from manages now https sites
2018-03-15 18:54:12 +07:00
when: item.redirect_from is defined and (item.state is undefined or item.state != "absent") and (item.proto is not defined or 'https' not in item.proto)
changed_when: false
- name: -- VERIFY REDIRECT HTTPS SITES --
uri:
url: "https://{{ item.redirect_from[0] }}:{{ item.listen_ssl[0] | default(443) }}/"
status_code: 301
follow_redirects: none
validate_certs: no
Fix deprecations (#35) * Drop Nagios support * Fix start PHP-FPM on Docker * Fix deprecations on Ansible 2.7 - with_ -> loop - fix filters as test - test version_compare -> version - set min_version to 2.5
2019-01-24 17:05:46 +07:00
loop: "{{ nginx_sites }}"
redirect_from manages now https sites
2018-03-15 18:54:12 +07:00
when: item.redirect_from is defined and (item.state is undefined or item.state != "absent") and item.proto is defined and 'https' in item.proto
First try with travis
2015-08-04 17:26:38 +07:00
changed_when: false
Cleanup tests
2016-01-21 21:34:18 +07:00
Check PHP (should fix travis)
2016-01-21 23:54:24 +07:00
# --------------------------------
# PHP
# --------------------------------
New PHP management - New versions (7.x) - PHP upstream name - Sites can use : default PHP version, select first one by PHP version, select by upstream name - Add PHP filter plugin
2017-10-26 15:59:24 +07:00
- name: -- VERIFY PHP SITES --
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
uri:
Fix lints warnings (#40) * Add new filter plugins related to SSL * Ignore lint on few tasks
2019-04-26 18:29:06 +07:00
url: "http://{{ item.name }}/"
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
return_content: yes
Support many php versions (php7) + drop wheezy support
2016-08-09 21:02:09 +07:00
register: p
Fix deprecations (#35) * Drop Nagios support * Fix start PHP-FPM on Docker * Fix deprecations on Ansible 2.7 - with_ -> loop - fix filters as test - test version_compare -> version - set min_version to 2.5
2019-01-24 17:05:46 +07:00
loop: "{{ nginx_sites }}"
New PHP management - New versions (7.x) - PHP upstream name - Sites can use : default PHP version, select first one by PHP version, select by upstream name - Add PHP filter plugin
2017-10-26 15:59:24 +07:00
when: >
item.template is defined and
Add new site template: _php_index2
2017-11-27 19:33:41 +07:00
(item.template == '_php' or item.template == '_php_index' or item.template == '_php_index2')
Drop PHP version support (useless) + fix some bugs
2019-12-29 22:29:18 +07:00
failed_when: p.content.find('PHP Version') == -1
Support many php versions (php7) + drop wheezy support
2016-08-09 21:02:09 +07:00
Add new site template: _php_index2
2017-11-27 19:33:41 +07:00
- name: -- VERIFY INDEX2 --
uri:
url: "http://test-php-index2.local/lorem.php?ipsum=sit&dolor=amet"
return_content: yes
register: p2
failed_when: p2.content.find('PHP Version') == -1
Cleanup tests
2016-01-21 21:34:18 +07:00
# --------------------------------
# Basic Auth
# --------------------------------
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
- name: -- VERIFY AUTH BASIC NONE --
uri:
url: "http://test-htpasswd.local/hello/"
status_code: 401
- name: -- VERIFY AUTH BASIC FAIL --
uri:
url: "http://test-htpasswd.local/hello/"
status_code: 401
user: "fail"
password: "fail"
force_basic_auth: yes
- name: -- VERIFY AUTH BASIC OK --
uri:
url: "http://test-htpasswd.local/hello/"
user: "hanx"
password: "qwerty"
force_basic_auth: yes
- name: -- VERIFY AUTH BASIC FAIL GLOBAL --
uri:
url: "http://test-htpasswd-all.local/"
status_code: 401
user: "fail"
password: "fail"
force_basic_auth: yes
- name: -- VERIFY AUTH BASIC OK GLOBAL --
uri:
url: "http://test-htpasswd-all.local/"
user: "hanx"
password: "qwerty"
force_basic_auth: yes
Cleanup tests
2016-01-21 21:34:18 +07:00
# --------------------------------
# BackupPC
# --------------------------------
Support BackupPC
2015-12-23 23:37:58 +07:00
- name: -- VERIFY BACKUPPC --
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
uri:
url: "http://backuppc.local/"
user: "hanx"
password: "qwerty"
force_basic_auth: yes
return_content: yes
Support BackupPC
2015-12-23 23:37:58 +07:00
register: authbpc
Nagios OK on FreeBSD
2016-03-06 00:34:04 +07:00
when: ansible_distribution != 'FreeBSD'
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
failed_when: authbpc.content.find('BackupPC Server Status') == -1
Fix Nagios vhost and better tests
2016-01-21 21:16:21 +07:00
Manage default vhost. Closes #11
2016-01-21 23:08:01 +07:00
# --------------------------------
# SSL
# --------------------------------
Refactoring + SSL support
2016-01-12 00:20:42 +07:00
- name: -- VERIFY SSL --
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
uri:
url: "https://{{ item }}/"
return_content: yes
validate_certs: no
Cleanup tests
2016-01-21 21:34:18 +07:00
register: sslok
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
failed_when: sslok.content.find('Index HTML test OK') == -1
Fix deprecations (#35) * Drop Nagios support * Fix start PHP-FPM on Docker * Fix deprecations on Ansible 2.7 - with_ -> loop - fix filters as test - test version_compare -> version - set min_version to 2.5
2019-01-24 17:05:46 +07:00
loop:
SSL with existing keys
2016-01-12 23:26:30 +07:00
- 'test-ssl-predeployed.local'
Add self-signed cert feature
2018-04-20 14:32:46 +07:00
- 'test-ssl-selfsigned.local'
SSL with existing keys
2016-01-12 23:26:30 +07:00
- 'test-ssl.local'
Let's encript certificate with acme.sh
2017-12-03 04:22:28 +07:00
- '{{ ngrok.stdout }}'
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
New feature: redirect_https (HTTP -> HTTPS)
2016-03-15 01:20:08 +07:00
- name: -- VERIFY SSL REDIRECT --
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
uri:
url: "http://{{ item.name }}/"
validate_certs: no
status_code: 301
return_content: yes
follow_redirects: none
New feature: redirect_https (HTTP -> HTTPS)
2016-03-15 01:20:08 +07:00
register: sslredirok
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
failed_when: '"https://%s%s" % (item.name, ":" + item.port if item.port is defined else "") not in sslredirok.location'
Fix deprecations (#35) * Drop Nagios support * Fix start PHP-FPM on Docker * Fix deprecations on Ansible 2.7 - with_ -> loop - fix filters as test - test version_compare -> version - set min_version to 2.5
2019-01-24 17:05:46 +07:00
loop:
fix redirect https : show port only if not 443
2017-04-13 20:16:53 +07:00
- name: 'test-ssl-redirect.local'
- name: 'test-ssl-redirect-many.local'
port: '8443'
- name: 'test-ssl-redirect-many2.local'
port: '8443'
Refactoring + SSL support
2016-01-12 00:20:42 +07:00
Manage default vhost. Closes #11
2016-01-21 23:08:01 +07:00
# --------------------------------
Renaming variables *vhost* -> *site* Vhost is an Apache configuration, not Nginx. Manages backward compatibility.
2017-04-25 17:27:08 +07:00
# Default sites
Manage default vhost. Closes #11
2016-01-21 23:08:01 +07:00
# --------------------------------
Renaming variables *vhost* -> *site* Vhost is an Apache configuration, not Nginx. Manages backward compatibility.
2017-04-25 17:27:08 +07:00
- name: -- VERIFY DEFAULT SITE --
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
uri:
url: 'http://127.0.0.1/'
return_content: yes
Manage default vhost. Closes #11
2016-01-21 23:08:01 +07:00
register: vdefault
failed_when: >
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
vdefault.content.find('Index HTML test OK') == -1 or
vdefault.x_ansible_default is not defined
- name: -- VERIFY DEFAULT SITE + STUB STATUS--
uri:
url: 'http://127.0.0.1/status'
return_content: yes
register: vdefault_status
failed_when: >
vdefault_status.content.find('Active connections') == -1 or
vdefault_status.x_ansible_default is not defined
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
Renaming variables *vhost* -> *site* Vhost is an Apache configuration, not Nginx. Manages backward compatibility.
2017-04-25 17:27:08 +07:00
- name: -- VERIFY DEFAULT SSL SITE --
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
uri:
url: 'https://127.0.0.1/'
return_content: yes
validate_certs: no
register: vdefault
Manage default vhost. Closes #11
2016-01-21 23:08:01 +07:00
failed_when: >
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
vdefault.content.find('Index HTML test OK') == -1 or
vdefault.x_ansible_default is not defined
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
Renaming variables *vhost* -> *site* Vhost is an Apache configuration, not Nginx. Manages backward compatibility.
2017-04-25 17:27:08 +07:00
- name: -- VERIFY NOT DEFAULT SITE --
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
uri:
url: 'http://test-php.local/'
return_content: yes
Manage default vhost. Closes #11
2016-01-21 23:08:01 +07:00
register: vphp
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
failed_when: vphp.x_ansible_default is defined
Add blank lines, spaces... (readability)
2017-06-14 23:00:30 +07:00
Renaming variables *vhost* -> *site* Vhost is an Apache configuration, not Nginx. Manages backward compatibility.
2017-04-25 17:27:08 +07:00
- name: -- VERIFY NOT DEFAULT SSL SITE --
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
uri:
url: 'https://test-ssl.local/'
return_content: yes
validate_certs: no
Manage default vhost. Closes #11
2016-01-21 23:08:01 +07:00
register: notdefaultssl
Tests with uri module (closes #25)
2017-10-27 20:27:16 +07:00
failed_when: notdefaultssl.x_ansible_default is defined
Add HTTP2 check
2016-03-05 17:29:37 +07:00
Add tests on proxy protocol
2019-12-30 23:43:18 +07:00
# --------------------------------
# Check Proxy protocol
# --------------------------------
- name: SHELL | Check HTTP proxy protocol
shell: curl -I --haproxy-protocol http://test-ssl-proxy-protocol.local:20080 | grep -qi 'X-Proxy-Protocol'
args:
executable: /bin/sh
warn: no
changed_when: false
tags:
- skip_ansible_lint
- name: SHELL | Check HTTPS proxy protocol
shell: curl -I --haproxy-protocol -k https://test-ssl-proxy-protocol.local:20443 | grep -qi 'X-Proxy-Protocol'
args:
executable: /bin/sh
warn: no
changed_when: false
tags:
- skip_ansible_lint
Add HTTP2 check
2016-03-05 17:29:37 +07:00
# --------------------------------
# Check HTTP2
# --------------------------------
Fix check HTTP2 on FreeBSD (multi-OS code)
2016-03-09 01:37:39 +07:00
- name: SHELL | Check HTTP2
shell: nghttp -nv https://localhost 2> /dev/null | grep -q h2
args:
executable: /bin/sh
changed_when: false
when: nginx_auto_config_httpv2 and 'http_v2' in nginx_modules
Fix lints warnings (#40) * Add new filter plugins related to SSL * Ignore lint on few tasks
2019-04-26 18:29:06 +07:00
tags:
- skip_ansible_lint