From e00313bb3613d0db74c5a10150345a7380bd46b0 Mon Sep 17 00:00:00 2001 From: Emilien Mantel Date: Sat, 5 Mar 2016 15:07:39 +0100 Subject: [PATCH 01/10] [WIP] FreeBSD install ok --- Vagrantfile | 17 +++++++++++ defaults/main.yml | 8 ++--- tasks/config.yml | 4 +-- tasks/{install.yml => install_Debian.yml} | 0 tasks/install_FreeBSD.yml | 15 ++++++++++ tasks/main.yml | 6 +++- tasks/upstream.yml | 8 +++-- tasks/vhost.yml | 20 ++++++------- templates/etc/nginx/nginx.conf.j2 | 2 +- tests/test.yml | 36 ++++++++++++++--------- vars/Debian.yml | 3 ++ vars/FreeBSD.yml | 5 ++++ 12 files changed, 89 insertions(+), 35 deletions(-) rename tasks/{install.yml => install_Debian.yml} (100%) create mode 100644 tasks/install_FreeBSD.yml create mode 100644 vars/Debian.yml create mode 100644 vars/FreeBSD.yml diff --git a/Vagrantfile b/Vagrantfile index 6051f70..b52c54a 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -6,6 +6,7 @@ Vagrant.configure("2") do |config| vms = [ + [ "freebsd-10.2", "freebsd/FreeBSD-10.2-STABLE" ], [ "debian-wheezy", "debian/wheezy64" ], [ "debian-jessie", "debian/jessie64" ], [ "debian-stretch", "sharlak/debian_stretch_64" ] @@ -21,11 +22,27 @@ Vagrant.configure("2") do |config| m.vm.box = vm[1] m.vm.network "private_network", type: "dhcp" + # See: https://forums.freebsd.org/threads/52717/ + if vm[0] = "freebsd-10.2" + m.vm.guest = :freebsd + m.vm.synced_folder ".", "/vagrant", id: "vagrant-root", disabled: true + m.ssh.shell = "sh" + #m.vm.base_mac = "0800278DFFF5" + m.vm.base_mac = "080027D14C66" + #m.vm.network "public_network", bridge: 'enp4s0', auto_config: false + m.vm.provision "shell", inline: "pkg install -y python bash" + end + m.vm.provision "ansible" do |ansible| ansible.playbook = "tests/test.yml" ansible.groups = { "test" => [ vm[0] ] } ansible.verbose = 'vv' ansible.sudo = true + if vm[0] = "freebsd-10.2" + ansible.extra_vars = { + ansible_python_interpreter: '/usr/local/bin/python' + } + end end end end diff --git a/defaults/main.yml b/defaults/main.yml index 68a5320..86c8b19 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -8,7 +8,6 @@ nginx_backports: false # nginx_root: "/srv/www" nginx_log_dir: '/var/log/nginx' -nginx_pid: '/run/nginx.pid' nginx_resolver_hosts: ['8.8.8.8', '8.8.4.4'] nginx_resolver_valid: '300s' nginx_resolver_timeout: '5s' @@ -20,9 +19,9 @@ nginx_default_vhost_ssl: null # # Nginx directories # -nginx_htpasswd_dir: '/etc/nginx/htpasswd' -nginx_ssl_dir: '/etc/nginx/ssl' -nginx_helper_dir: '/etc/nginx/helper' +nginx_htpasswd_dir: '{{ nginx_etc_dir}}/htpasswd' +nginx_ssl_dir: '{{ nginx_etc_dir}}/ssl' +nginx_helper_dir: '{{ nginx_etc_dir}}/helper' # # Load upstream @@ -45,7 +44,6 @@ nginx_worker_processes: '{{ ansible_processor_vcpus }}' # nginx_events_worker_connections: '512' nginx_events_multi_accept: 'on' -nginx_events_use: 'epoll' # # Nginx HTTP diff --git a/tasks/config.yml b/tasks/config.yml index 838ac0f..7aea924 100644 --- a/tasks/config.yml +++ b/tasks/config.yml @@ -3,7 +3,7 @@ - name: TEMPLATE | Deploy nginx.conf template: > src=etc/nginx/nginx.conf.j2 - dest=/etc/nginx/nginx.conf + dest="{{ nginx_etc_dir }}/nginx.conf" notify: reload nginx - name: TEMPLATE | Deploy all helpers @@ -16,6 +16,6 @@ - name: TEMPLATE | Deploy custom http configuration template: > src=etc/nginx/conf.d/custom.conf.j2 - dest=/etc/nginx/conf.d/custom.conf + dest="{{ nginx_etc_dir }}/conf.d/custom.conf" notify: reload nginx diff --git a/tasks/install.yml b/tasks/install_Debian.yml similarity index 100% rename from tasks/install.yml rename to tasks/install_Debian.yml diff --git a/tasks/install_FreeBSD.yml b/tasks/install_FreeBSD.yml new file mode 100644 index 0000000..2083c5e --- /dev/null +++ b/tasks/install_FreeBSD.yml @@ -0,0 +1,15 @@ +--- + +- name: PKGNG | Install nginx and related tools + pkgng: name=nginx state=present + with_items: + - nginx + - py27-passlib + - curl + +- name: FILE | Create configuration dir (like Debian) + file: path="{{ nginx_etc_dir }}/{{ item }}" state=directory + with_items: + - conf.d + - sites-available + - sites-enabled diff --git a/tasks/main.yml b/tasks/main.yml index 9a9e96c..7768d31 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,7 +1,11 @@ --- + +- name: INCLUDE_VARS | Related to OS + include_vars: "{{ ansible_distribution }}.yml" + - name: INCLUDE | Install - include: install.yml + include: install_{{ ansible_distribution }}.yml - name: INCLUDE | Prepare include: prepare.yml diff --git a/tasks/upstream.yml b/tasks/upstream.yml index cda9765..4092630 100644 --- a/tasks/upstream.yml +++ b/tasks/upstream.yml @@ -1,11 +1,15 @@ --- - name: TEMPLATE | Deploy PHP upstream to Nginx - template: src=etc/nginx/upstream/php.conf.j2 dest=/etc/nginx/conf.d/php.conf + template: > + src=etc/nginx/upstream/php.conf.j2 + dest="{{ nginx_etc_dir }}/conf.d/php.conf" when: nginx_php notify: reload nginx - name: TEMPLATE | Deploy other upstreams - template: src=etc/nginx/upstream/upstream.conf.j2 dest=/etc/nginx/conf.d/upstream-{{ item.name }}.conf + template: > + src=etc/nginx/upstream/upstream.conf.j2 + dest={{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf with_items: "{{ nginx_upstreams }}" notify: reload nginx diff --git a/tasks/vhost.yml b/tasks/vhost.yml index e20d82b..ba29240 100644 --- a/tasks/vhost.yml +++ b/tasks/vhost.yml @@ -17,8 +17,8 @@ file: > path={{ nginx_root }}/{{ item.name if item.name is string else item.name[0] }}/public state=directory - owner={{ item.owner | default('www-data') }} - group={{ item.group | default('www-data') }} + owner={{ item.owner | default(nginx_user) }} + group={{ item.group | default(nginx_user) }} mode={{ item.mode | default('0755') }} with_items: "{{ nginx_vhosts }}" when: > @@ -30,21 +30,21 @@ - name: TEMPLATE | Create vhosts template: > src=etc/nginx/sites-available/{{ item.template if item.redirect_to is not defined else '_redirect' }}.j2 - dest=/etc/nginx/sites-available/{{ item.name if item.name is string else item.name[0] }} + dest={{ nginx_etc_dir }}/sites-available/{{ item.name if item.name is string else item.name[0] }} with_items: "{{ nginx_vhosts }}" notify: reload nginx when: item.delete is not defined or not item.delete - name: FILE | Delete vhosts - file: path=/etc/nginx/sites-available/{{ item.name if item.name is string else item.name[0] }} state=absent + file: path={{ nginx_etc_dir }}/sites-available/{{ item.name if item.name is string else item.name[0] }} state=absent with_items: "{{ nginx_vhosts }}" notify: reload nginx when: item.delete is defined and item.delete - name: FILE | Enable vhosts file: > - src=/etc/nginx/sites-available/{{ item.name if item.name is string else item.name[0] }} - dest=/etc/nginx/sites-enabled/{{ item.name if item.name is string else item.name[0] }} + src={{ nginx_etc_dir }}/sites-available/{{ item.name if item.name is string else item.name[0] }} + dest={{ nginx_etc_dir }}/sites-enabled/{{ item.name if item.name is string else item.name[0] }} state=link with_items: "{{ nginx_vhosts }}" notify: reload nginx @@ -54,22 +54,22 @@ (item.delete is not defined or not item.delete) - name: FILE | Disable vhosts - file: path=/etc/nginx/sites-enabled/{{ item.name if item.name is string else item.name[0] }} state=absent + file: path={{ nginx_etc_dir}}/sites-enabled/{{ item.name if item.name is string else item.name[0] }} state=absent with_items: "{{ nginx_vhosts }}" notify: reload nginx when: (item.enable is defined and not item.enable) or (item.delete is defined and item.delete) - name: FILE | Delete default vhost when explicitely defined file: > - path=/etc/nginx/sites-enabled/default + path={{ nginx_etc_dir }}/sites-enabled/default state=absent notify: reload nginx when: nginx_default_vhost is not none - name: FILE | Auto set default vhost file: > - src=/etc/nginx/sites-available/default - dest=/etc/nginx/sites-enabled/default + src={{ nginx_etc_dir }}/sites-available/default + dest={{ nginx_etc_dir }}/sites-enabled/default state=link notify: reload nginx when: nginx_default_vhost is none diff --git a/templates/etc/nginx/nginx.conf.j2 b/templates/etc/nginx/nginx.conf.j2 index 06a97a8..060915d 100644 --- a/templates/etc/nginx/nginx.conf.j2 +++ b/templates/etc/nginx/nginx.conf.j2 @@ -14,7 +14,7 @@ events { http { types_hash_max_size {{ nginx_http_types_hash_max_size }}; - include /etc/nginx/mime.types; + include {{ nginx_etc_dir }}/mime.types; default_type {{ nginx_http_default_type }}; access_log {{ nginx_http_access_log }}; diff --git a/tests/test.yml b/tests/test.yml index 2939ec4..87e23b3 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -2,20 +2,27 @@ - hosts: all pre_tasks: - - name: APT_REPOSITORY | Install backports - apt_repository: repo='deb http://httpredir.debian.org/debian {{ ansible_distribution_release }}-backports main' state=present - - name: APT | Install needed packages - apt: pkg={{ item }} update_cache=yes cache_valid_time=3600 state=present - with_items: - - php5-fpm - - curl - - fcgiwrap - - name: SERVICE | Force start services - service: name={{ item }} state=started - register: sf - with_items: - - php5-fpm - - fcgiwrap + - block: + - name: APT_REPOSITORY | Install backports + apt_repository: repo='deb http://httpredir.debian.org/debian {{ ansible_distribution_release }}-backports main' state=present + - name: APT | Install needed packages + apt: pkg={{ item }} update_cache=yes cache_valid_time=3600 state=present + with_items: + - php5-fpm + - curl + - fcgiwrap + - name: SERVICE | Force start services + service: name={{ item }} state=started + register: sf + with_items: + - php5-fpm + - fcgiwrap + when: ansible_distribution == 'Debian' + - block: + - name: SET_FACT | FreeBSD web user + set_fact: + nginx_user: 'www' + when: ansible_distribution == 'FreeBSD' - name: PAUSE | Prevent bugs (CGI not fully loaded) pause: seconds=5 when: sf.changed @@ -29,6 +36,7 @@ # Internal vars int_ansible_ssl_dir: '/etc/ansible-ssl' # Role vars + nginx_worker_processes: 1 # Ansible+FreeBSD can't detect CPU number nginx_backports: true nginx_php: true nginx_upstreams: diff --git a/vars/Debian.yml b/vars/Debian.yml new file mode 100644 index 0000000..4f7c86f --- /dev/null +++ b/vars/Debian.yml @@ -0,0 +1,3 @@ +nginx_events_use: 'epoll' +nginx_pid: '/run/nginx.pid' +nginx_etc_dir: '/etc/nginx' diff --git a/vars/FreeBSD.yml b/vars/FreeBSD.yml new file mode 100644 index 0000000..96da262 --- /dev/null +++ b/vars/FreeBSD.yml @@ -0,0 +1,5 @@ +nginx_events_use: 'kqueue' +nginx_pid: '/var/run/nginx.pid' +nginx_etc_dir: '/usr/local/etc/nginx' + +# TODO: it's a dirty to force variable here! From 791832f6d104dc6a21dea4dfaf90f723fb2a54ef Mon Sep 17 00:00:00 2001 From: Emilien Mantel Date: Sat, 5 Mar 2016 15:36:25 +0100 Subject: [PATCH 02/10] Config seems ok --- tasks/install_FreeBSD.yml | 11 +++++++++++ templates/etc/nginx/nginx.conf.j2 | 4 ++-- templates/etc/nginx/sites-available/_backuppc.j2 | 2 +- templates/etc/nginx/sites-available/_proxy.j2 | 2 +- tests/test.yml | 7 ++++--- 5 files changed, 19 insertions(+), 7 deletions(-) diff --git a/tasks/install_FreeBSD.yml b/tasks/install_FreeBSD.yml index 2083c5e..c6c30c6 100644 --- a/tasks/install_FreeBSD.yml +++ b/tasks/install_FreeBSD.yml @@ -13,3 +13,14 @@ - conf.d - sites-available - sites-enabled + +- name: FILE | Follow Debian ;) + file: > + src="{{ nginx_etc_dir }}/fastcgi_params" + dest="{{ nginx_etc_dir }}/fastcgi.conf" + state=link + +- name: COPY | Populate proxy_params + copy: > + content="proxy_set_header Host $http_host;\nproxy_set_header X-Real-IP $remote_addr;\nproxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header X-Forwarded-Proto $scheme;" + dest="{{ nginx_etc_dir }}/proxy_params" diff --git a/templates/etc/nginx/nginx.conf.j2 b/templates/etc/nginx/nginx.conf.j2 index 060915d..4d21ebc 100644 --- a/templates/etc/nginx/nginx.conf.j2 +++ b/templates/etc/nginx/nginx.conf.j2 @@ -45,8 +45,8 @@ http { gzip_vary {{ nginx_http_gzip_vary }}; gzip_disable {{ nginx_http_gzip_disable }}; - include /etc/nginx/conf.d/*.conf; - include /etc/nginx/sites-enabled/*; + include {{ nginx_etc_dir }}/conf.d/*.conf; + include {{ nginx_etc_dir }}/sites-enabled/*; } # vim:filetype=nginx diff --git a/templates/etc/nginx/sites-available/_backuppc.j2 b/templates/etc/nginx/sites-available/_backuppc.j2 index c5bb887..9de6a8b 100644 --- a/templates/etc/nginx/sites-available/_backuppc.j2 +++ b/templates/etc/nginx/sites-available/_backuppc.j2 @@ -25,7 +25,7 @@ {% block template_upstream_location %} location ~ \.cgi$ { gzip off; - include /etc/nginx/fastcgi_params; + include {{ nginx_etc_dir }}/fastcgi_params; fastcgi_pass unix:/var/run/fcgiwrap.socket; fastcgi_index BackupPC_Admin; fastcgi_param SCRIPT_FILENAME /usr/share/backuppc/cgi-bin$fastcgi_script_name; diff --git a/templates/etc/nginx/sites-available/_proxy.j2 b/templates/etc/nginx/sites-available/_proxy.j2 index 248fed5..724d31a 100644 --- a/templates/etc/nginx/sites-available/_proxy.j2 +++ b/templates/etc/nginx/sites-available/_proxy.j2 @@ -7,7 +7,7 @@ {% endblock %} {% block template_try_files %} - include /etc/nginx/proxy_params; + include {{ nginx_etc_dir }}/proxy_params; proxy_pass http://{{ item.upstream_name }}; {% if item.proxy_params is defined and item.proxy_params is iterable %} {% for param in item.proxy_params %} diff --git a/tests/test.yml b/tests/test.yml index 87e23b3..afdd1e9 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -149,8 +149,6 @@ location: '/hello': - htpasswd: 'hello' - - 'default_type "text/html; charset=UTF-8";' - - 'echo hello;' - name: 'test-htpasswd-all.local' template: '_base' htpasswd: 'hello' @@ -218,7 +216,10 @@ - name: -- Add HTML file -- copy: dest="{{ item }}/index.html" content="Index HTML test OK\n" with_items: ['{{ nginx_root }}/test.local/public', '/var/tmp', '{{ nginx_root }}/test-htpasswd-all.local/public', '{{ nginx_root }}/test-ssl.local/public', '{{ nginx_root }}/test-ssl-predeployed.local/public'] - + - name: -- Create directory -- + file: path={{ nginx_root }}/test-htpasswd-all.local/public/hello state=directory + - name: -- Add HTML file hello -- + copy: dest="{{ nginx_root }}/test-htpasswd-all.local/public/hello/index.html" content="hello\n" # -------------------------------- # Simple vhosts tests # -------------------------------- From 8edd69547dd2c2787c20af0549516b7cbe17b6ab Mon Sep 17 00:00:00 2001 From: Emilien Mantel Date: Sat, 5 Mar 2016 15:46:54 +0100 Subject: [PATCH 03/10] [WIP] split pre/post tasks related to OS version --- tests/includes/post_Debian.yml | 10 +++++++++ tests/includes/post_FreeBSD.yml | 2 ++ tests/includes/pre_Debian.yml | 18 +++++++++++++++++ tests/includes/pre_FreeBSD.yml | 5 +++++ tests/test.yml | 36 ++++----------------------------- 5 files changed, 39 insertions(+), 32 deletions(-) create mode 100644 tests/includes/post_Debian.yml create mode 100644 tests/includes/post_FreeBSD.yml create mode 100644 tests/includes/pre_Debian.yml create mode 100644 tests/includes/pre_FreeBSD.yml diff --git a/tests/includes/post_Debian.yml b/tests/includes/post_Debian.yml new file mode 100644 index 0000000..e86270a --- /dev/null +++ b/tests/includes/post_Debian.yml @@ -0,0 +1,10 @@ +--- + +- name: APT | Install web apps + apt: pkg={{ item }} state=present + with_items: + - nagios3 + - backuppc + +- name: SERVICE | Ensure backuppc is started + service: name=backuppc state=started diff --git a/tests/includes/post_FreeBSD.yml b/tests/includes/post_FreeBSD.yml new file mode 100644 index 0000000..cd21505 --- /dev/null +++ b/tests/includes/post_FreeBSD.yml @@ -0,0 +1,2 @@ +--- + diff --git a/tests/includes/pre_Debian.yml b/tests/includes/pre_Debian.yml new file mode 100644 index 0000000..17e6fb4 --- /dev/null +++ b/tests/includes/pre_Debian.yml @@ -0,0 +1,18 @@ +--- + +- name: APT_REPOSITORY | Install backports + apt_repository: repo='deb http://httpredir.debian.org/debian {{ ansible_distribution_release }}-backports main' state=present + +- name: APT | Install needed packages + apt: pkg={{ item }} update_cache=yes cache_valid_time=3600 state=present + with_items: + - php5-fpm + - curl + - fcgiwrap + +- name: SERVICE | Force start services + service: name={{ item }} state=started + register: sf + with_items: + - php5-fpm + - fcgiwrap diff --git a/tests/includes/pre_FreeBSD.yml b/tests/includes/pre_FreeBSD.yml new file mode 100644 index 0000000..8ec7448 --- /dev/null +++ b/tests/includes/pre_FreeBSD.yml @@ -0,0 +1,5 @@ +--- + +- name: SET_FACT | FreeBSD web user + set_fact: + nginx_user: 'www' diff --git a/tests/test.yml b/tests/test.yml index afdd1e9..bbbb91a 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -2,30 +2,8 @@ - hosts: all pre_tasks: - - block: - - name: APT_REPOSITORY | Install backports - apt_repository: repo='deb http://httpredir.debian.org/debian {{ ansible_distribution_release }}-backports main' state=present - - name: APT | Install needed packages - apt: pkg={{ item }} update_cache=yes cache_valid_time=3600 state=present - with_items: - - php5-fpm - - curl - - fcgiwrap - - name: SERVICE | Force start services - service: name={{ item }} state=started - register: sf - with_items: - - php5-fpm - - fcgiwrap - when: ansible_distribution == 'Debian' - - block: - - name: SET_FACT | FreeBSD web user - set_fact: - nginx_user: 'www' - when: ansible_distribution == 'FreeBSD' - - name: PAUSE | Prevent bugs (CGI not fully loaded) - pause: seconds=5 - when: sf.changed + - name: INCLUDE | Pre_tasks related to OS version + include: "includes/pre_{{ ansible_distribution }}.yml" - name: FILE | Create an internal SSL dir file: path={{ int_ansible_ssl_dir }} state=directory - name: COPY | Deploy test certificate @@ -199,14 +177,8 @@ # -------------------------------- # Apps # -------------------------------- - - name: APT | Install web apps - apt: pkg={{ item }} state=present - with_items: - - nagios3 - - backuppc - - name: SERVICE | Ensure backuppc is started - service: name=backuppc state=started - + - name: INCLUDE | Post_tasks related to OS version + include: "includes/post_{{ ansible_distribution }}.yml" # -------------------------------- # Deploy index files # -------------------------------- From c13cb0d7704a1871d9f4d007c25d8bf2592e2988 Mon Sep 17 00:00:00 2001 From: Emilien Mantel Date: Sat, 5 Mar 2016 17:26:05 +0100 Subject: [PATCH 04/10] PHP works on FreeBSD --- tasks/install_FreeBSD.yml | 17 +++++++++++++---- tests/includes/pre_FreeBSD.yml | 17 +++++++++++++++++ tests/test.yml | 2 ++ 3 files changed, 32 insertions(+), 4 deletions(-) diff --git a/tasks/install_FreeBSD.yml b/tasks/install_FreeBSD.yml index c6c30c6..94b10bb 100644 --- a/tasks/install_FreeBSD.yml +++ b/tasks/install_FreeBSD.yml @@ -14,11 +14,20 @@ - sites-available - sites-enabled -- name: FILE | Follow Debian ;) - file: > - src="{{ nginx_etc_dir }}/fastcgi_params" +- name: STAT | Check fastcgi.conf + stat: path={{ nginx_etc_dir }}/fastcgi.conf + register: conf + +- name: COPY | config + command: "cp {{ nginx_etc_dir }}/fastcgi_params {{ nginx_etc_dir }}/fastcgi.conf" + when: not conf.stat.exists + notify: reload nginx + +- name: LINEINFILE | Add fastcgi config + lineinfile: > + line="fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;" dest="{{ nginx_etc_dir }}/fastcgi.conf" - state=link + notify: reload nginx - name: COPY | Populate proxy_params copy: > diff --git a/tests/includes/pre_FreeBSD.yml b/tests/includes/pre_FreeBSD.yml index 8ec7448..6555bf1 100644 --- a/tests/includes/pre_FreeBSD.yml +++ b/tests/includes/pre_FreeBSD.yml @@ -3,3 +3,20 @@ - name: SET_FACT | FreeBSD web user set_fact: nginx_user: 'www' + nginx_php_sockets: + - host: '127.0.0.1' + port: 9000 + +- name: PKGNG | Install needed packages + pkgng: pkg={{ item }} state=present + with_items: + - php56 + - curl + - fcgiwrap + +- name: SERVICE | Force start services + service: name={{ item }} state=started enabled=yes + register: sf + with_items: + - php-fpm + - fcgiwrap diff --git a/tests/test.yml b/tests/test.yml index bbbb91a..7dadbd1 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -141,6 +141,8 @@ redirect_from: - 'www.test-php.local' template: '_php' + use_error_log: true + use_access_log: true - name: 'test-php-index.local' template: '_php_index' - name: 'test-proxy.local' From 729b621ccb0f9b10a754221de5066dbe81246e0e Mon Sep 17 00:00:00 2001 From: Emilien Mantel Date: Sat, 5 Mar 2016 17:31:21 +0100 Subject: [PATCH 05/10] Fix check htpasswd in location (replace echo test) --- tests/test.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/test.yml b/tests/test.yml index 7dadbd1..fb178e6 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -191,9 +191,9 @@ copy: dest="{{ item }}/index.html" content="Index HTML test OK\n" with_items: ['{{ nginx_root }}/test.local/public', '/var/tmp', '{{ nginx_root }}/test-htpasswd-all.local/public', '{{ nginx_root }}/test-ssl.local/public', '{{ nginx_root }}/test-ssl-predeployed.local/public'] - name: -- Create directory -- - file: path={{ nginx_root }}/test-htpasswd-all.local/public/hello state=directory + file: path={{ nginx_root }}/test-htpasswd.local/public/hello state=directory - name: -- Add HTML file hello -- - copy: dest="{{ nginx_root }}/test-htpasswd-all.local/public/hello/index.html" content="hello\n" + copy: dest="{{ nginx_root }}/test-htpasswd.local/public/hello/index.html" content="hello\n" # -------------------------------- # Simple vhosts tests # -------------------------------- @@ -229,17 +229,17 @@ # Basic Auth # -------------------------------- - name: -- VERIFY AUTH BASIC NONE -- - command: "curl -H 'Host: test-htpasswd.local' http://127.0.0.1/hello" + command: "curl -H 'Host: test-htpasswd.local' http://127.0.0.1/hello/" changed_when: false register: authnone failed_when: authnone.stdout.find('401 Authorization Required') == -1 - name: -- VERIFY AUTH BASIC FAIL -- - command: "curl -u fail:fail -H 'Host: test-htpasswd.local' http://127.0.0.1/hello" + command: "curl -u fail:fail -H 'Host: test-htpasswd.local' http://127.0.0.1/hello/" changed_when: false register: authfail failed_when: authfail.stdout.find('401 Authorization Required') == -1 - name: -- VERIFY AUTH BASIC OK -- - command: "curl -u hanx:qwerty -H 'Host: test-htpasswd.local' http://127.0.0.1/hello" + command: "curl -u hanx:qwerty -H 'Host: test-htpasswd.local' http://127.0.0.1/hello/" changed_when: false register: authok failed_when: authok.stdout.find('hello') == -1 From cdc152afbecd73ec5cc922ebe5ddccd5d1dc7e4a Mon Sep 17 00:00:00 2001 From: Emilien Mantel Date: Sat, 5 Mar 2016 18:34:04 +0100 Subject: [PATCH 06/10] Nagios OK on FreeBSD --- .../etc/nginx/sites-available/_nagios3.j2 | 12 ++++++-- tests/includes/post_FreeBSD.yml | 29 +++++++++++++++++++ tests/test.yml | 3 +- vars/Debian.yml | 5 ++++ vars/FreeBSD.yml | 4 ++- 5 files changed, 48 insertions(+), 5 deletions(-) diff --git a/templates/etc/nginx/sites-available/_nagios3.j2 b/templates/etc/nginx/sites-available/_nagios3.j2 index cd2a743..e49b0ac 100644 --- a/templates/etc/nginx/sites-available/_nagios3.j2 +++ b/templates/etc/nginx/sites-available/_nagios3.j2 @@ -1,7 +1,7 @@ {% extends "_base.j2" %} {% block root %} - root /usr/share/nagios3/htdocs; + root {{ nginx_nagios_root }}; {% endblock %} {% block template_try_files %} @@ -17,21 +17,27 @@ } location /stylesheets { - alias /etc/nagios3/stylesheets; +{% if nginx_nagios_stylesheets is defined %} + alias {{ nginx_nagios_stylesheets }}; +{% endif %} expires 60d; } {% endblock %} {% block template_upstream_location %} +{% if ansible_distribution == 'Debian' %} location /cgi-bin/nagios3 { root /usr/lib; +{% elif ansible_distribution == 'FreeBSD' %} + location /cgi-bin { +{% endif %} try_files $uri =404; {% if nginx_version.stdout | version_compare('1.6.1', 'lt') %} include fastcgi_params; {% else %} include fastcgi.conf; {% endif %} - fastcgi_pass unix:/var/run/fcgiwrap.socket; + fastcgi_pass unix:{{ nginx_fcgiwrap_sock }}; fastcgi_param AUTH_USER $remote_user; fastcgi_param REMOTE_USER $remote_user; } diff --git a/tests/includes/post_FreeBSD.yml b/tests/includes/post_FreeBSD.yml index cd21505..f301181 100644 --- a/tests/includes/post_FreeBSD.yml +++ b/tests/includes/post_FreeBSD.yml @@ -1,2 +1,31 @@ --- +- name: APT | Install web apps + pkgng: pkg={{ item }} state=present + with_items: + - nagios + - backuppc + +- name: COMMAND | Activate backuppc config + command: > + cp /usr/local/etc/backuppc/config.pl.sample /usr/local/etc/backuppc/config.pl + creates=/usr/local/etc/backuppc/config.pl + +- name: FILE | Fix backuppc permissions + file: > + path=/usr/local/etc/backuppc/config.pl + owner=backuppc + group=backuppc + +- name: FILE | Fix fcgiwrap permission + file: > + path={{ nginx_fcgiwrap_sock }} + mode=0640 + owner={{ nginx_user }} + group={{ nginx_user }} + +# +# We don't manage BackupPC on FreeBSD... too dirty. :/ +# +#- name: SERVICE | Ensure backuppc is started +# service: name=backuppc state=started enabled=yes diff --git a/tests/test.yml b/tests/test.yml index fb178e6..4ba11fe 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -262,6 +262,7 @@ changed_when: false register: authbpc failed_when: authbpc.stdout.find('BackupPC Server Status') == -1 + when: ansible_distribution != 'FreeBSD' # -------------------------------- # Nagios @@ -272,7 +273,7 @@ register: nagios_php failed_when: nagios_php.stdout.find('Nagios Core') == -1 - name: -- VERIFY NAGIOS3 CGI -- - command: "curl -u nagiosadmin:nagios -H 'Host: nagios3.local' http://127.0.0.1/cgi-bin/nagios3/summary.cgi" + command: "curl -u nagiosadmin:nagios -H 'Host: nagios3.local' http://127.0.0.1/cgi-bin{% if ansible_distribution == 'Debian' %}/nagios3{% endif %}/summary.cgi" changed_when: false register: nagios_cgi failed_when: nagios_cgi.stdout.find('Nagios Event Summary') == -1 diff --git a/vars/Debian.yml b/vars/Debian.yml index 4f7c86f..ac83d51 100644 --- a/vars/Debian.yml +++ b/vars/Debian.yml @@ -1,3 +1,8 @@ nginx_events_use: 'epoll' nginx_pid: '/run/nginx.pid' nginx_etc_dir: '/etc/nginx' + +# Specific vhosts +nginx_nagios_root: '/usr/share/nagios3/htdocs' +nginx_nagios_stylesheets: '/etc/nagios3/stylesheets' +nginx_fcgiwrap_sock: '/var/run/fcgiwrap.socket' diff --git a/vars/FreeBSD.yml b/vars/FreeBSD.yml index 96da262..02c757b 100644 --- a/vars/FreeBSD.yml +++ b/vars/FreeBSD.yml @@ -2,4 +2,6 @@ nginx_events_use: 'kqueue' nginx_pid: '/var/run/nginx.pid' nginx_etc_dir: '/usr/local/etc/nginx' -# TODO: it's a dirty to force variable here! +# Specific vhosts +nginx_nagios_root: '/usr/local/www/nagios' +nginx_fcgiwrap_sock: '/var/run/fcgiwrap/fcgiwrap.sock' From 2f0672359d7a82ceee9c8fdbd4c575afae2ead37 Mon Sep 17 00:00:00 2001 From: Emilien Mantel Date: Sat, 5 Mar 2016 18:43:49 +0100 Subject: [PATCH 07/10] I support now FreeBSD! --- README.md | 7 +++++++ meta/main.yml | 3 +++ 2 files changed, 10 insertions(+) diff --git a/README.md b/README.md index f8aad83..aa76485 100644 --- a/README.md +++ b/README.md @@ -58,6 +58,13 @@ Fine configuration [Basic Auth](doc/auth.md) +Note +---- + +- Active support for Debian. +- FreeBSD support is experimental (no Travis). I only test (for the moment) 10.2 (but it can work on other versions). +- I don't manage BackupPC for FreeBSD (PR welcome). + Dependencies ------------ diff --git a/meta/main.yml b/meta/main.yml index 8cb1c8e..9ab14aa 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -10,6 +10,9 @@ galaxy_info: versions: - wheezy - jessie + - name: FreeBSD + versions: + - 10.2 categories: - web - proxy From 972555ce2271f2b668dd1c52ca4cd1f866ab0f24 Mon Sep 17 00:00:00 2001 From: Emilien Mantel Date: Mon, 7 Mar 2016 11:59:26 +0100 Subject: [PATCH 08/10] Minor fixes --- defaults/main.yml | 4 ++-- tasks/install_Debian.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 86c8b19..0c4495b 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -19,8 +19,8 @@ nginx_default_vhost_ssl: null # # Nginx directories # -nginx_htpasswd_dir: '{{ nginx_etc_dir}}/htpasswd' -nginx_ssl_dir: '{{ nginx_etc_dir}}/ssl' +nginx_htpasswd_dir: '{{ nginx_etc_dir }}/htpasswd' +nginx_ssl_dir: '{{ nginx_etc_dir }}/ssl' nginx_helper_dir: '{{ nginx_etc_dir}}/helper' # diff --git a/tasks/install_Debian.yml b/tasks/install_Debian.yml index 1f814c6..8033996 100644 --- a/tasks/install_Debian.yml +++ b/tasks/install_Debian.yml @@ -1,6 +1,6 @@ --- -- name: APT | Update cache +- name: APT | Update cache apt: > update_cache=yes cache_valid_time=3600 From 8fc6f7117ecc1f3ba565213b79613da4fd2ef4df Mon Sep 17 00:00:00 2001 From: Emilien Mantel Date: Mon, 7 Mar 2016 12:05:58 +0100 Subject: [PATCH 09/10] Doc fixes --- README.md | 8 +++++--- doc/freebsd.md | 4 ++++ 2 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 doc/freebsd.md diff --git a/README.md b/README.md index aa76485..a12775f 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,9 @@ -Nginx for Debian Ansible role -============================= +Nginx for Debian/FreeBSD Ansible role +===================================== [![Ansible Galaxy](http://img.shields.io/badge/ansible--galaxy-HanXHX.nginx-blue.svg)](https://galaxy.ansible.com/list#/roles/4399) [![Build Status](https://travis-ci.org/HanXHX/ansible-nginx.svg?branch=master)](https://travis-ci.org/HanXHX/ansible-nginx) -Install and configure Nginx on Debian. +Install and configure Nginx on Debian/FreeBSD. Features: @@ -57,6 +57,8 @@ Fine configuration [Basic Auth](doc/auth.md) +[FreeBSD](doc/freebsd.md) + Note ---- diff --git a/doc/freebsd.md b/doc/freebsd.md new file mode 100644 index 0000000..ea445c7 --- /dev/null +++ b/doc/freebsd.md @@ -0,0 +1,4 @@ +Freebsd +======= + +Due to Ansible + FreeBSD limitations (`ansible_processor_vcpus`), You must explicitely set `nginx_worker_processes`. From 33f34a05501493870fdd0318358831d863313baa Mon Sep 17 00:00:00 2001 From: Emilien Mantel Date: Mon, 7 Mar 2016 12:08:34 +0100 Subject: [PATCH 10/10] Manage FreeBSD nginx package name --- README.md | 6 ++++++ defaults/main.yml | 3 +++ tasks/install_FreeBSD.yml | 4 ++-- 3 files changed, 11 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index a12775f..b00943f 100644 --- a/README.md +++ b/README.md @@ -24,9 +24,15 @@ Role Variables ### Packaging +Debian: + - `nginx_apt_package`: APT nginx package (try: apt-cache search ^nginx) - `nginx_backports`: Install nginx from backport repository (bool) +FreeBSD: + +- `nginx_pkgng_package`: PKGNG nginx package (should be "nginx" or "nginx-devel") + ### Shared - `nginx_root`: root directory where you want to have your files diff --git a/defaults/main.yml b/defaults/main.yml index 0c4495b..8dabf08 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,7 +1,10 @@ --- +# Debian nginx_apt_package: nginx-full nginx_backports: false +# FreeBSD +nginx_pkgng_package: nginx # # Nginx shared variables diff --git a/tasks/install_FreeBSD.yml b/tasks/install_FreeBSD.yml index 94b10bb..a16fba7 100644 --- a/tasks/install_FreeBSD.yml +++ b/tasks/install_FreeBSD.yml @@ -1,9 +1,9 @@ --- - name: PKGNG | Install nginx and related tools - pkgng: name=nginx state=present + pkgng: name={{ item }} state=present with_items: - - nginx + - "{{ nginx_pkgng_package }}" - py27-passlib - curl