Manage default vhost. Closes #11
parent
c36c4824b7
commit
520eed50c3
|
@ -14,6 +14,8 @@ nginx_resolver_valid: '300s'
|
|||
nginx_resolver_timeout: '5s'
|
||||
nginx_error_log_level: 'warn' # http://nginx.org/en/docs/ngx_core_module.html#error_log
|
||||
nginx_auto_config_httpv2: true
|
||||
nginx_default_vhost: null
|
||||
nginx_default_vhost_ssl: null
|
||||
|
||||
#
|
||||
# Nginx directories
|
||||
|
|
|
@ -56,3 +56,10 @@ You have many key added to vhost key:
|
|||
|
||||
(O) : Optional
|
||||
|
||||
Default vhosts
|
||||
--------------
|
||||
|
||||
You can manage default vhost by setting domain name to these variables.
|
||||
|
||||
- `nginx_default_vhost`
|
||||
- `nginx_default_vhost_ssl`
|
||||
|
|
|
@ -77,3 +77,17 @@
|
|||
notify: reload nginx
|
||||
when: (item.enable is defined and not item.enable) or (item.delete is defined and item.delete)
|
||||
|
||||
- name: FILE | Delete default vhost when explicitely defined
|
||||
file: >
|
||||
path=/etc/nginx/sites-enabled/default
|
||||
state=absent
|
||||
notify: reload nginx
|
||||
when: nginx_default_vhost is not none
|
||||
|
||||
- name: FILE | Auto set default vhost
|
||||
file: >
|
||||
src=/etc/nginx/sites-available/default
|
||||
dest=/etc/nginx/sites-enabled/default
|
||||
state=link
|
||||
notify: reload nginx
|
||||
when: nginx_default_vhost is none
|
||||
|
|
|
@ -25,12 +25,12 @@
|
|||
server {
|
||||
{% if 'http' in __proto %}
|
||||
{% for port in __listen %}
|
||||
listen {{ port }};
|
||||
listen {{ port }}{% if nginx_default_vhost == __main_name %} default_server{% endif %};
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% if 'https' in __proto %}
|
||||
{% for port in __listen_ssl %}
|
||||
listen {{ port }} ssl{% if nginx_auto_config_httpv2 and 'http_v2' in nginx_modules.stdout_lines %}http2{% endif %};
|
||||
listen {{ port }}{% if nginx_default_vhost_ssl == __main_name %} default_server{% endif %} ssl{% if nginx_auto_config_httpv2 and 'http_v2' in nginx_modules.stdout_lines %}http2{% endif %};
|
||||
{% endfor %}
|
||||
{{ ssl(item.ssl_name) }}
|
||||
include {{ nginx_helper_dir + '/ssl-' + item.ssl_template | default('strong') }};
|
||||
|
|
|
@ -108,6 +108,8 @@
|
|||
-----END CERTIFICATE-----
|
||||
nginx_custom_http:
|
||||
- 'add_header X-ansible 1;'
|
||||
nginx_default_vhost: 'test.local'
|
||||
nginx_default_vhost_ssl: 'test-ssl-predeployed.local'
|
||||
nginx_vhosts:
|
||||
- name:
|
||||
- 'test.local'
|
||||
|
@ -118,6 +120,7 @@
|
|||
manage_local_content: false
|
||||
more:
|
||||
- 'autoindex off;'
|
||||
- 'add_header X-ansible-default 1;'
|
||||
location:
|
||||
'/test':
|
||||
- 'return 403;'
|
||||
|
@ -169,6 +172,8 @@
|
|||
proto: ['http', 'https']
|
||||
template: '_base'
|
||||
ssl_name: 'test-ssl-predeployed.local'
|
||||
more:
|
||||
- 'add_header X-ansible-default 1;'
|
||||
roles:
|
||||
- ../../
|
||||
post_tasks:
|
||||
|
@ -265,6 +270,10 @@
|
|||
changed_when: false
|
||||
register: nagios_cgi
|
||||
failed_when: nagios_cgi.stdout.find('Nagios Event Summary') == -1
|
||||
|
||||
# --------------------------------
|
||||
# SSL
|
||||
# --------------------------------
|
||||
- name: -- VERIFY SSL --
|
||||
command: "curl --insecure -H 'Host: {{ item }}' https://127.0.0.1/"
|
||||
changed_when: false
|
||||
|
@ -274,3 +283,30 @@
|
|||
- 'test-ssl-predeployed.local'
|
||||
- 'test-ssl.local'
|
||||
|
||||
# --------------------------------
|
||||
# Default vhosts
|
||||
# --------------------------------
|
||||
- name: -- VERIFY DEFAULT VHOST --
|
||||
command: "curl -v http://127.0.0.1/"
|
||||
changed_when: false
|
||||
register: vdefault
|
||||
failed_when: >
|
||||
vdefault.stdout.find('Index HTML test OK') == -1 or
|
||||
vdefault.stderr.find('X-ansible-default') == -1
|
||||
- name: -- VERIFY DEFAULT SSL VHOST --
|
||||
command: "curl --insecure -v https://127.0.0.1/"
|
||||
changed_when: false
|
||||
register: defaultssl
|
||||
failed_when: >
|
||||
defaultssl.stdout.find('Index HTML test OK') == -1 or
|
||||
defaultssl.stderr.find('X-ansible-default') == -1
|
||||
- name: -- VERIFY NOT DEFAULT VHOST --
|
||||
command: "curl -v -H 'Host: test-php.local' http://127.0.0.1/"
|
||||
changed_when: false
|
||||
register: vphp
|
||||
failed_when: vphp.stderr.find('X-ansible-default') != -1
|
||||
- name: -- VERIFY NOT DEFAULT SSL VHOST --
|
||||
command: "curl --insecure -v -H 'Host: test-ssl.local' https://127.0.0.1/"
|
||||
changed_when: false
|
||||
register: notdefaultssl
|
||||
failed_when: notdefaultssl.stderr.find('X-ansible-default') != -1
|
||||
|
|
Loading…
Reference in New Issue