Manage default vhost. Closes #11

2016-01-21 17:08:01 +01:00 · 2016-01-21 17:08:01 +01:00 · 520eed50c3
parent c36c4824b7
commit 520eed50c3
5 changed files with 61 additions and 2 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -14,6 +14,8 @@ nginx_resolver_valid: '300s'
 nginx_resolver_timeout: '5s'
 nginx_error_log_level: 'warn' # http://nginx.org/en/docs/ngx_core_module.html#error_log
 nginx_auto_config_httpv2: true
+nginx_default_vhost: null
+nginx_default_vhost_ssl: null

 #
 # Nginx directories
--- a/doc/vhost.md
+++ b/doc/vhost.md
@ -56,3 +56,10 @@ You have many key added to vhost key:

 (O) : Optional

+Default vhosts
+--------------
+
+You can manage default vhost by setting domain name to these variables.
+
+- `nginx_default_vhost`
+- `nginx_default_vhost_ssl`
--- a/tasks/vhost.yml
+++ b/tasks/vhost.yml
@ -77,3 +77,17 @@
  notify: reload nginx
  when: (item.enable is defined and not item.enable) or (item.delete is defined and item.delete)

+- name: FILE | Delete default vhost when explicitely defined
+  file: >
+    path=/etc/nginx/sites-enabled/default
+    state=absent
+  notify: reload nginx
+  when: nginx_default_vhost is not none
+
+- name: FILE | Auto set default vhost
+  file: >
+    src=/etc/nginx/sites-available/default
+    dest=/etc/nginx/sites-enabled/default
+    state=link
+  notify: reload nginx
+  when: nginx_default_vhost is none
--- a/templates/etc/nginx/sites-available/_base.j2
+++ b/templates/etc/nginx/sites-available/_base.j2
@ -25,12 +25,12 @@
 server {
 {% if 'http' in __proto %}
 {% for port in __listen %}
-	listen {{ port }};
+	listen {{ port }}{% if nginx_default_vhost == __main_name %} default_server{% endif %};
 {% endfor %}
 {% endif %}
 {% if 'https' in __proto %}
 {% for port in __listen_ssl %}
-	listen {{ port }} ssl{% if nginx_auto_config_httpv2 and 'http_v2' in nginx_modules.stdout_lines %}http2{% endif %};
+	listen {{ port }}{% if nginx_default_vhost_ssl == __main_name %} default_server{% endif %} ssl{% if nginx_auto_config_httpv2 and 'http_v2' in nginx_modules.stdout_lines %}http2{% endif %};
 {% endfor %}
 {{ ssl(item.ssl_name) }}
 	include {{ nginx_helper_dir + '/ssl-' + item.ssl_template | default('strong') }};
--- a/tests/test.yml
+++ b/tests/test.yml
@ -108,6 +108,8 @@
          -----END CERTIFICATE-----
    nginx_custom_http:
      - 'add_header X-ansible 1;'
+    nginx_default_vhost: 'test.local'
+    nginx_default_vhost_ssl: 'test-ssl-predeployed.local'
    nginx_vhosts:
      - name:
          - 'test.local'
@ -118,6 +120,7 @@
        manage_local_content: false
        more:
          - 'autoindex off;'
+          - 'add_header X-ansible-default 1;'
        location:
          '/test':
            - 'return 403;'
@ -169,6 +172,8 @@
        proto: ['http', 'https']
        template: '_base'
        ssl_name: 'test-ssl-predeployed.local'
+        more:
+          - 'add_header X-ansible-default 1;'
  roles:
    - ../../
  post_tasks:
@ -265,6 +270,10 @@
      changed_when: false
      register: nagios_cgi
      failed_when: nagios_cgi.stdout.find('Nagios Event Summary') == -1
+
+# --------------------------------
+# SSL
+# --------------------------------
    - name: -- VERIFY SSL --
      command: "curl --insecure -H 'Host: {{ item }}' https://127.0.0.1/"
      changed_when: false
@ -274,3 +283,30 @@
        - 'test-ssl-predeployed.local'
        - 'test-ssl.local'

+# --------------------------------
+# Default vhosts
+# --------------------------------
+    - name: -- VERIFY DEFAULT VHOST --
+      command: "curl -v http://127.0.0.1/"
+      changed_when: false
+      register: vdefault
+      failed_when: >
+        vdefault.stdout.find('Index HTML test OK') == -1 or
+        vdefault.stderr.find('X-ansible-default') == -1
+    - name: -- VERIFY DEFAULT SSL VHOST --
+      command: "curl --insecure -v https://127.0.0.1/"
+      changed_when: false
+      register: defaultssl
+      failed_when: >
+        defaultssl.stdout.find('Index HTML test OK') == -1 or
+        defaultssl.stderr.find('X-ansible-default') == -1
+    - name: -- VERIFY NOT DEFAULT VHOST --
+      command: "curl -v -H 'Host: test-php.local' http://127.0.0.1/"
+      changed_when: false
+      register: vphp
+      failed_when: vphp.stderr.find('X-ansible-default') != -1
+    - name: -- VERIFY NOT DEFAULT SSL VHOST --
+      command: "curl --insecure -v -H 'Host: test-ssl.local' https://127.0.0.1/"
+      changed_when: false
+      register: notdefaultssl
+      failed_when: notdefaultssl.stderr.find('X-ansible-default') != -1