Manage default vhost. Closes #11

pull/14/head
Emilien Mantel 2016-01-21 17:08:01 +01:00
parent c36c4824b7
commit 520eed50c3
5 changed files with 61 additions and 2 deletions

View File

@ -14,6 +14,8 @@ nginx_resolver_valid: '300s'
nginx_resolver_timeout: '5s' nginx_resolver_timeout: '5s'
nginx_error_log_level: 'warn' # http://nginx.org/en/docs/ngx_core_module.html#error_log nginx_error_log_level: 'warn' # http://nginx.org/en/docs/ngx_core_module.html#error_log
nginx_auto_config_httpv2: true nginx_auto_config_httpv2: true
nginx_default_vhost: null
nginx_default_vhost_ssl: null
# #
# Nginx directories # Nginx directories

View File

@ -56,3 +56,10 @@ You have many key added to vhost key:
(O) : Optional (O) : Optional
Default vhosts
--------------
You can manage default vhost by setting domain name to these variables.
- `nginx_default_vhost`
- `nginx_default_vhost_ssl`

View File

@ -77,3 +77,17 @@
notify: reload nginx notify: reload nginx
when: (item.enable is defined and not item.enable) or (item.delete is defined and item.delete) when: (item.enable is defined and not item.enable) or (item.delete is defined and item.delete)
- name: FILE | Delete default vhost when explicitely defined
file: >
path=/etc/nginx/sites-enabled/default
state=absent
notify: reload nginx
when: nginx_default_vhost is not none
- name: FILE | Auto set default vhost
file: >
src=/etc/nginx/sites-available/default
dest=/etc/nginx/sites-enabled/default
state=link
notify: reload nginx
when: nginx_default_vhost is none

View File

@ -25,12 +25,12 @@
server { server {
{% if 'http' in __proto %} {% if 'http' in __proto %}
{% for port in __listen %} {% for port in __listen %}
listen {{ port }}; listen {{ port }}{% if nginx_default_vhost == __main_name %} default_server{% endif %};
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% if 'https' in __proto %} {% if 'https' in __proto %}
{% for port in __listen_ssl %} {% for port in __listen_ssl %}
listen {{ port }} ssl{% if nginx_auto_config_httpv2 and 'http_v2' in nginx_modules.stdout_lines %}http2{% endif %}; listen {{ port }}{% if nginx_default_vhost_ssl == __main_name %} default_server{% endif %} ssl{% if nginx_auto_config_httpv2 and 'http_v2' in nginx_modules.stdout_lines %}http2{% endif %};
{% endfor %} {% endfor %}
{{ ssl(item.ssl_name) }} {{ ssl(item.ssl_name) }}
include {{ nginx_helper_dir + '/ssl-' + item.ssl_template | default('strong') }}; include {{ nginx_helper_dir + '/ssl-' + item.ssl_template | default('strong') }};

View File

@ -108,6 +108,8 @@
-----END CERTIFICATE----- -----END CERTIFICATE-----
nginx_custom_http: nginx_custom_http:
- 'add_header X-ansible 1;' - 'add_header X-ansible 1;'
nginx_default_vhost: 'test.local'
nginx_default_vhost_ssl: 'test-ssl-predeployed.local'
nginx_vhosts: nginx_vhosts:
- name: - name:
- 'test.local' - 'test.local'
@ -118,6 +120,7 @@
manage_local_content: false manage_local_content: false
more: more:
- 'autoindex off;' - 'autoindex off;'
- 'add_header X-ansible-default 1;'
location: location:
'/test': '/test':
- 'return 403;' - 'return 403;'
@ -169,6 +172,8 @@
proto: ['http', 'https'] proto: ['http', 'https']
template: '_base' template: '_base'
ssl_name: 'test-ssl-predeployed.local' ssl_name: 'test-ssl-predeployed.local'
more:
- 'add_header X-ansible-default 1;'
roles: roles:
- ../../ - ../../
post_tasks: post_tasks:
@ -265,6 +270,10 @@
changed_when: false changed_when: false
register: nagios_cgi register: nagios_cgi
failed_when: nagios_cgi.stdout.find('Nagios Event Summary') == -1 failed_when: nagios_cgi.stdout.find('Nagios Event Summary') == -1
# --------------------------------
# SSL
# --------------------------------
- name: -- VERIFY SSL -- - name: -- VERIFY SSL --
command: "curl --insecure -H 'Host: {{ item }}' https://127.0.0.1/" command: "curl --insecure -H 'Host: {{ item }}' https://127.0.0.1/"
changed_when: false changed_when: false
@ -274,3 +283,30 @@
- 'test-ssl-predeployed.local' - 'test-ssl-predeployed.local'
- 'test-ssl.local' - 'test-ssl.local'
# --------------------------------
# Default vhosts
# --------------------------------
- name: -- VERIFY DEFAULT VHOST --
command: "curl -v http://127.0.0.1/"
changed_when: false
register: vdefault
failed_when: >
vdefault.stdout.find('Index HTML test OK') == -1 or
vdefault.stderr.find('X-ansible-default') == -1
- name: -- VERIFY DEFAULT SSL VHOST --
command: "curl --insecure -v https://127.0.0.1/"
changed_when: false
register: defaultssl
failed_when: >
defaultssl.stdout.find('Index HTML test OK') == -1 or
defaultssl.stderr.find('X-ansible-default') == -1
- name: -- VERIFY NOT DEFAULT VHOST --
command: "curl -v -H 'Host: test-php.local' http://127.0.0.1/"
changed_when: false
register: vphp
failed_when: vphp.stderr.find('X-ansible-default') != -1
- name: -- VERIFY NOT DEFAULT SSL VHOST --
command: "curl --insecure -v -H 'Host: test-ssl.local' https://127.0.0.1/"
changed_when: false
register: notdefaultssl
failed_when: notdefaultssl.stderr.find('X-ansible-default') != -1