Manage default vhost. Closes #11
parent
c36c4824b7
commit
520eed50c3
|
@ -14,6 +14,8 @@ nginx_resolver_valid: '300s'
|
||||||
nginx_resolver_timeout: '5s'
|
nginx_resolver_timeout: '5s'
|
||||||
nginx_error_log_level: 'warn' # http://nginx.org/en/docs/ngx_core_module.html#error_log
|
nginx_error_log_level: 'warn' # http://nginx.org/en/docs/ngx_core_module.html#error_log
|
||||||
nginx_auto_config_httpv2: true
|
nginx_auto_config_httpv2: true
|
||||||
|
nginx_default_vhost: null
|
||||||
|
nginx_default_vhost_ssl: null
|
||||||
|
|
||||||
#
|
#
|
||||||
# Nginx directories
|
# Nginx directories
|
||||||
|
|
|
@ -56,3 +56,10 @@ You have many key added to vhost key:
|
||||||
|
|
||||||
(O) : Optional
|
(O) : Optional
|
||||||
|
|
||||||
|
Default vhosts
|
||||||
|
--------------
|
||||||
|
|
||||||
|
You can manage default vhost by setting domain name to these variables.
|
||||||
|
|
||||||
|
- `nginx_default_vhost`
|
||||||
|
- `nginx_default_vhost_ssl`
|
||||||
|
|
|
@ -77,3 +77,17 @@
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
when: (item.enable is defined and not item.enable) or (item.delete is defined and item.delete)
|
when: (item.enable is defined and not item.enable) or (item.delete is defined and item.delete)
|
||||||
|
|
||||||
|
- name: FILE | Delete default vhost when explicitely defined
|
||||||
|
file: >
|
||||||
|
path=/etc/nginx/sites-enabled/default
|
||||||
|
state=absent
|
||||||
|
notify: reload nginx
|
||||||
|
when: nginx_default_vhost is not none
|
||||||
|
|
||||||
|
- name: FILE | Auto set default vhost
|
||||||
|
file: >
|
||||||
|
src=/etc/nginx/sites-available/default
|
||||||
|
dest=/etc/nginx/sites-enabled/default
|
||||||
|
state=link
|
||||||
|
notify: reload nginx
|
||||||
|
when: nginx_default_vhost is none
|
||||||
|
|
|
@ -25,12 +25,12 @@
|
||||||
server {
|
server {
|
||||||
{% if 'http' in __proto %}
|
{% if 'http' in __proto %}
|
||||||
{% for port in __listen %}
|
{% for port in __listen %}
|
||||||
listen {{ port }};
|
listen {{ port }}{% if nginx_default_vhost == __main_name %} default_server{% endif %};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if 'https' in __proto %}
|
{% if 'https' in __proto %}
|
||||||
{% for port in __listen_ssl %}
|
{% for port in __listen_ssl %}
|
||||||
listen {{ port }} ssl{% if nginx_auto_config_httpv2 and 'http_v2' in nginx_modules.stdout_lines %}http2{% endif %};
|
listen {{ port }}{% if nginx_default_vhost_ssl == __main_name %} default_server{% endif %} ssl{% if nginx_auto_config_httpv2 and 'http_v2' in nginx_modules.stdout_lines %}http2{% endif %};
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{{ ssl(item.ssl_name) }}
|
{{ ssl(item.ssl_name) }}
|
||||||
include {{ nginx_helper_dir + '/ssl-' + item.ssl_template | default('strong') }};
|
include {{ nginx_helper_dir + '/ssl-' + item.ssl_template | default('strong') }};
|
||||||
|
|
|
@ -108,6 +108,8 @@
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
nginx_custom_http:
|
nginx_custom_http:
|
||||||
- 'add_header X-ansible 1;'
|
- 'add_header X-ansible 1;'
|
||||||
|
nginx_default_vhost: 'test.local'
|
||||||
|
nginx_default_vhost_ssl: 'test-ssl-predeployed.local'
|
||||||
nginx_vhosts:
|
nginx_vhosts:
|
||||||
- name:
|
- name:
|
||||||
- 'test.local'
|
- 'test.local'
|
||||||
|
@ -118,6 +120,7 @@
|
||||||
manage_local_content: false
|
manage_local_content: false
|
||||||
more:
|
more:
|
||||||
- 'autoindex off;'
|
- 'autoindex off;'
|
||||||
|
- 'add_header X-ansible-default 1;'
|
||||||
location:
|
location:
|
||||||
'/test':
|
'/test':
|
||||||
- 'return 403;'
|
- 'return 403;'
|
||||||
|
@ -169,6 +172,8 @@
|
||||||
proto: ['http', 'https']
|
proto: ['http', 'https']
|
||||||
template: '_base'
|
template: '_base'
|
||||||
ssl_name: 'test-ssl-predeployed.local'
|
ssl_name: 'test-ssl-predeployed.local'
|
||||||
|
more:
|
||||||
|
- 'add_header X-ansible-default 1;'
|
||||||
roles:
|
roles:
|
||||||
- ../../
|
- ../../
|
||||||
post_tasks:
|
post_tasks:
|
||||||
|
@ -265,6 +270,10 @@
|
||||||
changed_when: false
|
changed_when: false
|
||||||
register: nagios_cgi
|
register: nagios_cgi
|
||||||
failed_when: nagios_cgi.stdout.find('Nagios Event Summary') == -1
|
failed_when: nagios_cgi.stdout.find('Nagios Event Summary') == -1
|
||||||
|
|
||||||
|
# --------------------------------
|
||||||
|
# SSL
|
||||||
|
# --------------------------------
|
||||||
- name: -- VERIFY SSL --
|
- name: -- VERIFY SSL --
|
||||||
command: "curl --insecure -H 'Host: {{ item }}' https://127.0.0.1/"
|
command: "curl --insecure -H 'Host: {{ item }}' https://127.0.0.1/"
|
||||||
changed_when: false
|
changed_when: false
|
||||||
|
@ -274,3 +283,30 @@
|
||||||
- 'test-ssl-predeployed.local'
|
- 'test-ssl-predeployed.local'
|
||||||
- 'test-ssl.local'
|
- 'test-ssl.local'
|
||||||
|
|
||||||
|
# --------------------------------
|
||||||
|
# Default vhosts
|
||||||
|
# --------------------------------
|
||||||
|
- name: -- VERIFY DEFAULT VHOST --
|
||||||
|
command: "curl -v http://127.0.0.1/"
|
||||||
|
changed_when: false
|
||||||
|
register: vdefault
|
||||||
|
failed_when: >
|
||||||
|
vdefault.stdout.find('Index HTML test OK') == -1 or
|
||||||
|
vdefault.stderr.find('X-ansible-default') == -1
|
||||||
|
- name: -- VERIFY DEFAULT SSL VHOST --
|
||||||
|
command: "curl --insecure -v https://127.0.0.1/"
|
||||||
|
changed_when: false
|
||||||
|
register: defaultssl
|
||||||
|
failed_when: >
|
||||||
|
defaultssl.stdout.find('Index HTML test OK') == -1 or
|
||||||
|
defaultssl.stderr.find('X-ansible-default') == -1
|
||||||
|
- name: -- VERIFY NOT DEFAULT VHOST --
|
||||||
|
command: "curl -v -H 'Host: test-php.local' http://127.0.0.1/"
|
||||||
|
changed_when: false
|
||||||
|
register: vphp
|
||||||
|
failed_when: vphp.stderr.find('X-ansible-default') != -1
|
||||||
|
- name: -- VERIFY NOT DEFAULT SSL VHOST --
|
||||||
|
command: "curl --insecure -v -H 'Host: test-ssl.local' https://127.0.0.1/"
|
||||||
|
changed_when: false
|
||||||
|
register: notdefaultssl
|
||||||
|
failed_when: notdefaultssl.stderr.find('X-ansible-default') != -1
|
||||||
|
|
Loading…
Reference in New Issue