diff --git a/.travis.yml b/.travis.yml index dbfa7e3..fc18151 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,12 +1,6 @@ env: - - PLATFORM='docker-debian-jessie' ANSIBLE_VERSION='ansible>=2.6,<2.7' - - PLATFORM='docker-debian-jessie-backports' ANSIBLE_VERSION='ansible>=2.6,<2.7' - - PLATFORM='docker-debian-jessie-dotdeb' ANSIBLE_VERSION='ansible>=2.6,<2.7' - PLATFORM='docker-debian-stretch' ANSIBLE_VERSION='ansible>=2.6,<2.7' - PLATFORM='docker-debian-stretch-sury' ANSIBLE_VERSION='ansible>=2.6,<2.7' - - PLATFORM='docker-debian-jessie' ANSIBLE_VERSION='ansible>=2.7,<2.8' - - PLATFORM='docker-debian-jessie-backports' ANSIBLE_VERSION='ansible>=2.7,<2.8' - - PLATFORM='docker-debian-jessie-dotdeb' ANSIBLE_VERSION='ansible>=2.7,<2.8' - PLATFORM='docker-debian-stretch' ANSIBLE_VERSION='ansible>=2.7,<2.8' - PLATFORM='docker-debian-stretch-sury' ANSIBLE_VERSION='ansible>=2.7,<2.8' diff --git a/README.md b/README.md index c9a4bef..355cb4c 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,7 @@ Supported OS: | OS | Working | Stable (active support) | | ------------------ | ------- | ----------------------- | -| Debian Jessie (8) | Yes | Yes | +| Debian Jessie (8) | Yes | Check latest supported version ([1.5.0](https://github.com/HanXHX/ansible-nginx/releases/tag/1.5.0)) | | Debian Stretch (9) | Yes | Yes | | FreeBSD 11 | Yes | No | | FreeBSD 12 | Yes | No | @@ -30,7 +30,7 @@ Supported OS: Requirements ------------ -Ansible 2.5+. If you set true to `nginx_backports`, you must install backports repository before lauching this role. +Ansible 2.6+. If you set true to `nginx_backports`, you must install backports repository before lauching this role. Role Variables -------------- diff --git a/Vagrantfile b/Vagrantfile index 434d24e..b1fa6f1 100644 --- a/Vagrantfile +++ b/Vagrantfile @@ -6,9 +6,6 @@ Vagrant.configure("2") do |config| vms_debian = [ - { :name => "debian-jessie", :box => "debian/jessie64", :vars => { "nginx_php": [{"version": "5.6"}] }}, - { :name => "debian-jessie-backports", :box => "debian/jessie64", :vars => { "nginx_php": [{"version": "5.6"}], "nginx_backports": true }}, - { :name => "debian-jessie-dotdeb", :box => "debian/jessie64", :vars => { "nginx_php": [{"version": "7.0"}, {"version": "5.6", "upstream_name": "legacy"} ], "dotdeb": true }}, { :name => "debian-stretch", :box => "debian/stretch64", :vars => { "nginx_php": [{"version": "7.0"}] }}, { :name => "debian-stretch-sury", :box => "debian/stretch64", :vars => { "nginx_php": [{"version": "7.1"}], "sury": true }} ] @@ -19,9 +16,6 @@ Vagrant.configure("2") do |config| ] conts = [ - { :name => "docker-debian-jessie", :docker => "hanxhx/vagrant-ansible:debian8", :vars => { "nginx_php" => [{"version" => "5.6"}] }}, - { :name => "docker-debian-jessie-backports", :docker => "hanxhx/vagrant-ansible:debian8", :vars => { "nginx_php": [{"version": "5.6"}], "nginx_backports": true }}, - { :name => "docker-debian-jessie-dotdeb", :docker => "hanxhx/vagrant-ansible:debian8", :vars => { "nginx_php": [{"version": "7.0"}, {"version": "5.6", "upstream_name": "legacy"} ], "dotdeb": true }}, { :name => "docker-debian-stretch", :docker => "hanxhx/vagrant-ansible:debian9", :vars => { "nginx_php": [{"version": "7.0"}] }}, { :name => "docker-debian-stretch-sury", :docker => "hanxhx/vagrant-ansible:debian9", :vars => { "nginx_php": [{"version": "7.1"}], "sury": true }} ] diff --git a/doc/site.md b/doc/site.md index 029ca18..53a4be0 100644 --- a/doc/site.md +++ b/doc/site.md @@ -39,7 +39,7 @@ Templates --------- - `_base`: static template -- `_backuppc`: access to [BackupPC](http://backuppc.sourceforge.net/) (be careful: you need to install [fcgiwrap](https://packages.debian.org/jessie/fcgiwrap)) +- `_backuppc`: access to [BackupPC](http://backuppc.sourceforge.net/) (be careful: you need to install [fcgiwrap](https://packages.debian.org/stretch/fcgiwrap)) - `_dokuwiki` - `_redirect`: should not be called explicitly - `_phalcon`: Phalcon PHP Framework diff --git a/doc/upstream.md b/doc/upstream.md index 1da2410..49f0e2f 100644 --- a/doc/upstream.md +++ b/doc/upstream.md @@ -3,8 +3,6 @@ Upstream management `nginx_upstreams`: List of dict. An upstream has few keys. See bellow. -Note: Few params are unavailable on old Nginx version. But this role do _not_ put it if your version is too old! - Upstream params --------------- diff --git a/meta/main.yml b/meta/main.yml index 9f59d37..26ab819 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -8,7 +8,6 @@ galaxy_info: platforms: - name: Debian versions: - - jessie - stretch - name: FreeBSD versions: diff --git a/tasks/install_Debian.yml b/tasks/install_Debian.yml index 84ecf00..e632a6a 100644 --- a/tasks/install_Debian.yml +++ b/tasks/install_Debian.yml @@ -23,9 +23,6 @@ apt: pkg: "{{ nginx_module_packages }}" state: present - when: - ansible_distribution_major_version is version('9', 'ge') or - nginx_backports - name: APT | Install python-passlib apt: diff --git a/templates/etc/nginx/helper/ssl-legacy.j2 b/templates/etc/nginx/helper/ssl-legacy.j2 index 5c324ad..0fd1245 100644 --- a/templates/etc/nginx/helper/ssl-legacy.j2 +++ b/templates/etc/nginx/helper/ssl-legacy.j2 @@ -9,7 +9,7 @@ ssl_session_cache shared:SSL:10m; ssl_session_tickets off; ssl_stapling on; ssl_stapling_verify on; -add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"{% if nginx_version.stdout is version('1.7.5', 'ge') %} always{% endif %}; +add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always; resolver {{ nginx_resolver_hosts | join(' ') }} valid={{ nginx_resolver_valid }}; resolver_timeout {{ nginx_resolver_timeout }}; ssl_dhparam {{ nginx_dh_path }}; diff --git a/templates/etc/nginx/helper/ssl-strong.j2 b/templates/etc/nginx/helper/ssl-strong.j2 index 13fc97b..fe9340a 100644 --- a/templates/etc/nginx/helper/ssl-strong.j2 +++ b/templates/etc/nginx/helper/ssl-strong.j2 @@ -11,7 +11,7 @@ ssl_session_cache shared:SSL:10m; ssl_session_tickets off; ssl_stapling on; ssl_stapling_verify on; -add_header Strict-Transport-Security "max-age=63072000; includeSubDomains"{% if nginx_version.stdout is version('1.7.5', 'ge') %} always{% endif %}; +add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always; resolver {{ nginx_resolver_hosts | join(' ') }} valid={{ nginx_resolver_valid }}; resolver_timeout {{ nginx_resolver_timeout }}; ssl_dhparam {{ nginx_dh_path }}; diff --git a/templates/etc/nginx/nginx.conf.j2 b/templates/etc/nginx/nginx.conf.j2 index 6e558a4..23f5ac6 100644 --- a/templates/etc/nginx/nginx.conf.j2 +++ b/templates/etc/nginx/nginx.conf.j2 @@ -5,9 +5,7 @@ user {{ nginx_user }}; worker_processes {{ nginx_worker_processes }}; pid {{ nginx_pid }}; -{% if nginx_version.stdout is version('1.9.11', 'ge') %} include {{ nginx_etc_dir }}/modules-enabled/*.conf; -{% endif %} events { worker_connections {{ nginx_events_worker_connections }}; diff --git a/templates/etc/nginx/sites-available/_base.j2 b/templates/etc/nginx/sites-available/_base.j2 index 12f8933..6cac863 100644 --- a/templates/etc/nginx/sites-available/_base.j2 +++ b/templates/etc/nginx/sites-available/_base.j2 @@ -83,7 +83,7 @@ server { {% block template_headers %} # --> Custom headers {% for key, value in __headers.iteritems() %} - add_header {{ key }} "{{ value | replace(' always', '') }}"{% if nginx_version.stdout is version('1.7.5', 'ge') and ' always' in value %} always{% endif %}; + add_header {{ key }} "{{ value }}"; {% endfor %} # <-- Custom headers {% endblock %} diff --git a/tests/includes/pre_Debian.yml b/tests/includes/pre_Debian.yml index f50a922..20ef815 100644 --- a/tests/includes/pre_Debian.yml +++ b/tests/includes/pre_Debian.yml @@ -6,25 +6,6 @@ state: present when: nginx_backports -- block: - - - name: APT | Install DotDeb key - apt_key: - url: 'http://www.dotdeb.org/dotdeb.gpg' - state: present - - - name: APT_REPOSITORY | Install dotdeb (PHP 7) - apt_repository: - repo: 'deb http://packages.dotdeb.org {{ ansible_distribution_release }} all' - state: present - - - name: LINEFILEFILE | Dotdeb priority (prevent install nginx from dotdeb) - copy: - content: "Package: *\nPin: release o=packages.dotdeb.org\nPin-Priority: 100" - dest: /etc/apt/preferences - - when: ansible_distribution_release == 'jessie' and dotdeb | default(false) - - block: - name: APT | Install apt-transport-https