Improve syntax readability

pull/35/head
Emilien Mantel 2017-07-27 12:21:10 +02:00
parent acf8de8f87
commit 6935404939
7 changed files with 106 additions and 91 deletions

View File

@ -1,29 +1,29 @@
---
- name: TEMPLATE | Deploy nginx.conf
template: >
src=etc/nginx/nginx.conf.j2
dest="{{ nginx_etc_dir }}/nginx.conf"
template:
src: "etc/nginx/nginx.conf.j2"
dest: "{{ nginx_etc_dir }}/nginx.conf"
notify: reload nginx
- name: TEMPLATE | Deploy all helpers
template: >
src={{ item }}
dest={{ nginx_helper_dir }}/{{ item | basename | regex_replace('\.j2$','') }}
template:
src: "{{ item }}"
dest: "{{ nginx_helper_dir }}/{{ item | basename | regex_replace('.j2$','') }}"
with_fileglob: '../templates/etc/nginx/helper/*.j2'
notify: reload nginx
- name: TEMPLATE | Deploy custom http configuration
template: >
src=etc/nginx/conf.d/custom.conf.j2
dest="{{ nginx_etc_dir }}/conf.d/custom.conf"
template:
src: "etc/nginx/conf.d/custom.conf.j2"
dest: "{{ nginx_etc_dir }}/conf.d/custom.conf"
notify: reload nginx
- name: LINEINFILE | Fix path
lineinfile: >
regexp='{{ item.0.regexp }}'
line='{{ item.0.line }}'
dest='{{ item.1 }}'
lineinfile:
regexp: '{{ item.0.regexp }}'
line: '{{ item.0.line }}'
dest: '{{ item.1 }}'
with_nested:
-
- regexp: '^fastcgi_param SCRIPT_FILENAME'

View File

@ -1,19 +1,19 @@
---
- name: FILE | Delete htpasswd file
file: >
path={{ nginx_htpasswd_dir }}/{{ item.name }}
state=absent
file:
path: "{{ nginx_htpasswd_dir }}/{{ item.name }}"
state: absent
with_items: "{{ nginx_htpasswd }}"
when: item.state is defined and item.state == 'absent'
no_log: true
- name: HTPASSWD | Manage files
htpasswd: >
name={{ item.1.name }}
password={{ item.1.password }}
state={{ item.1.state | default('present') }}
path={{ nginx_htpasswd_dir }}/{{ item.0.name }}
htpasswd:
name: "{{ item.1.name }}"
password: "{{ item.1.password }}"
state: "{{ item.1.state | default('present') }}"
path: "{{ nginx_htpasswd_dir }}/{{ item.0.name }}"
with_subelements:
- "{{ nginx_htpasswd }}"
- users

View File

@ -9,23 +9,25 @@
nginx_htpasswd | length > 0
- name: APT | Update cache
apt: >
update_cache=yes
cache_valid_time=3600
apt:
update_cache: yes
cache_valid_time: 3600
changed_when: false
- name: APT | Force OpenSSL from backports (fix dependency break)
apt: >
pkg=openssl
state=latest
default_release={{ ansible_distribution_release + '-backports' }}
apt:
pkg: openssl
state: latest
default_release: "{{ ansible_distribution_release + '-backports' }}"
when: nginx_backports
- name: APT | Install nginx and dependencies
apt: >
pkg={{ nginx_apt_package }}
state=present
default_release={{ ansible_distribution_release + '-backports' if nginx_backports else ansible_distribution_release }}
apt:
pkg: "{{ nginx_apt_package }}"
state: present
default_release: "{{ ansible_distribution_release + '-backports' if nginx_backports else ansible_distribution_release }}"
- name: APT | Install python-passlib
apt: pkg=python-passlib state=present
apt:
pkg: python-passlib
state: present

View File

@ -36,8 +36,14 @@
nginx_modules: "{{ shell_modules.stdout_lines }}"
- name: FILE | Create folders
file: dest="{{ item.dir }}" owner="{{ item.owner }}" mode="{{ item.mode }}" state=directory
file:
dest: "{{ item.dir }}"
owner: "{{ item.owner }}"
mode: "{{ item.mode }}"
state: directory
with_items: "{{ nginx_dirs }}"
- name: FILE | Create ansible facts dir
file: path=/etc/ansible/facts.d state=directory
file:
path: /etc/ansible/facts.d
state: directory

View File

@ -1,29 +1,31 @@
---
- name: FAIL | Check filenames
fail: msg="Forbidden keyword default on site {{ item.name if item.name is string else item.name[0] }}"
fail:
msg: "Forbidden keyword default on site {{ item.name if item.name is string else item.name[0] }}"
when: item.filename is defined and item.filename == 'default'
with_items: "{{ nginx_sites }}"
- name: FAIL | Check HTTPS redir and proto
fail: msg="You can't have HTTP proto and HTTPS redirection at the same time"
when: >
fail:
msg: "You can't have HTTP proto and HTTPS redirection at the same time"
when:
((item.proto is defined and 'http' in item.proto) or (item.proto is not defined)) and
(item.redirect_http is defined and item.redirect_http)
with_items: "{{ nginx_sites }}"
- name: FILE | Create root directory
file: >
path={{ nginx_root }}
state=directory
file:
path: "{{ nginx_root }}"
state: directory
- name: FILE | Create root public folders (foreach nginx_sites)
file: >
path={{ nginx_root }}/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}/public
state=directory
owner={{ item.owner | default(nginx_user) }}
group={{ item.group | default(nginx_user) }}
mode={{ item.mode | default('0755') }}
file:
path: "{{ nginx_root }}/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}/public"
state: directory
owner: "{{ item.owner | default(nginx_user) }}"
group: "{{ item.group | default(nginx_user) }}"
mode: "{{ item.mode | default('0755') }}"
with_items: "{{ nginx_sites }}"
when: >
item.root is not defined and
@ -32,15 +34,17 @@
item.redirect_to is not defined
- name: TEMPLATE | Create sites
template: >
src=etc/nginx/sites-available/{{ item.template if item.redirect_to is not defined else '_redirect' }}.j2
dest={{ nginx_etc_dir }}/sites-available/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}
template:
src: "etc/nginx/sites-available/{{ item.template if item.redirect_to is not defined else '_redirect' }}.j2"
dest: "{{ nginx_etc_dir }}/sites-available/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}"
with_items: "{{ nginx_sites }}"
notify: ['reload nginx', 'restart nginx freebsd']
when: item.state is not defined or item.state != 'absent'
- name: FILE | Delete sites
file: path={{ nginx_etc_dir }}/{{ item.1 }}/{{ item.0.filename | default(item.0.name if item.0.name is string else item.0.name[0]) }} state=absent
file:
path: "{{ nginx_etc_dir }}/{{ item.1 }}/{{ item.0.filename | default(item.0.name if item.0.name is string else item.0.name[0]) }}"
state: absent
with_nested:
- "{{ nginx_sites }}"
- ['sites-available', 'sites-enabled']
@ -48,41 +52,43 @@
when: item.state is defined and item.state == 'absent'
- name: FILE | Enable sites
file: >
src={{ nginx_etc_dir }}/sites-available/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}
dest={{ nginx_etc_dir }}/sites-enabled/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}
state=link
file:
src: "{{ nginx_etc_dir }}/sites-available/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}"
dest: "{{ nginx_etc_dir }}/sites-enabled/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}"
state: link
with_items: "{{ nginx_sites }}"
notify: ['reload nginx', 'restart nginx freebsd']
when: >
item.state is not defined or item.state == 'present'
- name: FILE | Disable sites
file: path={{ nginx_etc_dir}}/sites-enabled/{{ item.filename | default(item.name if item.name is string else item.name[0]) }} state=absent
file:
path: "{{ nginx_etc_dir}}/sites-enabled/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}"
state: absent
with_items: "{{ nginx_sites }}"
notify: ['reload nginx', 'restart nginx freebsd']
when: item.state is defined and item.state == 'disabled'
- name: FILE | Delete default site when explicitely defined
file: >
path={{ nginx_etc_dir }}/sites-enabled/default
state=absent
file:
path: "{{ nginx_etc_dir }}/sites-enabled/default"
state: absent
notify: ['reload nginx', 'restart nginx freebsd']
when: nginx_default_site is not none
- name: FILE | Auto set default site
file: >
src={{ nginx_etc_dir }}/sites-available/default
dest={{ nginx_etc_dir }}/sites-enabled/default
state=link
file:
src: "{{ nginx_etc_dir }}/sites-available/default"
dest: "{{ nginx_etc_dir }}/sites-enabled/default"
state: link
notify: ['reload nginx', 'restart nginx freebsd']
when: nginx_default_site is none
- name: TEMPLATE | Deploy facts
template:
src=etc/ansible/facts.d/nginx.fact.j2
dest=/etc/ansible/facts.d/nginx.fact
mode=0644
src: etc/ansible/facts.d/nginx.fact.j2
dest: /etc/ansible/facts.d/nginx.fact
mode: 0644
register: fact
- name: SETUP

View File

@ -10,42 +10,43 @@
register: dh
- name: COPY | Deploy DH file from vars
copy: >
content="{{ nginx_dh }}"
dest="{{ nginx_dh_path }}"
copy:
content: "{{ nginx_dh }}"
dest: "{{ nginx_dh_path }}"
when: nginx_dh is string
notify: reload nginx
- name: FILE | Create SSL directories
file: >
path="{{ nginx_ssl_dir + '/' + item.name }}"
state=directory
file:
path: "{{ nginx_ssl_dir + '/' + item.name }}"
state: directory
with_items: "{{ nginx_ssl_pairs }}"
when: item.dest_key is not defined or item.dest_cert is not defined
no_log: true
- name: COPY | Deploy SSL keys
copy: >
content="{{ item.key }}"
dest="{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.key' if item.dest_key is not defined else item.dest_key }}"
mode=0640
copy:
content: "{{ item.key }}"
dest: "{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.key' if item.dest_key is not defined else item.dest_key }}"
mode: 0640
with_items: "{{ nginx_ssl_pairs }}"
when: item.key is defined
notify: reload nginx
no_log: true
- name: COPY | Deploy SSL certs
copy: >
content="{{ item.cert }}"
dest="{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.crt' if item.dest_cert is not defined else item.dest_cert }}"
mode=0644
copy:
content: "{{ item.cert }}"
dest: "{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.crt' if item.dest_cert is not defined else item.dest_cert }}"
mode: 0644
with_items: "{{ nginx_ssl_pairs }}"
when: item.cert is defined
notify: reload nginx
no_log: true
- name: Check DH command status
async_status: jid={{ dh.ansible_job_id }}
async_status:
jid: "{{ dh.ansible_job_id }}"
register: job_result
until: job_result.finished
retries: 30

View File

@ -1,29 +1,29 @@
---
- name: SET_FACT | Backward compatibility with old version of this role
set_fact: >
set_fact:
nginx_php56: true
when: nginx_php is defined and nginx_php
- name: TEMPLATE | Deploy PHP upstream to Nginx
template: >
src=etc/nginx/upstream/php.conf.j2
dest="{{ nginx_etc_dir }}/conf.d/php.conf"
template:
src: "etc/nginx/upstream/php.conf.j2"
dest: "{{ nginx_etc_dir }}/conf.d/php.conf"
when: nginx_php56 or nginx_php70
notify: reload nginx
- name: TEMPLATE | Deploy other upstreams
template: >
src=etc/nginx/upstream/upstream.conf.j2
dest={{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf
template:
src: "etc/nginx/upstream/upstream.conf.j2"
dest: "{{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf"
with_items: "{{ nginx_upstreams }}"
when: item.state is not defined or item.state == 'present'
notify: reload nginx
- name: FILE | Delete other upstreams
file: >
path={{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf
state=absent
file:
path: "{{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf"
state: absent
with_items: "{{ nginx_upstreams }}"
when: item.state is defined and item.state == 'absent'
notify: reload nginx