Improve syntax readability
parent
acf8de8f87
commit
6935404939
|
@ -1,29 +1,29 @@
|
|||
---
|
||||
|
||||
- name: TEMPLATE | Deploy nginx.conf
|
||||
template: >
|
||||
src=etc/nginx/nginx.conf.j2
|
||||
dest="{{ nginx_etc_dir }}/nginx.conf"
|
||||
template:
|
||||
src: "etc/nginx/nginx.conf.j2"
|
||||
dest: "{{ nginx_etc_dir }}/nginx.conf"
|
||||
notify: reload nginx
|
||||
|
||||
- name: TEMPLATE | Deploy all helpers
|
||||
template: >
|
||||
src={{ item }}
|
||||
dest={{ nginx_helper_dir }}/{{ item | basename | regex_replace('\.j2$','') }}
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ nginx_helper_dir }}/{{ item | basename | regex_replace('.j2$','') }}"
|
||||
with_fileglob: '../templates/etc/nginx/helper/*.j2'
|
||||
notify: reload nginx
|
||||
|
||||
- name: TEMPLATE | Deploy custom http configuration
|
||||
template: >
|
||||
src=etc/nginx/conf.d/custom.conf.j2
|
||||
dest="{{ nginx_etc_dir }}/conf.d/custom.conf"
|
||||
template:
|
||||
src: "etc/nginx/conf.d/custom.conf.j2"
|
||||
dest: "{{ nginx_etc_dir }}/conf.d/custom.conf"
|
||||
notify: reload nginx
|
||||
|
||||
- name: LINEINFILE | Fix path
|
||||
lineinfile: >
|
||||
regexp='{{ item.0.regexp }}'
|
||||
line='{{ item.0.line }}'
|
||||
dest='{{ item.1 }}'
|
||||
lineinfile:
|
||||
regexp: '{{ item.0.regexp }}'
|
||||
line: '{{ item.0.line }}'
|
||||
dest: '{{ item.1 }}'
|
||||
with_nested:
|
||||
-
|
||||
- regexp: '^fastcgi_param SCRIPT_FILENAME'
|
||||
|
|
|
@ -1,19 +1,19 @@
|
|||
---
|
||||
|
||||
- name: FILE | Delete htpasswd file
|
||||
file: >
|
||||
path={{ nginx_htpasswd_dir }}/{{ item.name }}
|
||||
state=absent
|
||||
file:
|
||||
path: "{{ nginx_htpasswd_dir }}/{{ item.name }}"
|
||||
state: absent
|
||||
with_items: "{{ nginx_htpasswd }}"
|
||||
when: item.state is defined and item.state == 'absent'
|
||||
no_log: true
|
||||
|
||||
- name: HTPASSWD | Manage files
|
||||
htpasswd: >
|
||||
name={{ item.1.name }}
|
||||
password={{ item.1.password }}
|
||||
state={{ item.1.state | default('present') }}
|
||||
path={{ nginx_htpasswd_dir }}/{{ item.0.name }}
|
||||
htpasswd:
|
||||
name: "{{ item.1.name }}"
|
||||
password: "{{ item.1.password }}"
|
||||
state: "{{ item.1.state | default('present') }}"
|
||||
path: "{{ nginx_htpasswd_dir }}/{{ item.0.name }}"
|
||||
with_subelements:
|
||||
- "{{ nginx_htpasswd }}"
|
||||
- users
|
||||
|
|
|
@ -9,23 +9,25 @@
|
|||
nginx_htpasswd | length > 0
|
||||
|
||||
- name: APT | Update cache
|
||||
apt: >
|
||||
update_cache=yes
|
||||
cache_valid_time=3600
|
||||
apt:
|
||||
update_cache: yes
|
||||
cache_valid_time: 3600
|
||||
changed_when: false
|
||||
|
||||
- name: APT | Force OpenSSL from backports (fix dependency break)
|
||||
apt: >
|
||||
pkg=openssl
|
||||
state=latest
|
||||
default_release={{ ansible_distribution_release + '-backports' }}
|
||||
apt:
|
||||
pkg: openssl
|
||||
state: latest
|
||||
default_release: "{{ ansible_distribution_release + '-backports' }}"
|
||||
when: nginx_backports
|
||||
|
||||
- name: APT | Install nginx and dependencies
|
||||
apt: >
|
||||
pkg={{ nginx_apt_package }}
|
||||
state=present
|
||||
default_release={{ ansible_distribution_release + '-backports' if nginx_backports else ansible_distribution_release }}
|
||||
apt:
|
||||
pkg: "{{ nginx_apt_package }}"
|
||||
state: present
|
||||
default_release: "{{ ansible_distribution_release + '-backports' if nginx_backports else ansible_distribution_release }}"
|
||||
|
||||
- name: APT | Install python-passlib
|
||||
apt: pkg=python-passlib state=present
|
||||
apt:
|
||||
pkg: python-passlib
|
||||
state: present
|
||||
|
|
|
@ -36,8 +36,14 @@
|
|||
nginx_modules: "{{ shell_modules.stdout_lines }}"
|
||||
|
||||
- name: FILE | Create folders
|
||||
file: dest="{{ item.dir }}" owner="{{ item.owner }}" mode="{{ item.mode }}" state=directory
|
||||
file:
|
||||
dest: "{{ item.dir }}"
|
||||
owner: "{{ item.owner }}"
|
||||
mode: "{{ item.mode }}"
|
||||
state: directory
|
||||
with_items: "{{ nginx_dirs }}"
|
||||
|
||||
- name: FILE | Create ansible facts dir
|
||||
file: path=/etc/ansible/facts.d state=directory
|
||||
file:
|
||||
path: /etc/ansible/facts.d
|
||||
state: directory
|
||||
|
|
|
@ -1,29 +1,31 @@
|
|||
---
|
||||
|
||||
- name: FAIL | Check filenames
|
||||
fail: msg="Forbidden keyword default on site {{ item.name if item.name is string else item.name[0] }}"
|
||||
fail:
|
||||
msg: "Forbidden keyword default on site {{ item.name if item.name is string else item.name[0] }}"
|
||||
when: item.filename is defined and item.filename == 'default'
|
||||
with_items: "{{ nginx_sites }}"
|
||||
|
||||
- name: FAIL | Check HTTPS redir and proto
|
||||
fail: msg="You can't have HTTP proto and HTTPS redirection at the same time"
|
||||
when: >
|
||||
fail:
|
||||
msg: "You can't have HTTP proto and HTTPS redirection at the same time"
|
||||
when:
|
||||
((item.proto is defined and 'http' in item.proto) or (item.proto is not defined)) and
|
||||
(item.redirect_http is defined and item.redirect_http)
|
||||
with_items: "{{ nginx_sites }}"
|
||||
|
||||
- name: FILE | Create root directory
|
||||
file: >
|
||||
path={{ nginx_root }}
|
||||
state=directory
|
||||
file:
|
||||
path: "{{ nginx_root }}"
|
||||
state: directory
|
||||
|
||||
- name: FILE | Create root public folders (foreach nginx_sites)
|
||||
file: >
|
||||
path={{ nginx_root }}/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}/public
|
||||
state=directory
|
||||
owner={{ item.owner | default(nginx_user) }}
|
||||
group={{ item.group | default(nginx_user) }}
|
||||
mode={{ item.mode | default('0755') }}
|
||||
file:
|
||||
path: "{{ nginx_root }}/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}/public"
|
||||
state: directory
|
||||
owner: "{{ item.owner | default(nginx_user) }}"
|
||||
group: "{{ item.group | default(nginx_user) }}"
|
||||
mode: "{{ item.mode | default('0755') }}"
|
||||
with_items: "{{ nginx_sites }}"
|
||||
when: >
|
||||
item.root is not defined and
|
||||
|
@ -32,15 +34,17 @@
|
|||
item.redirect_to is not defined
|
||||
|
||||
- name: TEMPLATE | Create sites
|
||||
template: >
|
||||
src=etc/nginx/sites-available/{{ item.template if item.redirect_to is not defined else '_redirect' }}.j2
|
||||
dest={{ nginx_etc_dir }}/sites-available/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}
|
||||
template:
|
||||
src: "etc/nginx/sites-available/{{ item.template if item.redirect_to is not defined else '_redirect' }}.j2"
|
||||
dest: "{{ nginx_etc_dir }}/sites-available/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}"
|
||||
with_items: "{{ nginx_sites }}"
|
||||
notify: ['reload nginx', 'restart nginx freebsd']
|
||||
when: item.state is not defined or item.state != 'absent'
|
||||
|
||||
- name: FILE | Delete sites
|
||||
file: path={{ nginx_etc_dir }}/{{ item.1 }}/{{ item.0.filename | default(item.0.name if item.0.name is string else item.0.name[0]) }} state=absent
|
||||
file:
|
||||
path: "{{ nginx_etc_dir }}/{{ item.1 }}/{{ item.0.filename | default(item.0.name if item.0.name is string else item.0.name[0]) }}"
|
||||
state: absent
|
||||
with_nested:
|
||||
- "{{ nginx_sites }}"
|
||||
- ['sites-available', 'sites-enabled']
|
||||
|
@ -48,41 +52,43 @@
|
|||
when: item.state is defined and item.state == 'absent'
|
||||
|
||||
- name: FILE | Enable sites
|
||||
file: >
|
||||
src={{ nginx_etc_dir }}/sites-available/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}
|
||||
dest={{ nginx_etc_dir }}/sites-enabled/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}
|
||||
state=link
|
||||
file:
|
||||
src: "{{ nginx_etc_dir }}/sites-available/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}"
|
||||
dest: "{{ nginx_etc_dir }}/sites-enabled/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}"
|
||||
state: link
|
||||
with_items: "{{ nginx_sites }}"
|
||||
notify: ['reload nginx', 'restart nginx freebsd']
|
||||
when: >
|
||||
item.state is not defined or item.state == 'present'
|
||||
|
||||
- name: FILE | Disable sites
|
||||
file: path={{ nginx_etc_dir}}/sites-enabled/{{ item.filename | default(item.name if item.name is string else item.name[0]) }} state=absent
|
||||
file:
|
||||
path: "{{ nginx_etc_dir}}/sites-enabled/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}"
|
||||
state: absent
|
||||
with_items: "{{ nginx_sites }}"
|
||||
notify: ['reload nginx', 'restart nginx freebsd']
|
||||
when: item.state is defined and item.state == 'disabled'
|
||||
|
||||
- name: FILE | Delete default site when explicitely defined
|
||||
file: >
|
||||
path={{ nginx_etc_dir }}/sites-enabled/default
|
||||
state=absent
|
||||
file:
|
||||
path: "{{ nginx_etc_dir }}/sites-enabled/default"
|
||||
state: absent
|
||||
notify: ['reload nginx', 'restart nginx freebsd']
|
||||
when: nginx_default_site is not none
|
||||
|
||||
- name: FILE | Auto set default site
|
||||
file: >
|
||||
src={{ nginx_etc_dir }}/sites-available/default
|
||||
dest={{ nginx_etc_dir }}/sites-enabled/default
|
||||
state=link
|
||||
file:
|
||||
src: "{{ nginx_etc_dir }}/sites-available/default"
|
||||
dest: "{{ nginx_etc_dir }}/sites-enabled/default"
|
||||
state: link
|
||||
notify: ['reload nginx', 'restart nginx freebsd']
|
||||
when: nginx_default_site is none
|
||||
|
||||
- name: TEMPLATE | Deploy facts
|
||||
template:
|
||||
src=etc/ansible/facts.d/nginx.fact.j2
|
||||
dest=/etc/ansible/facts.d/nginx.fact
|
||||
mode=0644
|
||||
src: etc/ansible/facts.d/nginx.fact.j2
|
||||
dest: /etc/ansible/facts.d/nginx.fact
|
||||
mode: 0644
|
||||
register: fact
|
||||
|
||||
- name: SETUP
|
||||
|
|
|
@ -10,42 +10,43 @@
|
|||
register: dh
|
||||
|
||||
- name: COPY | Deploy DH file from vars
|
||||
copy: >
|
||||
content="{{ nginx_dh }}"
|
||||
dest="{{ nginx_dh_path }}"
|
||||
copy:
|
||||
content: "{{ nginx_dh }}"
|
||||
dest: "{{ nginx_dh_path }}"
|
||||
when: nginx_dh is string
|
||||
notify: reload nginx
|
||||
|
||||
- name: FILE | Create SSL directories
|
||||
file: >
|
||||
path="{{ nginx_ssl_dir + '/' + item.name }}"
|
||||
state=directory
|
||||
file:
|
||||
path: "{{ nginx_ssl_dir + '/' + item.name }}"
|
||||
state: directory
|
||||
with_items: "{{ nginx_ssl_pairs }}"
|
||||
when: item.dest_key is not defined or item.dest_cert is not defined
|
||||
no_log: true
|
||||
|
||||
- name: COPY | Deploy SSL keys
|
||||
copy: >
|
||||
content="{{ item.key }}"
|
||||
dest="{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.key' if item.dest_key is not defined else item.dest_key }}"
|
||||
mode=0640
|
||||
copy:
|
||||
content: "{{ item.key }}"
|
||||
dest: "{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.key' if item.dest_key is not defined else item.dest_key }}"
|
||||
mode: 0640
|
||||
with_items: "{{ nginx_ssl_pairs }}"
|
||||
when: item.key is defined
|
||||
notify: reload nginx
|
||||
no_log: true
|
||||
|
||||
- name: COPY | Deploy SSL certs
|
||||
copy: >
|
||||
content="{{ item.cert }}"
|
||||
dest="{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.crt' if item.dest_cert is not defined else item.dest_cert }}"
|
||||
mode=0644
|
||||
copy:
|
||||
content: "{{ item.cert }}"
|
||||
dest: "{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.crt' if item.dest_cert is not defined else item.dest_cert }}"
|
||||
mode: 0644
|
||||
with_items: "{{ nginx_ssl_pairs }}"
|
||||
when: item.cert is defined
|
||||
notify: reload nginx
|
||||
no_log: true
|
||||
|
||||
- name: Check DH command status
|
||||
async_status: jid={{ dh.ansible_job_id }}
|
||||
async_status:
|
||||
jid: "{{ dh.ansible_job_id }}"
|
||||
register: job_result
|
||||
until: job_result.finished
|
||||
retries: 30
|
||||
|
|
|
@ -1,29 +1,29 @@
|
|||
---
|
||||
|
||||
- name: SET_FACT | Backward compatibility with old version of this role
|
||||
set_fact: >
|
||||
set_fact:
|
||||
nginx_php56: true
|
||||
when: nginx_php is defined and nginx_php
|
||||
|
||||
- name: TEMPLATE | Deploy PHP upstream to Nginx
|
||||
template: >
|
||||
src=etc/nginx/upstream/php.conf.j2
|
||||
dest="{{ nginx_etc_dir }}/conf.d/php.conf"
|
||||
template:
|
||||
src: "etc/nginx/upstream/php.conf.j2"
|
||||
dest: "{{ nginx_etc_dir }}/conf.d/php.conf"
|
||||
when: nginx_php56 or nginx_php70
|
||||
notify: reload nginx
|
||||
|
||||
- name: TEMPLATE | Deploy other upstreams
|
||||
template: >
|
||||
src=etc/nginx/upstream/upstream.conf.j2
|
||||
dest={{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf
|
||||
template:
|
||||
src: "etc/nginx/upstream/upstream.conf.j2"
|
||||
dest: "{{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf"
|
||||
with_items: "{{ nginx_upstreams }}"
|
||||
when: item.state is not defined or item.state == 'present'
|
||||
notify: reload nginx
|
||||
|
||||
- name: FILE | Delete other upstreams
|
||||
file: >
|
||||
path={{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf
|
||||
state=absent
|
||||
file:
|
||||
path: "{{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf"
|
||||
state: absent
|
||||
with_items: "{{ nginx_upstreams }}"
|
||||
when: item.state is defined and item.state == 'absent'
|
||||
notify: reload nginx
|
||||
|
|
Loading…
Reference in New Issue