diff --git a/tasks/config.yml b/tasks/config.yml index 34f5b51..24cb01d 100644 --- a/tasks/config.yml +++ b/tasks/config.yml @@ -1,29 +1,29 @@ --- - name: TEMPLATE | Deploy nginx.conf - template: > - src=etc/nginx/nginx.conf.j2 - dest="{{ nginx_etc_dir }}/nginx.conf" + template: + src: "etc/nginx/nginx.conf.j2" + dest: "{{ nginx_etc_dir }}/nginx.conf" notify: reload nginx - name: TEMPLATE | Deploy all helpers - template: > - src={{ item }} - dest={{ nginx_helper_dir }}/{{ item | basename | regex_replace('\.j2$','') }} + template: + src: "{{ item }}" + dest: "{{ nginx_helper_dir }}/{{ item | basename | regex_replace('.j2$','') }}" with_fileglob: '../templates/etc/nginx/helper/*.j2' notify: reload nginx - name: TEMPLATE | Deploy custom http configuration - template: > - src=etc/nginx/conf.d/custom.conf.j2 - dest="{{ nginx_etc_dir }}/conf.d/custom.conf" + template: + src: "etc/nginx/conf.d/custom.conf.j2" + dest: "{{ nginx_etc_dir }}/conf.d/custom.conf" notify: reload nginx - name: LINEINFILE | Fix path - lineinfile: > - regexp='{{ item.0.regexp }}' - line='{{ item.0.line }}' - dest='{{ item.1 }}' + lineinfile: + regexp: '{{ item.0.regexp }}' + line: '{{ item.0.line }}' + dest: '{{ item.1 }}' with_nested: - - regexp: '^fastcgi_param SCRIPT_FILENAME' diff --git a/tasks/htpasswd.yml b/tasks/htpasswd.yml index 210cce4..97bff15 100644 --- a/tasks/htpasswd.yml +++ b/tasks/htpasswd.yml @@ -1,19 +1,19 @@ --- - name: FILE | Delete htpasswd file - file: > - path={{ nginx_htpasswd_dir }}/{{ item.name }} - state=absent + file: + path: "{{ nginx_htpasswd_dir }}/{{ item.name }}" + state: absent with_items: "{{ nginx_htpasswd }}" when: item.state is defined and item.state == 'absent' no_log: true - name: HTPASSWD | Manage files - htpasswd: > - name={{ item.1.name }} - password={{ item.1.password }} - state={{ item.1.state | default('present') }} - path={{ nginx_htpasswd_dir }}/{{ item.0.name }} + htpasswd: + name: "{{ item.1.name }}" + password: "{{ item.1.password }}" + state: "{{ item.1.state | default('present') }}" + path: "{{ nginx_htpasswd_dir }}/{{ item.0.name }}" with_subelements: - "{{ nginx_htpasswd }}" - users diff --git a/tasks/install_Debian.yml b/tasks/install_Debian.yml index 6360234..961ba2b 100644 --- a/tasks/install_Debian.yml +++ b/tasks/install_Debian.yml @@ -9,23 +9,25 @@ nginx_htpasswd | length > 0 - name: APT | Update cache - apt: > - update_cache=yes - cache_valid_time=3600 + apt: + update_cache: yes + cache_valid_time: 3600 changed_when: false - name: APT | Force OpenSSL from backports (fix dependency break) - apt: > - pkg=openssl - state=latest - default_release={{ ansible_distribution_release + '-backports' }} + apt: + pkg: openssl + state: latest + default_release: "{{ ansible_distribution_release + '-backports' }}" when: nginx_backports - name: APT | Install nginx and dependencies - apt: > - pkg={{ nginx_apt_package }} - state=present - default_release={{ ansible_distribution_release + '-backports' if nginx_backports else ansible_distribution_release }} + apt: + pkg: "{{ nginx_apt_package }}" + state: present + default_release: "{{ ansible_distribution_release + '-backports' if nginx_backports else ansible_distribution_release }}" - name: APT | Install python-passlib - apt: pkg=python-passlib state=present + apt: + pkg: python-passlib + state: present diff --git a/tasks/prepare.yml b/tasks/prepare.yml index 7372184..a5f5132 100644 --- a/tasks/prepare.yml +++ b/tasks/prepare.yml @@ -36,8 +36,14 @@ nginx_modules: "{{ shell_modules.stdout_lines }}" - name: FILE | Create folders - file: dest="{{ item.dir }}" owner="{{ item.owner }}" mode="{{ item.mode }}" state=directory + file: + dest: "{{ item.dir }}" + owner: "{{ item.owner }}" + mode: "{{ item.mode }}" + state: directory with_items: "{{ nginx_dirs }}" - name: FILE | Create ansible facts dir - file: path=/etc/ansible/facts.d state=directory + file: + path: /etc/ansible/facts.d + state: directory diff --git a/tasks/site.yml b/tasks/site.yml index c476cf7..4563d01 100644 --- a/tasks/site.yml +++ b/tasks/site.yml @@ -1,29 +1,31 @@ --- - name: FAIL | Check filenames - fail: msg="Forbidden keyword default on site {{ item.name if item.name is string else item.name[0] }}" + fail: + msg: "Forbidden keyword default on site {{ item.name if item.name is string else item.name[0] }}" when: item.filename is defined and item.filename == 'default' with_items: "{{ nginx_sites }}" - name: FAIL | Check HTTPS redir and proto - fail: msg="You can't have HTTP proto and HTTPS redirection at the same time" - when: > + fail: + msg: "You can't have HTTP proto and HTTPS redirection at the same time" + when: ((item.proto is defined and 'http' in item.proto) or (item.proto is not defined)) and (item.redirect_http is defined and item.redirect_http) with_items: "{{ nginx_sites }}" - name: FILE | Create root directory - file: > - path={{ nginx_root }} - state=directory + file: + path: "{{ nginx_root }}" + state: directory - name: FILE | Create root public folders (foreach nginx_sites) - file: > - path={{ nginx_root }}/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}/public - state=directory - owner={{ item.owner | default(nginx_user) }} - group={{ item.group | default(nginx_user) }} - mode={{ item.mode | default('0755') }} + file: + path: "{{ nginx_root }}/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}/public" + state: directory + owner: "{{ item.owner | default(nginx_user) }}" + group: "{{ item.group | default(nginx_user) }}" + mode: "{{ item.mode | default('0755') }}" with_items: "{{ nginx_sites }}" when: > item.root is not defined and @@ -32,15 +34,17 @@ item.redirect_to is not defined - name: TEMPLATE | Create sites - template: > - src=etc/nginx/sites-available/{{ item.template if item.redirect_to is not defined else '_redirect' }}.j2 - dest={{ nginx_etc_dir }}/sites-available/{{ item.filename | default(item.name if item.name is string else item.name[0]) }} + template: + src: "etc/nginx/sites-available/{{ item.template if item.redirect_to is not defined else '_redirect' }}.j2" + dest: "{{ nginx_etc_dir }}/sites-available/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}" with_items: "{{ nginx_sites }}" notify: ['reload nginx', 'restart nginx freebsd'] when: item.state is not defined or item.state != 'absent' - name: FILE | Delete sites - file: path={{ nginx_etc_dir }}/{{ item.1 }}/{{ item.0.filename | default(item.0.name if item.0.name is string else item.0.name[0]) }} state=absent + file: + path: "{{ nginx_etc_dir }}/{{ item.1 }}/{{ item.0.filename | default(item.0.name if item.0.name is string else item.0.name[0]) }}" + state: absent with_nested: - "{{ nginx_sites }}" - ['sites-available', 'sites-enabled'] @@ -48,41 +52,43 @@ when: item.state is defined and item.state == 'absent' - name: FILE | Enable sites - file: > - src={{ nginx_etc_dir }}/sites-available/{{ item.filename | default(item.name if item.name is string else item.name[0]) }} - dest={{ nginx_etc_dir }}/sites-enabled/{{ item.filename | default(item.name if item.name is string else item.name[0]) }} - state=link + file: + src: "{{ nginx_etc_dir }}/sites-available/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}" + dest: "{{ nginx_etc_dir }}/sites-enabled/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}" + state: link with_items: "{{ nginx_sites }}" notify: ['reload nginx', 'restart nginx freebsd'] when: > item.state is not defined or item.state == 'present' - name: FILE | Disable sites - file: path={{ nginx_etc_dir}}/sites-enabled/{{ item.filename | default(item.name if item.name is string else item.name[0]) }} state=absent + file: + path: "{{ nginx_etc_dir}}/sites-enabled/{{ item.filename | default(item.name if item.name is string else item.name[0]) }}" + state: absent with_items: "{{ nginx_sites }}" notify: ['reload nginx', 'restart nginx freebsd'] when: item.state is defined and item.state == 'disabled' - name: FILE | Delete default site when explicitely defined - file: > - path={{ nginx_etc_dir }}/sites-enabled/default - state=absent + file: + path: "{{ nginx_etc_dir }}/sites-enabled/default" + state: absent notify: ['reload nginx', 'restart nginx freebsd'] when: nginx_default_site is not none - name: FILE | Auto set default site - file: > - src={{ nginx_etc_dir }}/sites-available/default - dest={{ nginx_etc_dir }}/sites-enabled/default - state=link + file: + src: "{{ nginx_etc_dir }}/sites-available/default" + dest: "{{ nginx_etc_dir }}/sites-enabled/default" + state: link notify: ['reload nginx', 'restart nginx freebsd'] when: nginx_default_site is none - name: TEMPLATE | Deploy facts template: - src=etc/ansible/facts.d/nginx.fact.j2 - dest=/etc/ansible/facts.d/nginx.fact - mode=0644 + src: etc/ansible/facts.d/nginx.fact.j2 + dest: /etc/ansible/facts.d/nginx.fact + mode: 0644 register: fact - name: SETUP diff --git a/tasks/ssl.yml b/tasks/ssl.yml index a7c85a3..b52e6d6 100644 --- a/tasks/ssl.yml +++ b/tasks/ssl.yml @@ -10,42 +10,43 @@ register: dh - name: COPY | Deploy DH file from vars - copy: > - content="{{ nginx_dh }}" - dest="{{ nginx_dh_path }}" + copy: + content: "{{ nginx_dh }}" + dest: "{{ nginx_dh_path }}" when: nginx_dh is string notify: reload nginx - name: FILE | Create SSL directories - file: > - path="{{ nginx_ssl_dir + '/' + item.name }}" - state=directory + file: + path: "{{ nginx_ssl_dir + '/' + item.name }}" + state: directory with_items: "{{ nginx_ssl_pairs }}" when: item.dest_key is not defined or item.dest_cert is not defined no_log: true - name: COPY | Deploy SSL keys - copy: > - content="{{ item.key }}" - dest="{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.key' if item.dest_key is not defined else item.dest_key }}" - mode=0640 + copy: + content: "{{ item.key }}" + dest: "{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.key' if item.dest_key is not defined else item.dest_key }}" + mode: 0640 with_items: "{{ nginx_ssl_pairs }}" when: item.key is defined notify: reload nginx no_log: true - name: COPY | Deploy SSL certs - copy: > - content="{{ item.cert }}" - dest="{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.crt' if item.dest_cert is not defined else item.dest_cert }}" - mode=0644 + copy: + content: "{{ item.cert }}" + dest: "{{ nginx_ssl_dir + '/' + item.name + '/' + item.name + '.crt' if item.dest_cert is not defined else item.dest_cert }}" + mode: 0644 with_items: "{{ nginx_ssl_pairs }}" when: item.cert is defined notify: reload nginx no_log: true - name: Check DH command status - async_status: jid={{ dh.ansible_job_id }} + async_status: + jid: "{{ dh.ansible_job_id }}" register: job_result until: job_result.finished retries: 30 diff --git a/tasks/upstream.yml b/tasks/upstream.yml index 9707cbb..fe86353 100644 --- a/tasks/upstream.yml +++ b/tasks/upstream.yml @@ -1,29 +1,29 @@ --- - name: SET_FACT | Backward compatibility with old version of this role - set_fact: > + set_fact: nginx_php56: true when: nginx_php is defined and nginx_php - name: TEMPLATE | Deploy PHP upstream to Nginx - template: > - src=etc/nginx/upstream/php.conf.j2 - dest="{{ nginx_etc_dir }}/conf.d/php.conf" + template: + src: "etc/nginx/upstream/php.conf.j2" + dest: "{{ nginx_etc_dir }}/conf.d/php.conf" when: nginx_php56 or nginx_php70 notify: reload nginx - name: TEMPLATE | Deploy other upstreams - template: > - src=etc/nginx/upstream/upstream.conf.j2 - dest={{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf + template: + src: "etc/nginx/upstream/upstream.conf.j2" + dest: "{{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf" with_items: "{{ nginx_upstreams }}" when: item.state is not defined or item.state == 'present' notify: reload nginx - name: FILE | Delete other upstreams - file: > - path={{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf - state=absent + file: + path: "{{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf" + state: absent with_items: "{{ nginx_upstreams }}" when: item.state is defined and item.state == 'absent' notify: reload nginx