radityo
/
ansible-nginx
mirror of https://github.com/HanXHX/ansible-nginx.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix Ansible Lint

debian_11
Emilien Mantel 2021-09-01 11:58:39 +02:00
parent a2780d3d95
commit 8c6c4dc813
13 changed files with 113 additions and 111 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.ansible-lint 100644
View File

@ -0,0 +1,2 @@
enable_list:
- fqcn-builtins

16
handlers/main.yml
View File

@ -1,46 +1,46 @@
---
- name: reload nginx
command: nginx -t
ansible.builtin.command: nginx -t
notify:
- real-reload nginx
- docker reload nginx
- name: restart nginx
command: nginx -t
ansible.builtin.command: nginx -t
notify:
- real-restart nginx
- docker restart nginx
- name: real-reload nginx
service:
ansible.builtin.service:
name: nginx
state: reloaded
when: ansible_virtualization_type != 'docker'
- name: real-restart nginx
service:
ansible.builtin.service:
name: nginx
state: restarted
when: ansible_virtualization_type != 'docker'
- name: docker reload nginx
command: service nginx reload
ansible.builtin.command: service nginx reload
args:
warn: false
when: ansible_virtualization_type == 'docker'
- name: docker restart nginx
command: service nginx restart
ansible.builtin.command: service nginx restart
args:
warn: false
when: ansible_virtualization_type == 'docker'
- name: restart nginx freebsd
service:
ansible.builtin.service:
name: nginx
state: restarted
when: ansible_distribution == "FreeBSD"
- name: setup
action: setup
ansible.builtin.setup:

10
tasks/config.yml
View File

@ -1,7 +1,7 @@
---
- name: TEMPLATE | Deploy nginx.conf
template:
ansible.builtin.template:
src: "etc/nginx/nginx.conf.j2"
dest: "{{ nginx_etc_dir }}/nginx.conf"
mode: 0644
@ -10,7 +10,7 @@
notify: reload nginx
- name: TEMPLATE | Deploy all helpers
template:
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ nginx_helper_dir }}/{{ item | basename | regex_replace('.j2$','') }}"
mode: 0644
@ -20,7 +20,7 @@
notify: reload nginx
- name: TEMPLATE | Deploy custom http configuration
template:
ansible.builtin.template:
src: "etc/nginx/conf.d/custom.conf.j2"
dest: "{{ nginx_etc_dir }}/conf.d/custom.conf"
mode: 0644
@ -29,7 +29,7 @@
notify: reload nginx
- name: LINEINFILE | Fix path
lineinfile:
ansible.builtin.lineinfile:
regexp: '{{ item.0.regexp }}'
line: '{{ item.0.line }}'
dest: '{{ item.1 }}'
@ -45,7 +45,7 @@
when: nginx_fastcgi_fix_realpath
- name: COPY | Add modules manually
copy:
ansible.builtin.copy:
content: |
{% for m in nginx_load_modules %}
load_module {{ m }};

4
tasks/htpasswd.yml
View File

@ -1,7 +1,7 @@
---
- name: FILE | Delete htpasswd file
file:
ansible.builtin.file:
path: "{{ nginx_htpasswd_dir }}/{{ item.name }}"
state: absent
loop: "{{ nginx_htpasswd }}"
@ -9,7 +9,7 @@
no_log: "{{ not nginx_debug_role }}"
- name: HTPASSWD | Manage files
htpasswd:
ansible.builtin.htpasswd:
name: "{{ item.1.name }}"
password: "{{ item.1.password }}"
path: "{{ nginx_htpasswd_dir }}/{{ item.0.name }}"

18
tasks/install_Debian.yml
View File

@ -1,51 +1,51 @@
---
- name: SET_FACT | Bypass https://github.com/ansible/ansible/issues/19874
set_fact:
ansible.builtin.set_fact:
ansible_distribution_release: 'buster'
when: ansible_facts.distribution_major_version == "buster/sid"
- name: APT | Update cache
apt:
ansible.builtin.apt:
update_cache: true
cache_valid_time: 3600
changed_when: false
- name: APT | Install nginx and dependencies
apt:
ansible.builtin.apt:
pkg: "{{ nginx_apt_package }}"
default_release: "{{ ansible_distribution_release + '-backports' if nginx_backports else ansible_distribution_release }}"
- name: APT | Install nginx modules
apt:
ansible.builtin.apt:
pkg: "{{ nginx_module_packages }}"
state: present
- name: APT | Install python-passlib
apt:
ansible.builtin.apt:
pkg: "python{% if ansible_python_version is version('3', '>=') %}3{% endif %}-passlib"
state: present
- name: STAT | Check acme.sh is installed
stat:
ansible.builtin.stat:
path: "{{ nginx_acmesh_dir }}"
register: acme
- block:
- name: APT | Install git
apt:
ansible.builtin.apt:
pkg: git
- name: GIT | Get acme.sh
git:
ansible.builtin.git:
repo: 'https://github.com/Neilpang/acme.sh.git'
dest: '{{ nginx_acmesh_git_dir }}'
update: false
version: master
- name: COMMAND | Install acme.sh
command: ./acme.sh --install --home "{{ nginx_acmesh_dir }}"
ansible.builtin.command: ./acme.sh --install --home "{{ nginx_acmesh_dir }}"
args:
chdir: "{{ nginx_acmesh_git_dir }}"
creates: "{{ nginx_acmesh_dir }}"

12
tasks/install_FreeBSD.yml
View File

@ -16,20 +16,20 @@
- block:
- name: COMMAND | Create /usr/local/etc/fdfs/http.conf
command: touch /usr/local/etc/fdfs/http.conf
ansible.builtin.command: touch /usr/local/etc/fdfs/http.conf
args:
creates: /usr/local/etc/fdfs/http.conf
register: fd1
- name: LINEINFILE | Tune fdfs
lineinfile:
ansible.builtin.lineinansible.builtin.file:
regexp: ^load_fdfs_parameters_from_tracker
line: load_fdfs_parameters_from_tracker=false
path: /usr/local/etc/fdfs/mod_fastdfs.conf
register: fd2
- name: SERVICE | Restart nginx when fdfs is tuned
service:
ansible.builtin.service:
name: nginx
state: restarted
when: fd1.changed or fd2.changed
@ -37,7 +37,7 @@
when: true
- name: FILE | Create configuration dir (like Debian)
file:
ansible.builtin.file:
path: "{{ nginx_etc_dir }}/{{ item }}"
state: directory
mode: 0755
@ -49,7 +49,7 @@
- sites-enabled
- name: FILE | Create log directory
file:
ansible.builtin.file:
path: "{{ nginx_log_dir }}"
owner: "{{ nginx_user }}"
group: wheel
@ -57,6 +57,6 @@
state: directory
- name: SERVICE | Enable nginx
service:
ansible.builtin.service:
name: nginx
enabled: true

16
tasks/main.yml
View File

@ -1,30 +1,30 @@
---
- name: INCLUDE_VARS | Related to OS
include_vars: "{{ ansible_distribution }}.yml"
ansible.builtin.include_vars: "{{ ansible_distribution }}.yml"
tags: ['nginx::site', 'nginx::ssl']
- name: INCLUDE_TASKS | Install
include_tasks: "install_{{ ansible_distribution }}.yml"
ansible.builtin.include_tasks: "install_{{ ansible_distribution }}.yml"
tags: ['nginx::site', 'nginx::ssl']
- name: IMPORT_TASKS| Prepare
import_tasks: prepare.yml
ansible.builtin.import_tasks: prepare.yml
tags: ['nginx::site', 'nginx::ssl']
- name: IMPORT_TASKS| Install
import_tasks: config.yml
ansible.builtin.import_tasks: config.yml
- name: IMPORT_TASKS| Upstream configuration
import_tasks: upstream.yml
ansible.builtin.import_tasks: upstream.yml
- name: IMPORT_TASKS| htpasswd configuration
import_tasks: htpasswd.yml
ansible.builtin.import_tasks: htpasswd.yml
- name: IMPORT_TASKS| SSL configuration
import_tasks: ssl/main.yml
ansible.builtin.import_tasks: ssl/main.yml
tags: ['nginx::ssl']
- name: IMPORT_TASKS| Sites configuration
import_tasks: site.yml
ansible.builtin.import_tasks: site.yml
tags: ['nginx::site']

10
tasks/prepare.yml
View File

@ -1,7 +1,7 @@
---
- name: SHELL | Get Nginx version
shell: nginx -v 2>&1 | sed -r 's#.*/##;' | cut -d ' ' -f 1
ansible.builtin.shell: nginx -v 2>&1 | sed -r 's#.*/##;' | cut -d ' ' -f 1
args:
executable: /bin/sh
register: nginx_version
@ -11,7 +11,7 @@
- skip_ansible_lint
- name: SHELL | Get module list
shell: |
ansible.builtin.shell: |
nginx -V 2>&1 |
tr -- - '\n' |
grep -A 1 with |
@ -27,11 +27,11 @@
- skip_ansible_lint
- name: SET_FACT | Save modules
set_fact:
ansible.builtin.set_fact:
nginx_modules: "{{ shell_modules.stdout_lines }}"
- name: FILE | Create folders
file:
ansible.builtin.file:
dest: "{{ item.dir }}"
owner: "{{ item.owner }}"
mode: "{{ item.mode }}"
@ -39,7 +39,7 @@
loop: "{{ nginx_dirs }}"
- name: FILE | Create ansible facts dir
file:
ansible.builtin.file:
path: /etc/ansible/facts.d
state: directory
mode: 0755

22
tasks/site.yml
View File

@ -1,7 +1,7 @@
---
- name: FAIL | Check filenames
fail:
ansible.builtin.fail:
msg: "Forbidden keyword default on site {{ item | nginx_site_name }}"
when: item.filename is defined and item.filename == 'default'
loop: "{{ nginx_sites }}"
@ -9,7 +9,7 @@
label: "{{ item | nginx_site_name }}"
- name: FAIL | Check HTTPS redir and proto
fail:
ansible.builtin.fail:
msg: "You can't have HTTP proto and HTTPS redirection at the same time"
when:
((item.proto is defined and 'http' in item.proto) or (item.proto is not defined)) and
@ -19,7 +19,7 @@
label: "{{ item | nginx_site_name }}"
- name: FILE | Create root directory
file:
ansible.builtin.file:
path: "{{ nginx_root }}"
state: directory
mode: 0755
@ -27,7 +27,7 @@
group: root
- name: FILE | Create root public folders (foreach nginx_sites)
file:
ansible.builtin.file:
path: "{{ nginx_root }}/{{ item | nginx_site_filename }}/public"
state: directory
owner: "{{ item.owner | default(nginx_user) }}"
@ -43,7 +43,7 @@
label: "{{ item | nginx_site_name }}"
- name: TEMPLATE | Create sites
template:
ansible.builtin.template:
src: "etc/nginx/sites-available/{{ item.template if item.redirect_to is not defined else '_redirect' }}.j2"
dest: "{{ nginx_etc_dir }}/sites-available/{{ item | nginx_site_filename }}"
mode: 0644
@ -56,7 +56,7 @@
label: "{{ item | nginx_site_name }}"
- name: FILE | Delete sites
file:
ansible.builtin.file:
path: "{{ nginx_etc_dir }}/{{ item.1 }}/{{ item.0 | nginx_site_filename }}"
state: absent
loop: "{{ nginx_sites | product(dirs) | list }}"
@ -68,7 +68,7 @@
label: "{{ nginx_etc_dir }}/{{ item.1 }}/{{ item.0 | nginx_site_filename }}"
- name: FILE | Enable sites
file:
ansible.builtin.file:
src: "{{ nginx_etc_dir }}/sites-available/{{ item | nginx_site_filename }}"
dest: "{{ nginx_etc_dir }}/sites-enabled/{{ item | nginx_site_filename }}"
state: link
@ -80,7 +80,7 @@
label: "{{ item | nginx_site_name }}"
- name: FILE | Disable sites
file:
ansible.builtin.file:
path: "{{ nginx_etc_dir }}/sites-enabled/{{ item | nginx_site_filename }}"
state: absent
loop: "{{ nginx_sites }}"
@ -90,14 +90,14 @@
label: "{{ item | nginx_site_name }}"
- name: FILE | Delete default site when explicitely defined
file:
ansible.builtin.file:
path: "{{ nginx_etc_dir }}/sites-enabled/default"
state: absent
notify: ['reload nginx', 'restart nginx freebsd']
when: nginx_default_site is not none
- name: FILE | Auto set default site
file:
ansible.builtin.file:
src: "{{ nginx_etc_dir }}/sites-available/default"
dest: "{{ nginx_etc_dir }}/sites-enabled/default"
state: link
@ -105,7 +105,7 @@
when: nginx_default_site is none
- name: TEMPLATE | Deploy facts
template:
ansible.builtin.template:
src: etc/ansible/facts.d/nginx.fact.j2
dest: /etc/ansible/facts.d/nginx.fact
mode: 0644

26
tasks/ssl/acme.yml
View File

@ -1,18 +1,18 @@
---
- name: SET_FACT | Assign default...
set_fact:
ansible.builtin.set_fact:
acme_create: []
- name: STAT | Check if certificates are already installed
stat:
ansible.builtin.stat:
path: "{{ item | nginx_cert_path(nginx_ssl_dir) }}"
loop: "{{ nginx_ssl_pairs }}"
when: item.acme is defined and item.acme
register: acme_installed_certs
- name: SET_FACT | Assign var with certificates to create
set_fact:
ansible.builtin.set_fact:
acme_create: "{{ acme_create | default([]) + [ (item.item) ] }}"
loop: "{{ acme_installed_certs.results }}"
when: item.skipped is not defined and (not item.stat.exists or item.stat.size == 0)
@ -21,7 +21,7 @@
block:
- name: TEMPLATE | Create fake site
template:
ansible.builtin.template:
src: "etc/nginx/conf.d/FAKESITE.conf.j2"
dest: "{{ nginx_etc_dir }}/conf.d/FAKESITE_{{ item | nginx_site_name }}.conf"
mode: 0644
@ -31,26 +31,26 @@
register: fake_site
- name: FILE | Delete current site if needed
file:
ansible.builtin.file:
path: "{{ nginx_etc_dir }}/sites-enabled/{{ item | nginx_site_name }}"
state: absent
loop: "{{ acme_create }}"
when: fake_site.changed
- name: SERVICE | Restart nginx
service:
ansible.builtin.service:
name: nginx
state: restarted
when: fake_site.changed and ansible_virtualization_type != 'docker'
- name: COMMAND | Restart nginx
command: service nginx restart
ansible.builtin.command: service nginx restart
args:
warn: false
when: fake_site.changed and ansible_virtualization_type == 'docker'
- name: COMMAND | Get certificates
command: |
ansible.builtin.command: |
{{ nginx_acmesh_bin }}
--home {{ nginx_acmesh_dir }}
--issue{% for s in nginx_sites | nginx_search_by_ssl_name(item.name) | nginx_all_site_names %} -d {{ s }}{% endfor %}
@ -64,12 +64,12 @@
no_log: "{{ not nginx_debug_role }}"
- name: FILE | Create SSL dir per site
file:
ansible.builtin.file:
path: "{{ nginx_ssl_dir }}/{{ item | nginx_site_name }}"
loop: "{{ acme_create }}"
- name: COMMAND | Install certificates
command: |
ansible.builtin.command: |
{{ nginx_acmesh_bin }}
--home {{ nginx_acmesh_dir }}
--install-cert -d {{ nginx_sites | nginx_search_by_ssl_name(item | nginx_site_name) | nginx_site_name }}
@ -85,17 +85,17 @@
rescue:
- name: FAIL | Explicit
fail:
ansible.builtin.fail:
msg: "Something is bad... Auto crash!"
always:
- name: FILE | Delete fake sites
file:
ansible.builtin.file:
path: "{{ nginx_etc_dir }}/conf.d/FAKESITE_{{ item | nginx_site_name }}.conf"
state: absent
loop: "{{ acme_create }}"
notify: restart nginx
- name: META | Flush handlers
meta: flush_handlers
ansible.builtin.meta: flush_handlers

16
tasks/ssl/standard.yml
View File

@ -3,26 +3,26 @@
- block:
- name: STAT | Get info about DH file
stat:
ansible.builtin.stat:
path: "{{ nginx_dh_path }}"
get_checksum: false
register: stat_dh_file
- name: SHELL | Get info about DH file
shell: openssl dhparam -in {{ nginx_dh_path }} -text -noout 2>&1 | awk '/DH Parameters/ { print substr($3, 2) }'
ansible.builtin.shell: openssl dhparam -in {{ nginx_dh_path }} -text -noout 2>&1 | awk '/DH Parameters/ { print substr($3, 2) }'
changed_when: false
register: dh_info
when: stat_dh_file.stat.exists
- name: COMMAND | Generate DH file
command: openssl dhparam -out {{ nginx_dh_path }} {{ nginx_dh_length }}
ansible.builtin.command: openssl dhparam -out {{ nginx_dh_path }} {{ nginx_dh_length }}
when: not stat_dh_file.stat.exists or (dh_info.stdout | int != nginx_dh_length | int)
notify: restart nginx
when: nginx_dh is not string
- name: COPY | Deploy DH file from vars
copy:
ansible.builtin.copy:
content: "{{ nginx_dh }}"
dest: "{{ nginx_dh_path }}"
owner: root
@ -32,7 +32,7 @@
notify: restart nginx
- name: FILE | Create SSL directories
file:
ansible.builtin.file:
path: "{{ item | nginx_ssl_dir(nginx_ssl_dir) }}"
state: directory
owner: root
@ -43,7 +43,7 @@
no_log: "{{ not nginx_debug_role }}"
- name: COPY | Deploy SSL keys
copy:
ansible.builtin.copy:
content: "{{ item.key }}"
dest: "{{ item | nginx_key_path(nginx_ssl_dir) }}"
owner: root
@ -55,7 +55,7 @@
no_log: "{{ not nginx_debug_role }}"
- name: COPY | Deploy SSL certs
copy:
ansible.builtin.copy:
content: "{{ item.cert }}"
dest: "{{ item | nginx_cert_path(nginx_ssl_dir) }}"
owner: root
@ -67,7 +67,7 @@
no_log: "{{ not nginx_debug_role }}"
- name: COMMAND | Create self-signed certificates
command: |
ansible.builtin.command: |
openssl req
-new -newkey rsa:2048 -sha256 -days 3650 -nodes -x509
-subj '/CN={{ item | nginx_site_name }}'

6
tasks/upstream.yml
View File

@ -1,7 +1,7 @@
---
- name: TEMPLATE | Deploy PHP upstream to Nginx
template:
ansible.builtin.template:
src: "etc/nginx/conf.d/php.conf.j2"
dest: "{{ nginx_etc_dir }}/conf.d/php.conf"
mode: 0644
@ -10,7 +10,7 @@
notify: reload nginx
- name: TEMPLATE | Deploy other upstreams
template:
ansible.builtin.template:
src: "etc/nginx/conf.d/_upstream.conf.j2"
dest: "{{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf"
mode: 0644
@ -21,7 +21,7 @@
notify: reload nginx
- name: FILE | Delete other upstreams
file:
ansible.builtin.file:
path: "{{ nginx_etc_dir }}/conf.d/upstream-{{ item.name }}.conf"
state: absent
loop: "{{ nginx_upstreams }}"

66
tests/test.yml
View File

@ -4,13 +4,13 @@
pre_tasks:
- name: INCLUDE_TASKS | Pre_tasks related to OS version
include_tasks: "includes/pre_{{ ansible_distribution }}.yml"
ansible.builtin.include_tasks: "includes/pre_{{ ansible_distribution }}.yml"
- name: IMPORT_TASKS | Pre_tasks common
import_tasks: "includes/pre_common.yml"
ansible.builtin.import_tasks: "includes/pre_common.yml"
- name: FILE | Create an internal SSL dir
file:
ansible.builtin.file:
path: "{{ int_ansible_ssl_dir }}"
state: directory
mode: 0750
@ -18,7 +18,7 @@
group: root
- name: COPY | Deploy test certificate
copy:
ansible.builtin.copy:
src: "file/test.crt"
dest: "{{ int_ansible_ssl_dir }}/test.crt"
mode: 0640
@ -26,7 +26,7 @@
group: root
- name: COPY | Deploy test key
copy:
ansible.builtin.copy:
src: "file/test.key"
dest: "{{ int_ansible_ssl_dir }}/test.key"
mode: 0640
@ -34,7 +34,7 @@
group: root
- name: COPY | Add all hosts in /etc/hosts
copy:
ansible.builtin.copy:
content: |
127.0.0.1 localhost
{% for s in nginx_sites %}
@ -299,13 +299,13 @@
# Apps
# --------------------------------
- name: INCLUDE_TASKS | Post_tasks related to OS version
include_tasks: "includes/post_{{ ansible_distribution }}.yml"
ansible.builtin.include_tasks: "includes/post_{{ ansible_distribution }}.yml"
# --------------------------------
# Deploy index files
# --------------------------------
- name: -- Add PHP file --
copy:
ansible.builtin.copy:
dest: "{{ nginx_root }}/{{ item }}/public/index.php"
content: "<?php phpinfo();"
mode: 0644
@ -317,7 +317,7 @@
- 'test-php-index2.local'
- name: -- Add HTML file --
copy:
ansible.builtin.copy:
dest: "{{ item }}/index.html"
content: "Index HTML test OK\n"
mode: 0644
@ -334,7 +334,7 @@
- '{{ nginx_root }}/{{ ngrok.stdout }}/public'
- name: -- Create directory --
file:
ansible.builtin.file:
path: "{{ nginx_root }}/test-htpasswd.local/public/hello"
state: directory
mode: 0755
@ -342,7 +342,7 @@
group: root
- name: -- Add HTML file hello --
copy:
ansible.builtin.copy:
dest: "{{ nginx_root }}/test-htpasswd.local/public/hello/index.html"
content: "hello\n"
mode: 0644
@ -353,14 +353,14 @@
# Test custom facts
# --------------------------------
- name: -- CHECK FACTS --
assert:
ansible.builtin.assert:
that: "'{{ ansible_local.nginx.fact_nginx_sites[0].name[0] }}' == 'test.local'"
# --------------------------------
# Simple sites tests
# --------------------------------
- name: -- VERIFY SITES --
uri:
ansible.builtin.uri:
url: "http://{{ item | nginx_site_name }}{% if item.listen is defined %}:{{ item.listen[0] }}{% endif %}/"
status_code: '200,301,302,401,403'
follow_redirects: none
@ -369,12 +369,12 @@
changed_when: false
- name: -- VERIFY FORBIDDEN --
uri:
ansible.builtin.uri:
url: "http://test-php-index.local/phpinfo.php"
status_code: 403
- name: -- VERIFY REDIRECT SITES --
uri:
ansible.builtin.uri:
url: "http://{{ item.redirect_from[0] }}/"
status_code: 301
follow_redirects: none
@ -383,7 +383,7 @@
changed_when: false
- name: -- VERIFY REDIRECT HTTPS SITES --
uri:
ansible.builtin.uri:
url: "https://{{ item.redirect_from[0] }}:{{ item.listen_ssl[0] | default(443) }}/"
status_code: 301
follow_redirects: none
@ -396,7 +396,7 @@
# PHP
# --------------------------------
- name: -- VERIFY PHP SITES --
uri:
ansible.builtin.uri:
url: "http://{{ item.name }}/"
return_content: true
register: p
@ -407,7 +407,7 @@
failed_when: p.content.find('PHP Version') == -1
- name: -- VERIFY INDEX2 --
uri:
ansible.builtin.uri:
url: "http://test-php-index2.local/lorem.php?ipsum=sit&dolor=amet"
return_content: true
register: p2
@ -417,12 +417,12 @@
# Basic Auth
# --------------------------------
- name: -- VERIFY AUTH BASIC NONE --
uri:
ansible.builtin.uri:
url: "http://test-htpasswd.local/hello/"
status_code: 401
- name: -- VERIFY AUTH BASIC FAIL --
uri:
ansible.builtin.uri:
url: "http://test-htpasswd.local/hello/"
status_code: 401
user: "fail"
@ -430,14 +430,14 @@
force_basic_auth: true
- name: -- VERIFY AUTH BASIC OK --
uri:
ansible.builtin.uri:
url: "http://test-htpasswd.local/hello/"
user: "hanx"
password: "qwerty"
force_basic_auth: true
- name: -- VERIFY AUTH BASIC FAIL GLOBAL --
uri:
ansible.builtin.uri:
url: "http://test-htpasswd-all.local/"
status_code: 401
user: "fail"
@ -445,7 +445,7 @@
force_basic_auth: true
- name: -- VERIFY AUTH BASIC OK GLOBAL --
uri:
ansible.builtin.uri:
url: "http://test-htpasswd-all.local/"
user: "hanx"
password: "qwerty"
@ -455,7 +455,7 @@
# SSL
# --------------------------------
- name: -- VERIFY SSL --
uri:
ansible.builtin.uri:
url: "https://{{ item }}/"
return_content: true
validate_certs: false
@ -468,7 +468,7 @@
- '{{ ngrok.stdout }}'
- name: -- VERIFY SSL REDIRECT --
uri:
ansible.builtin.uri:
url: "http://{{ item.name }}/"
validate_certs: false
status_code: 301
@ -487,7 +487,7 @@
# Default sites
# --------------------------------
- name: -- VERIFY DEFAULT SITE --
uri:
ansible.builtin.uri:
url: 'http://127.0.0.1/'
return_content: true
register: vdefault
@ -496,7 +496,7 @@
vdefault.x_ansible_default is not defined
- name: -- VERIFY DEFAULT SITE + STUB STATUS--
uri:
ansible.builtin.uri:
url: 'http://127.0.0.1/status'
return_content: true
register: vdefault_status
@ -505,7 +505,7 @@
vdefault_status.x_ansible_default is not defined
- name: -- VERIFY DEFAULT SSL SITE --
uri:
ansible.builtin.uri:
url: 'https://127.0.0.1/'
return_content: true
validate_certs: false
@ -515,14 +515,14 @@
vdefault.x_ansible_default is not defined
- name: -- VERIFY NOT DEFAULT SITE --
uri:
ansible.builtin.uri:
url: 'http://test-php.local/'
return_content: true
register: vphp
failed_when: vphp.x_ansible_default is defined
- name: -- VERIFY NOT DEFAULT SSL SITE --
uri:
ansible.builtin.uri:
url: 'https://test-ssl.local/'
return_content: true
validate_certs: false
@ -536,14 +536,14 @@
- block:
- name: SHELL | Check HTTP proxy protocol
shell: set -o pipefail && curl -I --haproxy-protocol http://test-ssl-proxy-protocol.local:20080 | grep -qi 'X-Proxy-Protocol'
ansible.builtin.shell: set -o pipefail && curl -I --haproxy-protocol http://test-ssl-proxy-protocol.local:20080 | grep -qi 'X-Proxy-Protocol'
args:
executable: /bin/bash
warn: false
changed_when: false
- name: SHELL | Check HTTPS proxy protocol
shell: set -o pipefail && curl -I --haproxy-protocol -k https://test-ssl-proxy-protocol.local:20443 | grep -qi 'X-Proxy-Protocol'
ansible.builtin.shell: set -o pipefail && curl -I --haproxy-protocol -k https://test-ssl-proxy-protocol.local:20443 | grep -qi 'X-Proxy-Protocol'
args:
executable: /bin/bash
warn: false
@ -555,7 +555,7 @@
# Check HTTP2
# --------------------------------
- name: SHELL | Check HTTP2
shell: set -o pipefail && nghttp -nv https://localhost 2> /dev/null | grep -q h2
ansible.builtin.shell: set -o pipefail && nghttp -nv https://localhost 2> /dev/null | grep -q h2
args:
executable: /bin/bash
changed_when: false