diff --git a/.gitignore b/.gitignore index b44e1d2..690f934 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,4 @@ *.swp *.retry *.pyc -/tests/HanXHX.php +/tests/hanxhx.php diff --git a/.travis.yml b/.travis.yml index f46eb06..349bf71 100644 --- a/.travis.yml +++ b/.travis.yml @@ -28,7 +28,7 @@ install: - sudo pip install "ansible-core$ANSIBLE_VERSION" - sudo pip install ansible-lint - ansible-galaxy collection install community.general - - ansible-galaxy install -p ./tests HanXHX.php + - ansible-galaxy install -p ./tests hanxhx.php script: - VAGRANT_DEFAULT_PROVIDER=docker vagrant up $PLATFORM diff --git a/defaults/main.yml b/defaults/main.yml index 70eb1c5..c9adbf8 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -26,7 +26,7 @@ nginx_default_hsts: 'max-age=63072000; includeSubDomains' # nginx_htpasswd_dir: '{{ nginx_etc_dir }}/htpasswd' nginx_ssl_dir: '{{ nginx_etc_dir }}/ssl' -nginx_helper_dir: '{{ nginx_etc_dir}}/helper' +nginx_helper_dir: '{{ nginx_etc_dir }}/helper' # # Load upstream diff --git a/handlers/main.yml b/handlers/main.yml index f814f55..1bad650 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,46 +1,46 @@ --- -- name: reload nginx +- name: Reload nginx ansible.builtin.command: nginx -t notify: - - real-reload nginx - - docker reload nginx + - Real-reload nginx + - Docker reload nginx -- name: restart nginx +- name: Restart nginx ansible.builtin.command: nginx -t notify: - - real-restart nginx - - docker restart nginx + - Real-restart nginx + - Docker restart nginx -- name: real-reload nginx +- name: Real-reload nginx ansible.builtin.service: name: nginx state: reloaded when: ansible_virtualization_type != 'docker' -- name: real-restart nginx +- name: Real-restart nginx ansible.builtin.service: name: nginx state: restarted when: ansible_virtualization_type != 'docker' -- name: docker reload nginx +- name: Docker reload nginx ansible.builtin.command: service nginx reload args: warn: false when: ansible_virtualization_type == 'docker' -- name: docker restart nginx +- name: Docker restart nginx ansible.builtin.command: service nginx restart args: warn: false when: ansible_virtualization_type == 'docker' -- name: restart nginx freebsd +- name: Restart nginx freebsd ansible.builtin.service: name: nginx state: restarted when: ansible_distribution == "FreeBSD" -- name: setup +- name: Setup ansible.builtin.setup: diff --git a/meta/main.yml b/meta/main.yml index 01424b7..d8bfb16 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -5,9 +5,9 @@ galaxy_info: namespace: hanxhx role_name: nginx description: Nginx for Debian / FreeBSD - company: + company: TripleStack license: GPLv2 - min_ansible_version: 2.11 + min_ansible_version: '2.11' platforms: - name: Debian versions: @@ -15,9 +15,9 @@ galaxy_info: - bullseye - name: FreeBSD versions: - - 11.0 - - 11.1 - - 12.0 + - '11.0' + - '11.1' + - '12.0' galaxy_tags: - web - debian diff --git a/tasks/config.yml b/tasks/config.yml index bff9e0a..b9d7553 100644 --- a/tasks/config.yml +++ b/tasks/config.yml @@ -7,17 +7,17 @@ mode: 0644 owner: root group: root - notify: reload nginx + notify: Reload nginx - name: TEMPLATE | Deploy all helpers ansible.builtin.template: src: "{{ item }}" - dest: "{{ nginx_helper_dir }}/{{ item | basename | regex_replace('.j2$','') }}" + dest: "{{ nginx_helper_dir }}/{{ item | basename | regex_replace('.j2$', '') }}" mode: 0644 owner: root group: root with_fileglob: '../templates/etc/nginx/helper/*.j2' - notify: reload nginx + notify: Reload nginx - name: TEMPLATE | Deploy custom http configuration ansible.builtin.template: @@ -26,7 +26,7 @@ mode: 0644 owner: root group: root - notify: reload nginx + notify: Reload nginx - name: LINEINFILE | Fix path ansible.builtin.lineinfile: @@ -54,4 +54,4 @@ mode: 0644 owner: root group: root - notify: reload nginx + notify: Reload nginx diff --git a/tasks/install/FreeBSD.yml b/tasks/install/FreeBSD.yml index 2f45f5c..bdec306 100644 --- a/tasks/install/FreeBSD.yml +++ b/tasks/install/FreeBSD.yml @@ -1,7 +1,7 @@ --- - name: PKGNG | Install nginx and related tools - pkgng: + community.general.pkgng: name: "{{ item }}" state: present loop: @@ -13,7 +13,9 @@ # # Bypass https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=224166#c1 # -- block: +- name: Bypass https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=224166#c1 + when: true + block: - name: COMMAND | Create /usr/local/etc/fdfs/http.conf ansible.builtin.command: touch /usr/local/etc/fdfs/http.conf @@ -34,8 +36,6 @@ state: restarted when: fd1.changed or fd2.changed - when: true - - name: FILE | Create configuration dir (like Debian) ansible.builtin.file: path: "{{ nginx_etc_dir }}/{{ item }}" diff --git a/tasks/install/acme.yml b/tasks/install/acme.yml index 8a26684..4c8a7cc 100644 --- a/tasks/install/acme.yml +++ b/tasks/install/acme.yml @@ -5,7 +5,9 @@ path: "{{ nginx_acmesh_dir }}" register: acme -- block: +- name: Install acme.sh if needed + when: not acme.stat.exists + block: - name: APT | Install git ansible.builtin.apt: @@ -26,8 +28,7 @@ - name: COMMAND | Force acme.sh to use letsencrypt (instead of zerossl) ansible.builtin.command: '{{ nginx_acmesh_dir }}/acme.sh --set-default-ca --server letsencrypt --home "{{ nginx_acmesh_dir }}"' - - when: not acme.stat.exists + changed_when: true - name: FILE | Remove temp acme.sh dir ansible.builtin.file: diff --git a/tasks/site.yml b/tasks/site.yml index 02937e3..a24e584 100644 --- a/tasks/site.yml +++ b/tasks/site.yml @@ -49,7 +49,7 @@ mode: 0644 owner: root group: root - notify: ['reload nginx', 'restart nginx freebsd'] + notify: ['Reload nginx', 'Restart nginx freebsd'] when: (item.state is not defined or item.state != 'absent') and item.custom_template is not defined loop: "{{ nginx_sites }}" loop_control: @@ -62,7 +62,7 @@ mode: 0644 owner: root group: root - notify: ['reload nginx', 'restart nginx freebsd'] + notify: ['Reload nginx', 'Restart nginx freebsd'] when: (item.state is not defined or item.state != 'absent') and item.custom_template is defined loop: "{{ nginx_sites }}" loop_control: @@ -73,7 +73,7 @@ path: "{{ nginx_etc_dir }}/{{ item.1 }}/{{ item.0 | nginx_site_filename }}" state: absent loop: "{{ nginx_sites | product(dirs) | list }}" - notify: ['reload nginx', 'restart nginx freebsd'] + notify: ['Reload nginx', 'Restart nginx freebsd'] when: item.0.state is defined and item.0.state == 'absent' vars: dirs: ['sites-available', 'sites-enabled'] @@ -86,7 +86,7 @@ dest: "{{ nginx_etc_dir }}/sites-enabled/{{ item | nginx_site_filename }}" state: link loop: "{{ nginx_sites }}" - notify: ['reload nginx', 'restart nginx freebsd'] + notify: ['Reload nginx', 'Restart nginx freebsd'] when: > item.state is not defined or item.state == 'present' loop_control: @@ -97,7 +97,7 @@ path: "{{ nginx_etc_dir }}/sites-enabled/{{ item | nginx_site_filename }}" state: absent loop: "{{ nginx_sites }}" - notify: ['reload nginx', 'restart nginx freebsd'] + notify: ['Reload nginx', 'Restart nginx freebsd'] when: item.state is defined and item.state == 'disabled' loop_control: label: "{{ item | nginx_site_name }}" @@ -106,7 +106,7 @@ ansible.builtin.file: path: "{{ nginx_etc_dir }}/sites-enabled/default" state: absent - notify: ['reload nginx', 'restart nginx freebsd'] + notify: ['Reload nginx', 'Restart nginx freebsd'] when: nginx_default_site is not none - name: FILE | Auto set default site @@ -114,7 +114,7 @@ src: "{{ nginx_etc_dir }}/sites-available/default" dest: "{{ nginx_etc_dir }}/sites-enabled/default" state: link - notify: ['reload nginx', 'restart nginx freebsd'] + notify: ['Reload nginx', 'Restart nginx freebsd'] when: nginx_default_site is none - name: TEMPLATE | Deploy facts @@ -122,4 +122,4 @@ src: etc/ansible/facts.d/nginx.fact.j2 dest: /etc/ansible/facts.d/nginx.fact mode: 0644 - notify: ['setup'] + notify: ['Setup'] diff --git a/tasks/ssl/acme.yml b/tasks/ssl/acme.yml index 24f2306..177d5e0 100644 --- a/tasks/ssl/acme.yml +++ b/tasks/ssl/acme.yml @@ -13,7 +13,7 @@ - name: SET_FACT | Assign var with certificates to create ansible.builtin.set_fact: - acme_create: "{{ acme_create | default([]) + [ (item.item) ] }}" + acme_create: "{{ acme_create | default([]) + [(item.item)] }}" loop: "{{ acme_installed_certs.results }}" when: item.skipped is not defined and (not item.stat.exists or item.stat.size == 0) @@ -80,7 +80,7 @@ creates: "{{ item | nginx_cert_path(nginx_ssl_dir) }}" loop: "{{ nginx_ssl_pairs }}" when: item.acme is defined and item.acme - notify: restart nginx + notify: Restart nginx rescue: @@ -95,7 +95,7 @@ path: "{{ nginx_etc_dir }}/conf.d/FAKESITE_{{ item | nginx_site_name }}.conf" state: absent loop: "{{ acme_create }}" - notify: restart nginx + notify: Restart nginx - name: META | Flush handlers ansible.builtin.meta: flush_handlers diff --git a/tasks/ssl/main.yml b/tasks/ssl/main.yml index 419e09e..2ffe74b 100644 --- a/tasks/ssl/main.yml +++ b/tasks/ssl/main.yml @@ -1,8 +1,8 @@ --- - name: IMPORT_TASKS | standard.yml - import_tasks: standard.yml + ansible.builtin.import_tasks: standard.yml - name: IMPORT_TASKS | acme.yml - import_tasks: acme.yml + ansible.builtin.import_tasks: acme.yml when: nginx_acmesh diff --git a/tasks/ssl/standard.yml b/tasks/ssl/standard.yml index 57166ce..0f03c69 100644 --- a/tasks/ssl/standard.yml +++ b/tasks/ssl/standard.yml @@ -1,6 +1,8 @@ --- -- block: +- name: Generate DH if needed + when: nginx_dh is not string + block: - name: STAT | Get info about DH file ansible.builtin.stat: @@ -17,9 +19,7 @@ - name: COMMAND | Generate DH file ansible.builtin.command: openssl dhparam -out {{ nginx_dh_path }} {{ nginx_dh_length }} when: not stat_dh_file.stat.exists or (dh_info.stdout | int != nginx_dh_length | int) - notify: restart nginx - - when: nginx_dh is not string + notify: Restart nginx - name: COPY | Deploy DH file from vars ansible.builtin.copy: @@ -29,7 +29,7 @@ group: root mode: 0640 when: nginx_dh is string - notify: restart nginx + notify: Restart nginx - name: FILE | Create SSL directories ansible.builtin.file: @@ -51,7 +51,7 @@ mode: 0640 loop: "{{ nginx_ssl_pairs }}" when: item.key is defined - notify: restart nginx + notify: Restart nginx no_log: "{{ not nginx_debug_role }}" - name: COPY | Deploy SSL certs @@ -63,7 +63,7 @@ mode: 0644 loop: "{{ nginx_ssl_pairs }}" when: item.cert is defined - notify: restart nginx + notify: Restart nginx no_log: "{{ not nginx_debug_role }}" - name: COMMAND | Create self-signed certificates @@ -78,5 +78,5 @@ creates: "{{ '/tmp/dummy' if item.force is defined and item.force else item | nginx_cert_path(nginx_ssl_dir) }}" loop: "{{ nginx_ssl_pairs }}" when: item.self_signed is defined - notify: restart nginx + notify: Restart nginx no_log: "{{ not nginx_debug_role }}" diff --git a/tasks/upstream.yml b/tasks/upstream.yml index 0fb1636..bab0ac4 100644 --- a/tasks/upstream.yml +++ b/tasks/upstream.yml @@ -7,7 +7,7 @@ mode: 0644 owner: root group: root - notify: reload nginx + notify: Reload nginx - name: TEMPLATE | Deploy other upstreams ansible.builtin.template: @@ -18,7 +18,7 @@ group: root loop: "{{ nginx_upstreams }}" when: item.state is not defined or item.state == 'present' - notify: reload nginx + notify: Reload nginx - name: FILE | Delete other upstreams ansible.builtin.file: @@ -26,4 +26,4 @@ state: absent loop: "{{ nginx_upstreams }}" when: item.state is defined and item.state == 'absent' - notify: reload nginx + notify: Reload nginx diff --git a/tests/includes/pre_Debian.yml b/tests/includes/pre_Debian.yml index e354aaf..24051a4 100644 --- a/tests/includes/pre_Debian.yml +++ b/tests/includes/pre_Debian.yml @@ -66,9 +66,9 @@ name: foo system: true -- name: INCLUDE_ROLE | HanXHX.php +- name: INCLUDE_ROLE | hanxhx.php include_role: - name: "{{ playbook_dir }}/HanXHX.php" + name: "{{ playbook_dir }}/hanxhx.php" vars: php_version: "{{ cur_php_version.stdout }}" php_autoremove_default_pool: false diff --git a/tests/test.yml b/tests/test.yml index 8b87e0d..f1ddf61 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -1,6 +1,7 @@ --- -- hosts: all +- name: Launch tests + hosts: all pre_tasks: - name: INCLUDE_TASKS | Pre_tasks related to OS version ansible.builtin.include_tasks: "includes/pre_{{ ansible_distribution }}.yml"