🚨 Fix linter
parent
257437731a
commit
d262ddd79e
|
@ -1,12 +1,12 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Reload nginx
|
- name: Reload nginx # noqa: no-changed-when
|
||||||
ansible.builtin.command: nginx -t
|
ansible.builtin.command: nginx -t
|
||||||
notify:
|
notify:
|
||||||
- Real-reload nginx
|
- Real-reload nginx
|
||||||
- Docker reload nginx
|
- Docker reload nginx
|
||||||
|
|
||||||
- name: Restart nginx
|
- name: Restart nginx # noqa: no-changed-when
|
||||||
ansible.builtin.command: nginx -t
|
ansible.builtin.command: nginx -t
|
||||||
notify:
|
notify:
|
||||||
- Real-restart nginx
|
- Real-restart nginx
|
||||||
|
@ -24,16 +24,12 @@
|
||||||
state: restarted
|
state: restarted
|
||||||
when: ansible_virtualization_type != 'docker'
|
when: ansible_virtualization_type != 'docker'
|
||||||
|
|
||||||
- name: Docker reload nginx
|
- name: Docker reload nginx # noqa: no-changed-when command-instead-of-module
|
||||||
ansible.builtin.command: service nginx reload
|
ansible.builtin.command: service nginx reload
|
||||||
args:
|
|
||||||
warn: false
|
|
||||||
when: ansible_virtualization_type == 'docker'
|
when: ansible_virtualization_type == 'docker'
|
||||||
|
|
||||||
- name: Docker restart nginx
|
- name: Docker restart nginx # noqa: no-changed-when command-instead-of-module
|
||||||
ansible.builtin.command: service nginx restart
|
ansible.builtin.command: service nginx restart
|
||||||
args:
|
|
||||||
warn: false
|
|
||||||
when: ansible_virtualization_type == 'docker'
|
when: ansible_virtualization_type == 'docker'
|
||||||
|
|
||||||
- name: Restart nginx freebsd
|
- name: Restart nginx freebsd
|
||||||
|
|
|
@ -21,20 +21,17 @@
|
||||||
ansible.builtin.command: touch /usr/local/etc/fdfs/http.conf
|
ansible.builtin.command: touch /usr/local/etc/fdfs/http.conf
|
||||||
args:
|
args:
|
||||||
creates: /usr/local/etc/fdfs/http.conf
|
creates: /usr/local/etc/fdfs/http.conf
|
||||||
register: fd1
|
notify: Restart nginx
|
||||||
|
|
||||||
- name: LINEINFILE | Tune fdfs
|
- name: LINEINFILE | Tune fdfs
|
||||||
ansible.builtin.lineinansible.builtin.file:
|
ansible.builtin.lineinfile:
|
||||||
regexp: ^load_fdfs_parameters_from_tracker
|
regexp: ^load_fdfs_parameters_from_tracker
|
||||||
line: load_fdfs_parameters_from_tracker=false
|
line: load_fdfs_parameters_from_tracker=false
|
||||||
path: /usr/local/etc/fdfs/mod_fastdfs.conf
|
path: /usr/local/etc/fdfs/mod_fastdfs.conf
|
||||||
register: fd2
|
notify: Restart nginx
|
||||||
|
|
||||||
- name: SERVICE | Restart nginx when fdfs is tuned
|
- name: META | Flush handlers (Restart nginx when fdfs is tuned)
|
||||||
ansible.builtin.service:
|
ansible.builtin.meta: flush_handlers
|
||||||
name: nginx
|
|
||||||
state: restarted
|
|
||||||
when: fd1.changed or fd2.changed
|
|
||||||
|
|
||||||
- name: FILE | Create configuration dir (like Debian)
|
- name: FILE | Create configuration dir (like Debian)
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
|
|
|
@ -29,25 +29,27 @@
|
||||||
group: root
|
group: root
|
||||||
loop: "{{ acme_create }}"
|
loop: "{{ acme_create }}"
|
||||||
register: fake_site
|
register: fake_site
|
||||||
|
notify: Restart nginx
|
||||||
|
|
||||||
- name: FILE | Delete current site if needed
|
- name: TEMPLATE | Create fake site
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: "etc/nginx/conf.d/FAKESITE.conf.j2"
|
||||||
|
dest: "/tmp/FAKESITE_{{ item | nginx_site_name }}.conf"
|
||||||
|
mode: 0644
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
loop: "{{ acme_create }}"
|
||||||
|
|
||||||
|
- name: FILE | Delete current site if needed # noqa: no-handler
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ nginx_etc_dir }}/sites-enabled/{{ item | nginx_site_name }}"
|
path: "{{ nginx_etc_dir }}/sites-enabled/{{ item | nginx_site_name }}"
|
||||||
state: absent
|
state: absent
|
||||||
loop: "{{ acme_create }}"
|
loop: "{{ acme_create }}"
|
||||||
when: fake_site.changed
|
when: fake_site.changed
|
||||||
|
notify: Restart nginx
|
||||||
|
|
||||||
- name: SERVICE | Restart nginx
|
- name: META | Ensure nginx is restarted if needed
|
||||||
ansible.builtin.service:
|
ansible.builtin.meta: flush_handlers
|
||||||
name: nginx
|
|
||||||
state: restarted
|
|
||||||
when: fake_site.changed and ansible_virtualization_type != 'docker'
|
|
||||||
|
|
||||||
- name: COMMAND | Restart nginx
|
|
||||||
ansible.builtin.command: service nginx restart
|
|
||||||
args:
|
|
||||||
warn: false
|
|
||||||
when: fake_site.changed and ansible_virtualization_type == 'docker'
|
|
||||||
|
|
||||||
- name: COMMAND | Get certificates
|
- name: COMMAND | Get certificates
|
||||||
ansible.builtin.command: |
|
ansible.builtin.command: |
|
||||||
|
|
|
@ -4,22 +4,26 @@
|
||||||
when: nginx_dh is not string
|
when: nginx_dh is not string
|
||||||
block:
|
block:
|
||||||
|
|
||||||
- name: STAT | Get info about DH file
|
- name: STAT | Get info about DH file
|
||||||
ansible.builtin.stat:
|
ansible.builtin.stat:
|
||||||
path: "{{ nginx_dh_path }}"
|
path: "{{ nginx_dh_path }}"
|
||||||
get_checksum: false
|
get_checksum: false
|
||||||
register: stat_dh_file
|
register: stat_dh_file
|
||||||
|
|
||||||
- name: SHELL | Get info about DH file
|
- name: SHELL | Get info about DH file
|
||||||
ansible.builtin.shell: openssl dhparam -in {{ nginx_dh_path }} -text -noout 2>&1 | awk '/DH Parameters/ { print substr($3, 2) }'
|
ansible.builtin.shell: |
|
||||||
changed_when: false
|
set -o pipefail &&
|
||||||
register: dh_info
|
openssl dhparam -in {{ nginx_dh_path }} -text -noout 2>&1 | awk '/DH Parameters/ { print substr($3, 2) }'
|
||||||
when: stat_dh_file.stat.exists
|
args:
|
||||||
|
executable: /bin/bash
|
||||||
|
changed_when: false
|
||||||
|
register: dh_info
|
||||||
|
when: stat_dh_file.stat.exists
|
||||||
|
|
||||||
- name: COMMAND | Generate DH file
|
- name: COMMAND | Generate DH file # noqa: no-changed-when
|
||||||
ansible.builtin.command: openssl dhparam -out {{ nginx_dh_path }} {{ nginx_dh_length }}
|
ansible.builtin.command: openssl dhparam -out {{ nginx_dh_path }} {{ nginx_dh_length }}
|
||||||
when: not stat_dh_file.stat.exists or (dh_info.stdout | int != nginx_dh_length | int)
|
when: not stat_dh_file.stat.exists or (dh_info.stdout | int != nginx_dh_length | int)
|
||||||
notify: Restart nginx
|
notify: Restart nginx
|
||||||
|
|
||||||
- name: COPY | Deploy DH file from vars
|
- name: COPY | Deploy DH file from vars
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
|
|
|
@ -246,5 +246,5 @@ nginx_sites:
|
||||||
custom_template: 'templates/custom_template.conf.j2'
|
custom_template: 'templates/custom_template.conf.j2'
|
||||||
root: '/tmp/custom-template'
|
root: '/tmp/custom-template'
|
||||||
|
|
||||||
nginx_php: "{{ [{'upstream_name': 'manual', 'sockets': [{'host': '127.0.0.1', 'port': '9636' }] }] }}"
|
nginx_php: "{{ [{'upstream_name': 'manual', 'sockets': [{'host': '127.0.0.1', 'port': '9636'}]}] }}"
|
||||||
nginx_dh_length: 1024
|
nginx_dh_length: 1024
|
||||||
|
|
|
@ -244,14 +244,12 @@
|
||||||
ansible.builtin.shell: set -o pipefail && curl -I --haproxy-protocol http://test-ssl-proxy-protocol.local:20080 | grep -qi 'X-Proxy-Protocol'
|
ansible.builtin.shell: set -o pipefail && curl -I --haproxy-protocol http://test-ssl-proxy-protocol.local:20080 | grep -qi 'X-Proxy-Protocol'
|
||||||
args:
|
args:
|
||||||
executable: /bin/bash
|
executable: /bin/bash
|
||||||
warn: false
|
|
||||||
changed_when: false
|
changed_when: false
|
||||||
|
|
||||||
- name: SHELL | Check HTTPS proxy protocol
|
- name: SHELL | Check HTTPS proxy protocol
|
||||||
ansible.builtin.shell: set -o pipefail && curl -I --haproxy-protocol -k https://test-ssl-proxy-protocol.local:20443 | grep -qi 'X-Proxy-Protocol'
|
ansible.builtin.shell: set -o pipefail && curl -I --haproxy-protocol -k https://test-ssl-proxy-protocol.local:20443 | grep -qi 'X-Proxy-Protocol'
|
||||||
args:
|
args:
|
||||||
executable: /bin/bash
|
executable: /bin/bash
|
||||||
warn: false
|
|
||||||
changed_when: false
|
changed_when: false
|
||||||
|
|
||||||
# --------------------------------
|
# --------------------------------
|
||||||
|
|
|
@ -1,13 +1,13 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: APT_REPOSITORY | Install backports
|
- name: APT_REPOSITORY | Install backports
|
||||||
apt_repository:
|
ansible.builtin.apt_repository:
|
||||||
repo: 'deb http://httpredir.debian.org/debian {{ ansible_distribution_release }}-backports main'
|
repo: 'deb http://httpredir.debian.org/debian {{ ansible_distribution_release }}-backports main'
|
||||||
state: present
|
state: present
|
||||||
when: nginx_backports
|
when: nginx_backports
|
||||||
|
|
||||||
- name: APT | Install needed packages
|
- name: APT | Install needed packages
|
||||||
apt:
|
ansible.builtin.apt:
|
||||||
pkg: "{{ packages }}"
|
pkg: "{{ packages }}"
|
||||||
update_cache: true
|
update_cache: true
|
||||||
cache_valid_time: 3600
|
cache_valid_time: 3600
|
||||||
|
@ -24,7 +24,7 @@
|
||||||
- unzip
|
- unzip
|
||||||
|
|
||||||
- name: APT | Install PHP
|
- name: APT | Install PHP
|
||||||
apt:
|
ansible.builtin.apt:
|
||||||
pkg: "{{ pkgs }}"
|
pkg: "{{ pkgs }}"
|
||||||
update_cache: true
|
update_cache: true
|
||||||
cache_valid_time: 3600
|
cache_valid_time: 3600
|
||||||
|
@ -35,39 +35,38 @@
|
||||||
- php-fpm
|
- php-fpm
|
||||||
|
|
||||||
- name: SHELL | Get current PHP version
|
- name: SHELL | Get current PHP version
|
||||||
shell: php --version | awk '/^PHP/ { print $2 }' | grep -o -E '^.{3}'
|
ansible.builtin.shell: php --version | awk '/^PHP/ { print $2 }' | grep -o -E '^.{3}'
|
||||||
changed_when: false
|
changed_when: false
|
||||||
register: cur_php_version
|
register: cur_php_version
|
||||||
|
|
||||||
# Bypasses Ansible+Docker issue. With service module... php is not really started!
|
# Bypasses Ansible+Docker issue. With service module... php is not really started!
|
||||||
- name: COMMAND | Force start PHP
|
- name: COMMAND | Force start PHP
|
||||||
command: "service php{{ cur_php_version.stdout }}-fpm start"
|
ansible.builtin.command: "service php{{ cur_php_version.stdout }}-fpm start"
|
||||||
args:
|
args:
|
||||||
creates: "/run/php/php{{ cur_php_version.stdout }}-fpm.pid"
|
creates: "/run/php/php{{ cur_php_version.stdout }}-fpm.pid"
|
||||||
warn: false
|
|
||||||
|
|
||||||
- name: GET_URL | Download ngrok
|
- name: GET_URL | Download ngrok
|
||||||
get_url:
|
ansible.builtin.get_url:
|
||||||
url: "https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip"
|
url: "https://bin.equinox.io/c/bNyj1mQVY4c/ngrok-v3-stable-linux-amd64.tgz"
|
||||||
dest: "/tmp/ngrok.zip"
|
dest: "/tmp/ngrok.zip"
|
||||||
|
|
||||||
- name: UNARCHIVE | Uncompress ngrok
|
- name: UNARCHIVE | Uncompress ngrok
|
||||||
unarchive:
|
ansible.builtin.unarchive:
|
||||||
src: "/tmp/ngrok.zip"
|
src: "/tmp/ngrok.zip"
|
||||||
dest: "/tmp"
|
dest: "/tmp"
|
||||||
remote_src: true
|
remote_src: true
|
||||||
|
|
||||||
- name: SET_FACT | ngrok_path
|
- name: SET_FACT | ngrok_path
|
||||||
set_fact:
|
ansible.builtin.set_fact:
|
||||||
ngrok_path: '/tmp/ngrok'
|
ngrok_path: '/tmp/ngrok'
|
||||||
|
|
||||||
- name: USER | Create PHP User foo
|
- name: USER | Create PHP User foo
|
||||||
user:
|
ansible.builtin.user:
|
||||||
name: foo
|
name: foo
|
||||||
system: true
|
system: true
|
||||||
|
|
||||||
- name: INCLUDE_ROLE | hanxhx.php
|
- name: INCLUDE_ROLE | hanxhx.php
|
||||||
include_role:
|
ansible.builtin.include_role:
|
||||||
name: "{{ playbook_dir }}/hanxhx.php"
|
name: "{{ playbook_dir }}/hanxhx.php"
|
||||||
vars:
|
vars:
|
||||||
php_version: "{{ cur_php_version.stdout }}"
|
php_version: "{{ cur_php_version.stdout }}"
|
||||||
|
|
|
@ -1,27 +1,26 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: SHELL | Start ngrok
|
- name: SHELL | Start ngrok
|
||||||
shell: daemonize -l /tmp/ngrok.lock {{ ngrok_path }} http 80 -bind-tls=false
|
ansible.builtin.shell: daemonize -l /tmp/ngrok.lock {{ ngrok_path }} http 80 --scheme http
|
||||||
failed_when: false
|
failed_when: false
|
||||||
changed_when: ngrok.stderr.find("Can't lock the lock file") == -1
|
changed_when: ngrok.stderr.find("Can't lock the lock file") == -1
|
||||||
register: ngrok
|
register: ngrok
|
||||||
|
|
||||||
- name: WAIT_FOR | ngrok started
|
- name: WAIT_FOR | ngrok started
|
||||||
wait_for:
|
ansible.builtin.wait_for:
|
||||||
delay: 2
|
delay: 2
|
||||||
port: 4040
|
port: 4040
|
||||||
when: ngrok.changed
|
when: ngrok.changed
|
||||||
|
|
||||||
- name: SHELL | Get ngrok public address
|
- name: SHELL | Get ngrok public address
|
||||||
shell: set -o pipefail && curl 'http://127.0.0.1:4040/api/tunnels/command_line' 2> /dev/null | jq -r '.public_url' | cut -d '/' -f 3
|
ansible.builtin.shell: set -o pipefail && curl 'http://127.0.0.1:4040/api/tunnels/command_line' 2> /dev/null | jq -r '.public_url' | cut -d '/' -f 3
|
||||||
args:
|
args:
|
||||||
executable: /bin/bash
|
executable: /bin/bash
|
||||||
warn: false
|
|
||||||
register: ngrok
|
register: ngrok
|
||||||
changed_when: false
|
changed_when: false
|
||||||
|
|
||||||
- name: LINEINFILE | Tune vimrc
|
- name: LINEINFILE | Tune vimrc
|
||||||
lineinfile:
|
ansible.builtin.lineinfile:
|
||||||
line: "set mouse="
|
line: "set mouse="
|
||||||
dest: "{{ item }}/.vimrc"
|
dest: "{{ item }}/.vimrc"
|
||||||
create: true
|
create: true
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: Launch tests
|
- name: Launch tests # noqa: role-name[path]
|
||||||
hosts: all
|
hosts: all
|
||||||
pre_tasks:
|
pre_tasks:
|
||||||
- name: INCLUDE_TASKS | Pre_tasks related to OS version
|
- name: INCLUDE_TASKS | Pre_tasks related to OS version
|
||||||
|
|
Loading…
Reference in New Issue