Migrate to jinja block ok
parent
084a6f283b
commit
ec94521c5b
|
@ -52,7 +52,7 @@ Few tips:
|
||||||
- you can use your own templates, you must keep the same directory organization
|
- you can use your own templates, you must keep the same directory organization
|
||||||
- you should see COMMON.j2 to see all abilities
|
- you should see COMMON.j2 to see all abilities
|
||||||
|
|
||||||
You can see many examples in: [tests/test.yml].
|
You can see many examples in: [tests/test.yml](tests/test.yml).
|
||||||
|
|
||||||
Dependencies
|
Dependencies
|
||||||
------------
|
------------
|
||||||
|
|
|
@ -5,7 +5,7 @@ nginx_apt_package: nginx-full
|
||||||
#
|
#
|
||||||
# Nginx shared variables
|
# Nginx shared variables
|
||||||
#
|
#
|
||||||
nginx_root: "/var/www"
|
nginx_root: "/srv/www"
|
||||||
nginx_log_dir: '/var/log/nginx'
|
nginx_log_dir: '/var/log/nginx'
|
||||||
nginx_ssl_dir: '/etc/nginx/ssl'
|
nginx_ssl_dir: '/etc/nginx/ssl'
|
||||||
nginx_resolver:
|
nginx_resolver:
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
galaxy_info:
|
galaxy_info:
|
||||||
author: Emilien Mantel
|
author: Emilien Mantel
|
||||||
description: Nginx for Debian
|
description: Nginx for Debian
|
||||||
company: your company (optional)
|
company:
|
||||||
license: GPLv2
|
license: GPLv2
|
||||||
min_ansible_version: 1.2
|
min_ansible_version: 1.2
|
||||||
platforms:
|
platforms:
|
||||||
|
|
|
@ -3,6 +3,11 @@
|
||||||
- name: APT | Install nginx
|
- name: APT | Install nginx
|
||||||
apt: pkg={{ nginx_apt_package }} state=latest update_cache=yes cache_valid_time=3600
|
apt: pkg={{ nginx_apt_package }} state=latest update_cache=yes cache_valid_time=3600
|
||||||
|
|
||||||
|
- name: SHELL | Get Nginx version
|
||||||
|
shell: nginx -v 2>&1 | sed -r 's#.*/##;' | cut -d ' ' -f 1
|
||||||
|
register: nginx_version
|
||||||
|
changed_when: false
|
||||||
|
|
||||||
- name: TEMPLATE | Deploy nginx.conf
|
- name: TEMPLATE | Deploy nginx.conf
|
||||||
template: src=etc/nginx/nginx.conf.j2 dest=/etc/nginx/nginx.conf validate= "nginx -t"
|
template: src=etc/nginx/nginx.conf.j2 dest=/etc/nginx/nginx.conf validate= "nginx -t"
|
||||||
notify: restart nginx
|
notify: restart nginx
|
||||||
|
|
|
@ -1,41 +1,53 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: FILE | Create root folders (foreach nginx_vhosts)
|
- name: FILE | Create root folders (foreach nginx_vhosts)
|
||||||
file: path={{ nginx_root }}/{{ item.name }} state=directory recurse=yes owner=www-data group=www-data mode=0755
|
file: >
|
||||||
file: path={{ nginx_root }}/{{ item.name }}/public state=directory recurse=yes owner=www-data group=www-data mode=0755
|
path={{ nginx_root }}/{{ item.name[0] }}/public
|
||||||
|
state=directory
|
||||||
|
recurse=yes
|
||||||
|
owner={{ item.owner | default('www-data') }}
|
||||||
|
group={{ item.group | default('www-data') }}
|
||||||
|
mode={{ item.mode | default('0755') }}
|
||||||
with_items: nginx_vhosts
|
with_items: nginx_vhosts
|
||||||
when: item.root is not defined
|
when: item.root is not defined
|
||||||
|
|
||||||
- name: TEMPLATE | Create vhosts
|
- name: TEMPLATE | Create vhosts
|
||||||
template: src=etc/nginx/sites-available/{{ item.template }}.j2 dest=/etc/nginx/sites-available/{{ item.name }}
|
template: >
|
||||||
|
src=etc/nginx/sites-available/{{ item.template }}.j2
|
||||||
|
dest=/etc/nginx/sites-available/{{ item.name[0] }}
|
||||||
with_items: nginx_vhosts
|
with_items: nginx_vhosts
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
|
|
||||||
- name: COMMAND | Get sites available
|
|
||||||
command: ls -1 /etc/nginx/sites-available
|
|
||||||
register: old_vhosts
|
|
||||||
changed_when: false
|
|
||||||
ignore_errors: true
|
|
||||||
|
|
||||||
- name: Delete unmanaged vhosts
|
|
||||||
file: path=/etc/nginx/sites-enabled/{{ item }} state=absent
|
|
||||||
file: path=/etc/nginx/sites-available/{{ item }} state=absent
|
|
||||||
with_items: old_vhosts.stdout_lines
|
|
||||||
when: item not in nginx_vhosts|map(attribute='name') and item != 'default'
|
|
||||||
|
|
||||||
#- name: COPY | Add index.html / index.php
|
#- name: COPY | Add index.html / index.php
|
||||||
# copy: src={{ item }} dest={{ nginx_root }}/{{ item.name }}/public/{{ item }} owner=www-data group=www-data mode=0666
|
# copy: src={{ item }} dest={{ nginx_root }}/{{ item.name }}/public/{{ item }} owner=www-data group=www-data mode=0666
|
||||||
# with_fileglob: "web/*"
|
# with_fileglob: "web/*"
|
||||||
|
|
||||||
- name: FILE | Enable vhosts (symlink to sites-enabled)
|
- name: FILE | Delete vhosts
|
||||||
file: src=/etc/nginx/sites-available/{{ item.name }} dest=/etc/nginx/sites-enabled/{{ item.name }} state=link
|
file: dest=/etc/nginx/sites-enabled/{{ item.name[0] }} state=absent
|
||||||
|
file: dest=/etc/nginx/sites-available/{{ item.name[0] }} state=absent
|
||||||
with_items: nginx_vhosts
|
with_items: nginx_vhosts
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
|
when: item.delete is defined and item.delete
|
||||||
|
|
||||||
- name: FILE | Create ssl dir per vhost (if needed)
|
- name: FILE | Enable vhosts
|
||||||
file: dest=/etc/nginx/ssl/{{ item.name }} owner=root mode=0750 state=directory
|
file: >
|
||||||
|
src=/etc/nginx/sites-available/{{ item.name[0] }}
|
||||||
|
dest=/etc/nginx/sites-enabled/{{ item.name[0] }}
|
||||||
|
state=link
|
||||||
with_items: nginx_vhosts
|
with_items: nginx_vhosts
|
||||||
when: item.ssl.use is defined and item.ssl.use
|
notify: reload nginx
|
||||||
|
when: item.enabled is not defined or (item.enabled is defined and item.enabled)
|
||||||
|
|
||||||
|
- name: FILE | Disable vhosts
|
||||||
|
file: dest=/etc/nginx/sites-enabled/{{ item.name[0] }} state=absent
|
||||||
|
with_items: nginx_vhosts
|
||||||
|
notify: reload nginx
|
||||||
|
when: item.enabled is defined and not item.enabled
|
||||||
|
|
||||||
|
#- name: FILE | Create ssl dir per vhost (if needed)
|
||||||
|
# file: dest=/etc/nginx/ssl/{{ item.name }} owner=root mode=0750 state=directory
|
||||||
|
# with_items: nginx_vhosts
|
||||||
|
# when: item.ssl.use is defined and item.ssl.use
|
||||||
|
|
||||||
# TODO...
|
# TODO...
|
||||||
#- name: COPY | Deploy SSL keys if needed
|
#- name: COPY | Deploy SSL keys if needed
|
||||||
|
|
|
@ -0,0 +1,70 @@
|
||||||
|
{% set __listen = item.listen | default(['80']) %}
|
||||||
|
{% set __listen_ssl = item.listen_ssl | default(['443']) %}
|
||||||
|
#
|
||||||
|
# {{ ansible_managed }}
|
||||||
|
#
|
||||||
|
|
||||||
|
#
|
||||||
|
# HTTP
|
||||||
|
#
|
||||||
|
server {
|
||||||
|
{% for port in __listen %}
|
||||||
|
listen {{ port }};
|
||||||
|
{% endfor %}
|
||||||
|
server_name {{ item.name | join(' ') }};
|
||||||
|
|
||||||
|
{% if item.root is defined %}
|
||||||
|
root {{ item.root }};
|
||||||
|
{% else %}
|
||||||
|
root {{ nginx_root }}/{{ item.name[0] }}/public;
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
{% block template_index %}
|
||||||
|
index {{ item.index | default('index.html index.htm') }};
|
||||||
|
{% endblock %}
|
||||||
|
|
||||||
|
{% block template_try_files %}
|
||||||
|
try_files $uri $uri/ =404;
|
||||||
|
{% endblock %}
|
||||||
|
|
||||||
|
{% block template_custom_location %}
|
||||||
|
{% endblock %}
|
||||||
|
|
||||||
|
location ~ /\.ht {
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
location ~* \.(txt|js|css|png|jpg|jpeg|gif|ico|svg)$ {
|
||||||
|
expires 30d;
|
||||||
|
log_not_found off;
|
||||||
|
}
|
||||||
|
|
||||||
|
{% if item.use_access_log is defined and item.use_access_log %}
|
||||||
|
access_log {{ nginx_log_dir }}/{{ item.name }}_access.log combined;
|
||||||
|
{% else %}
|
||||||
|
access_log off;
|
||||||
|
{% endif %}
|
||||||
|
{% if item.use_error_log is defined and item.use_error_log %}
|
||||||
|
error_log {{ nginx_log_dir }}/{{ item.name }}_error.log {{ nginx_error_log_level }};
|
||||||
|
{% else %}
|
||||||
|
error_log off;
|
||||||
|
{% endif %}
|
||||||
|
}
|
||||||
|
|
||||||
|
# HTTPS
|
||||||
|
#server {
|
||||||
|
#}
|
||||||
|
|
||||||
|
{% if item.redirect_from is defined and item.redirect_from is iterable %}
|
||||||
|
#
|
||||||
|
# Redirect from
|
||||||
|
#
|
||||||
|
server {
|
||||||
|
{% for port in __listen %}
|
||||||
|
listen {{ port }};
|
||||||
|
{% endfor %}
|
||||||
|
server_name {{ item.redirect_from | join(' ') }};
|
||||||
|
return 301 $scheme://{{ item.name[0] }}$request_uri;
|
||||||
|
}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
# vim:filetype=nginx
|
|
@ -0,0 +1,28 @@
|
||||||
|
{% extends "_base.j2" %}
|
||||||
|
{% block template_index %}
|
||||||
|
index {{ item.index | default('index.html index.htm index.php') }};
|
||||||
|
{% endblock %}
|
||||||
|
|
||||||
|
{% block template_try_files %}
|
||||||
|
try_files $uri $uri/ index.php;
|
||||||
|
{% endblock %}
|
||||||
|
|
||||||
|
{% block template_custom_location %}
|
||||||
|
location ~ \.php$ {
|
||||||
|
fastcgi_pass php;
|
||||||
|
fastcgi_index index.php;
|
||||||
|
{# TODO: fastcgi_intercept_errors {{ item.php.intercept_errors | default('on') }}; #}
|
||||||
|
fastcgi_intercept_errors on;
|
||||||
|
{% if nginx_version.stdout | version_compare('1.6.1', 'lt') %}
|
||||||
|
include fastcgi_params;
|
||||||
|
{% else %}
|
||||||
|
include fastcgi.conf;
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
|
# TODO...
|
||||||
|
# Newrelic custom header: https://docs.newrelic.com/docs/apm/other-features/request-queueing/request-queue-server-configuration-examples
|
||||||
|
#fastcgi_param HTTP_X_REQUEST_START "t=${msec}";
|
||||||
|
# Newrelic custom PHP appname: https://docs.newrelic.com/docs/agents/php-agent/configuration/php-directory-ini-settings#perdir-nginx
|
||||||
|
#fastcgi_param PHP_VALUE "newrelic.appname=${host}";
|
||||||
|
}
|
||||||
|
{% endblock %}
|
|
@ -5,32 +5,35 @@
|
||||||
- apt: pkg={{ item }} update_cache=yes cache_valid_time=3600 state=present
|
- apt: pkg={{ item }} update_cache=yes cache_valid_time=3600 state=present
|
||||||
with_items:
|
with_items:
|
||||||
- php5-fpm
|
- php5-fpm
|
||||||
- lineinfile: dest=/etc/hosts line="127.0.2.2 {{ nginx_vhosts|map(attribute='name')| join(' ') }}"
|
- lineinfile: >
|
||||||
|
dest=/etc/hosts
|
||||||
|
line="127.0.2.2 {% for name in nginx_vhosts|map(attribute='name') %}{{ name | join(' ') }} {% endfor %}"
|
||||||
vars:
|
vars:
|
||||||
nginx_php: true
|
nginx_php: true
|
||||||
nginx_php_sockets:
|
nginx_php_sockets:
|
||||||
- unix_socket: "/var/run/php5-fpm.sock"
|
- unix_socket: "/var/run/php5-fpm.sock"
|
||||||
nginx_vhosts:
|
nginx_vhosts:
|
||||||
- name: 'test.local'
|
- name:
|
||||||
aliases:
|
- 'test.local'
|
||||||
- test-alias.local
|
- 'test-alias.local'
|
||||||
- test2-alias.local
|
- 'test2-alias.local'
|
||||||
template: 'static'
|
template: '_base'
|
||||||
ssl:
|
ssl:
|
||||||
use: false
|
use: false
|
||||||
- name: 'test-php.local'
|
- name:
|
||||||
template: 'wordpress'
|
- 'test-php.local'
|
||||||
|
template: '_php'
|
||||||
ssl:
|
ssl:
|
||||||
use: false
|
use: false
|
||||||
roles:
|
roles:
|
||||||
- ../../
|
- ../../
|
||||||
post_tasks:
|
post_tasks:
|
||||||
- name: -- Add PHP file --
|
- name: -- Add PHP file --
|
||||||
copy: dest=/var/www/test-php.local/public/index.php content="<?php phpinfo();"
|
copy: dest="{{ nginx_root }}/test-php.local/public/index.php" content="<?php phpinfo();"
|
||||||
- name: -- Add HTML file --
|
- name: -- Add HTML file --
|
||||||
copy: dest=/var/www/test.local/public/index.html content="HTML Message"
|
copy: dest="{{ nginx_root }}/test.local/public/index.html" content="Index HTML test OK\n"
|
||||||
- name: -- VERIFY VHOSTS --
|
- name: -- VERIFY VHOSTS --
|
||||||
get_url: dest="/tmp/ansible_{{ item.name }}.txt" url="http://{{ item.name }}" validate_certs=no
|
get_url: dest="/tmp/ansible_{{ item.name[0] }}.txt" url="http://{{ item.name[0] }}" validate_certs=no
|
||||||
with_items: nginx_vhosts
|
with_items: nginx_vhosts
|
||||||
changed_when: false
|
changed_when: false
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue