Migrate to jinja block ok

pull/2/head
Emilien Mantel 2015-07-30 13:02:21 +02:00
parent 084a6f283b
commit ec94521c5b
8 changed files with 152 additions and 34 deletions

View File

@ -52,7 +52,7 @@ Few tips:
- you can use your own templates, you must keep the same directory organization - you can use your own templates, you must keep the same directory organization
- you should see COMMON.j2 to see all abilities - you should see COMMON.j2 to see all abilities
You can see many examples in: [tests/test.yml]. You can see many examples in: [tests/test.yml](tests/test.yml).
Dependencies Dependencies
------------ ------------

View File

@ -5,7 +5,7 @@ nginx_apt_package: nginx-full
# #
# Nginx shared variables # Nginx shared variables
# #
nginx_root: "/var/www" nginx_root: "/srv/www"
nginx_log_dir: '/var/log/nginx' nginx_log_dir: '/var/log/nginx'
nginx_ssl_dir: '/etc/nginx/ssl' nginx_ssl_dir: '/etc/nginx/ssl'
nginx_resolver: nginx_resolver:

View File

@ -2,7 +2,7 @@
galaxy_info: galaxy_info:
author: Emilien Mantel author: Emilien Mantel
description: Nginx for Debian description: Nginx for Debian
company: your company (optional) company:
license: GPLv2 license: GPLv2
min_ansible_version: 1.2 min_ansible_version: 1.2
platforms: platforms:

View File

@ -3,6 +3,11 @@
- name: APT | Install nginx - name: APT | Install nginx
apt: pkg={{ nginx_apt_package }} state=latest update_cache=yes cache_valid_time=3600 apt: pkg={{ nginx_apt_package }} state=latest update_cache=yes cache_valid_time=3600
- name: SHELL | Get Nginx version
shell: nginx -v 2>&1 | sed -r 's#.*/##;' | cut -d ' ' -f 1
register: nginx_version
changed_when: false
- name: TEMPLATE | Deploy nginx.conf - name: TEMPLATE | Deploy nginx.conf
template: src=etc/nginx/nginx.conf.j2 dest=/etc/nginx/nginx.conf validate= "nginx -t" template: src=etc/nginx/nginx.conf.j2 dest=/etc/nginx/nginx.conf validate= "nginx -t"
notify: restart nginx notify: restart nginx

View File

@ -1,41 +1,53 @@
--- ---
- name: FILE | Create root folders (foreach nginx_vhosts) - name: FILE | Create root folders (foreach nginx_vhosts)
file: path={{ nginx_root }}/{{ item.name }} state=directory recurse=yes owner=www-data group=www-data mode=0755 file: >
file: path={{ nginx_root }}/{{ item.name }}/public state=directory recurse=yes owner=www-data group=www-data mode=0755 path={{ nginx_root }}/{{ item.name[0] }}/public
state=directory
recurse=yes
owner={{ item.owner | default('www-data') }}
group={{ item.group | default('www-data') }}
mode={{ item.mode | default('0755') }}
with_items: nginx_vhosts with_items: nginx_vhosts
when: item.root is not defined when: item.root is not defined
- name: TEMPLATE | Create vhosts - name: TEMPLATE | Create vhosts
template: src=etc/nginx/sites-available/{{ item.template }}.j2 dest=/etc/nginx/sites-available/{{ item.name }} template: >
src=etc/nginx/sites-available/{{ item.template }}.j2
dest=/etc/nginx/sites-available/{{ item.name[0] }}
with_items: nginx_vhosts with_items: nginx_vhosts
notify: reload nginx notify: reload nginx
- name: COMMAND | Get sites available
command: ls -1 /etc/nginx/sites-available
register: old_vhosts
changed_when: false
ignore_errors: true
- name: Delete unmanaged vhosts
file: path=/etc/nginx/sites-enabled/{{ item }} state=absent
file: path=/etc/nginx/sites-available/{{ item }} state=absent
with_items: old_vhosts.stdout_lines
when: item not in nginx_vhosts|map(attribute='name') and item != 'default'
#- name: COPY | Add index.html / index.php #- name: COPY | Add index.html / index.php
# copy: src={{ item }} dest={{ nginx_root }}/{{ item.name }}/public/{{ item }} owner=www-data group=www-data mode=0666 # copy: src={{ item }} dest={{ nginx_root }}/{{ item.name }}/public/{{ item }} owner=www-data group=www-data mode=0666
# with_fileglob: "web/*" # with_fileglob: "web/*"
- name: FILE | Enable vhosts (symlink to sites-enabled) - name: FILE | Delete vhosts
file: src=/etc/nginx/sites-available/{{ item.name }} dest=/etc/nginx/sites-enabled/{{ item.name }} state=link file: dest=/etc/nginx/sites-enabled/{{ item.name[0] }} state=absent
file: dest=/etc/nginx/sites-available/{{ item.name[0] }} state=absent
with_items: nginx_vhosts with_items: nginx_vhosts
notify: reload nginx notify: reload nginx
when: item.delete is defined and item.delete
- name: FILE | Create ssl dir per vhost (if needed) - name: FILE | Enable vhosts
file: dest=/etc/nginx/ssl/{{ item.name }} owner=root mode=0750 state=directory file: >
src=/etc/nginx/sites-available/{{ item.name[0] }}
dest=/etc/nginx/sites-enabled/{{ item.name[0] }}
state=link
with_items: nginx_vhosts with_items: nginx_vhosts
when: item.ssl.use is defined and item.ssl.use notify: reload nginx
when: item.enabled is not defined or (item.enabled is defined and item.enabled)
- name: FILE | Disable vhosts
file: dest=/etc/nginx/sites-enabled/{{ item.name[0] }} state=absent
with_items: nginx_vhosts
notify: reload nginx
when: item.enabled is defined and not item.enabled
#- name: FILE | Create ssl dir per vhost (if needed)
# file: dest=/etc/nginx/ssl/{{ item.name }} owner=root mode=0750 state=directory
# with_items: nginx_vhosts
# when: item.ssl.use is defined and item.ssl.use
# TODO... # TODO...
#- name: COPY | Deploy SSL keys if needed #- name: COPY | Deploy SSL keys if needed

View File

@ -0,0 +1,70 @@
{% set __listen = item.listen | default(['80']) %}
{% set __listen_ssl = item.listen_ssl | default(['443']) %}
#
# {{ ansible_managed }}
#
#
# HTTP
#
server {
{% for port in __listen %}
listen {{ port }};
{% endfor %}
server_name {{ item.name | join(' ') }};
{% if item.root is defined %}
root {{ item.root }};
{% else %}
root {{ nginx_root }}/{{ item.name[0] }}/public;
{% endif %}
{% block template_index %}
index {{ item.index | default('index.html index.htm') }};
{% endblock %}
{% block template_try_files %}
try_files $uri $uri/ =404;
{% endblock %}
{% block template_custom_location %}
{% endblock %}
location ~ /\.ht {
deny all;
}
location ~* \.(txt|js|css|png|jpg|jpeg|gif|ico|svg)$ {
expires 30d;
log_not_found off;
}
{% if item.use_access_log is defined and item.use_access_log %}
access_log {{ nginx_log_dir }}/{{ item.name }}_access.log combined;
{% else %}
access_log off;
{% endif %}
{% if item.use_error_log is defined and item.use_error_log %}
error_log {{ nginx_log_dir }}/{{ item.name }}_error.log {{ nginx_error_log_level }};
{% else %}
error_log off;
{% endif %}
}
# HTTPS
#server {
#}
{% if item.redirect_from is defined and item.redirect_from is iterable %}
#
# Redirect from
#
server {
{% for port in __listen %}
listen {{ port }};
{% endfor %}
server_name {{ item.redirect_from | join(' ') }};
return 301 $scheme://{{ item.name[0] }}$request_uri;
}
{% endif %}
# vim:filetype=nginx

View File

@ -0,0 +1,28 @@
{% extends "_base.j2" %}
{% block template_index %}
index {{ item.index | default('index.html index.htm index.php') }};
{% endblock %}
{% block template_try_files %}
try_files $uri $uri/ index.php;
{% endblock %}
{% block template_custom_location %}
location ~ \.php$ {
fastcgi_pass php;
fastcgi_index index.php;
{# TODO: fastcgi_intercept_errors {{ item.php.intercept_errors | default('on') }}; #}
fastcgi_intercept_errors on;
{% if nginx_version.stdout | version_compare('1.6.1', 'lt') %}
include fastcgi_params;
{% else %}
include fastcgi.conf;
{% endif %}
# TODO...
# Newrelic custom header: https://docs.newrelic.com/docs/apm/other-features/request-queueing/request-queue-server-configuration-examples
#fastcgi_param HTTP_X_REQUEST_START "t=${msec}";
# Newrelic custom PHP appname: https://docs.newrelic.com/docs/agents/php-agent/configuration/php-directory-ini-settings#perdir-nginx
#fastcgi_param PHP_VALUE "newrelic.appname=${host}";
}
{% endblock %}

View File

@ -5,32 +5,35 @@
- apt: pkg={{ item }} update_cache=yes cache_valid_time=3600 state=present - apt: pkg={{ item }} update_cache=yes cache_valid_time=3600 state=present
with_items: with_items:
- php5-fpm - php5-fpm
- lineinfile: dest=/etc/hosts line="127.0.2.2 {{ nginx_vhosts|map(attribute='name')| join(' ') }}" - lineinfile: >
dest=/etc/hosts
line="127.0.2.2 {% for name in nginx_vhosts|map(attribute='name') %}{{ name | join(' ') }} {% endfor %}"
vars: vars:
nginx_php: true nginx_php: true
nginx_php_sockets: nginx_php_sockets:
- unix_socket: "/var/run/php5-fpm.sock" - unix_socket: "/var/run/php5-fpm.sock"
nginx_vhosts: nginx_vhosts:
- name: 'test.local' - name:
aliases: - 'test.local'
- test-alias.local - 'test-alias.local'
- test2-alias.local - 'test2-alias.local'
template: 'static' template: '_base'
ssl: ssl:
use: false use: false
- name: 'test-php.local' - name:
template: 'wordpress' - 'test-php.local'
template: '_php'
ssl: ssl:
use: false use: false
roles: roles:
- ../../ - ../../
post_tasks: post_tasks:
- name: -- Add PHP file -- - name: -- Add PHP file --
copy: dest=/var/www/test-php.local/public/index.php content="<?php phpinfo();" copy: dest="{{ nginx_root }}/test-php.local/public/index.php" content="<?php phpinfo();"
- name: -- Add HTML file -- - name: -- Add HTML file --
copy: dest=/var/www/test.local/public/index.html content="HTML Message" copy: dest="{{ nginx_root }}/test.local/public/index.html" content="Index HTML test OK\n"
- name: -- VERIFY VHOSTS -- - name: -- VERIFY VHOSTS --
get_url: dest="/tmp/ansible_{{ item.name }}.txt" url="http://{{ item.name }}" validate_certs=no get_url: dest="/tmp/ansible_{{ item.name[0] }}.txt" url="http://{{ item.name[0] }}" validate_certs=no
with_items: nginx_vhosts with_items: nginx_vhosts
changed_when: false changed_when: false