New vhost option: manage_local_content

Add feature: override_try_files on vhost

.travis.yml

@@ -2,10 +2,12 @@ env:
   - PLATFORM=debian-wheezy
   - PLATFORM=debian-jessie
 
-sudo: true
+sudo: required
 
-install:
+language: python
-- curl -sLo - http://j.mp/install-travis-docker | sh -xe
+
+services:
+  - docker
 
 script:
-- ./run 'docker build -f tests/$PLATFORM.Dockerfile -t test-$PLATFORM . && docker run --name $PLATFORM test-$PLATFORM'
+  - docker build -f tests/$PLATFORM.Dockerfile -t test-$PLATFORM . && docker run --name $PLATFORM test-$PLATFORM

README.md

@@ -1,7 +1,7 @@
 Nginx for Debian Ansible role
 =============================
 
-[![Build Status](https://travis-ci.org/HanXHX/ansible-nginx.svg)](https://travis-ci.org/HanXHX/ansible-nginx)
+[![Ansible Galaxy](http://img.shields.io/badge/ansible--galaxy-HanXHX.nginx-blue.svg)](https://galaxy.ansible.com/list#/roles/4399) [![Build Status](https://travis-ci.org/HanXHX/ansible-nginx.svg)](https://travis-ci.org/HanXHX/ansible-nginx)
 
 Install and configure Nginx on Debian.
 
@@ -47,16 +47,22 @@ Socket:
 
 ### Vhost management
 
+You can see many examples in: [tests/test.yml](tests/test.yml).
+
   - `nginx_vhosts`: List of dict. A vhost has few keys. See bellow.
 
-####
+#### Common
 
   - `name`: (M) List of domain used. The first occurence is the most important!
   - `template`: (M) template used to create vhost
   - `enable`: (O) Enable the vhost (default is true)
   - `delete`: (O) Delete the vhost (default is false)
-  - `redirect_from`: (O) Domain list to redirect to the first `name`. You can use this key to redirect non-www to www.
+  - `redirect_from`: (O) Domain list to redirect to the first `name`. You can use this key to redirect non-www to www
-  - `location`: Add new custom locations (it does not overwrite!)
+  - `location`: (O) Add new custom locations (it does not overwrite!)
+  - `more`: (O) Add more custom infos.
+  - `upstream_params`: (O) Add upstream params (useful when you want to pass variables to PHP)
+  - `override_try_files`: (O) overrides default try\_files defined in template
+  - `manage_local_content`: (O) Boolean. Set to false if you don't want to manage local content (images, css...). This option is useless if you use proxy `template`
 
 (O) : Optional
 (M) : Mandatory
@@ -67,10 +73,48 @@ Socket:
   - `php`: PHP base template. Can work with many frameworks/tools.
   - `wordpress`
   - `dokuwiki`
+  - `proxy`
 
 Templates works as parent-child.
 
-You can see many examples in: [tests/test.yml](tests/test.yml).
+#### About proxy template
+
+Proxy template allow you to use Nginx as reverse proxy. Usefull when you have application serveur such as Redmine, Jenkins...
+
+You have many key added to vhost key:
+
+  - `upstream_name`: (O) upstream name used to pass proxy
+  - `proxy_params`: (M) list of raw params passed to the vhost
+
+(O) : Optional
+(M) : Mandatory
+
+
+### Upstream management
+
+  - `nginx_upstreams`: List of dict. An upstream has few keys. See bellow.
+
+Note: Few params are unavailable on old Nginx version. But this role don't put it if your version is too old!
+
+#### Upstream params
+
+- `name`: upstream name. Can be use in vhost with *proxy_pass http://upstream_name*
+- `params`: list of param (hash, zone...)
+- `servers`: each upstream MUST have at least 1 server
+
+#### Server params
+
+You must set a `path`. For example: *192.168.0.50:8080* or *unix:/tmp/my.sock*.
+
+All this params are optional. You should see [Nginx upstream doc](http://nginx.org/en/docs/http/ngx_http_upstream_module.html).
+
+  - `weight`
+  - `max`fails`
+  - `fail`timeout`
+  - `backup`
+  - `down`
+  - `route`
+  - `slow`start`
 
 Dependencies
 ------------

defaults/main.yml

@@ -70,3 +70,4 @@ nginx_http:
 #  etag: 'off'
 
 nginx_vhosts: []
+nginx_upstreams: []

tasks/upstream.yml

@@ -4,3 +4,7 @@
   template: src=etc/nginx/upstream/php.conf.j2 dest=/etc/nginx/conf.d/php.conf
   notify: reload nginx
 
+- name: TEMPLATE | Deploy other upstreams
+  template: src=etc/nginx/upstream/upstream.conf.j2 dest=/etc/nginx/conf.d/upstream-{{ item.name }}.conf
+  with_items: nginx_upstreams
+  notify: reload nginx

tasks/vhost.yml

@@ -8,7 +8,7 @@
     group={{ item.group | default('www-data') }}
     mode={{ item.mode | default('0755') }}
   with_items: nginx_vhosts
-  when: item.root is not defined
+  when: item.root is not defined and item.template != '_proxy'
 
 - name: TEMPLATE | Create vhosts
   template: >

templates/etc/nginx/sites-available/_base.j2

@@ -22,9 +22,15 @@ server {
 	index {{ item.index | default('index.html index.htm') }};
 {% endblock %}
 
+{% if item.more is defined and item.more is iterable %}
+{% for line in item.more %}
+	{{ line }}
+{% endfor %}
+{% endif %}
+
 	location / {
 {% block template_try_files %}
-		try_files $uri $uri/ =404;
+		try_files {{ override_try_files | default('$uri $uri/ =404') }};
 {% endblock %}
 	}
 
@@ -37,6 +43,8 @@ server {
 		deny all;
 	}
 
+{% block template_local_content %}
+{% if manage_local_content is defined and not manage_local_content %}
 	location = /favicon.ico {
 		expires 30d;
 		access_log off;
@@ -47,6 +55,8 @@ server {
 		expires 30d;
 		log_not_found off;
 	}
+{% endif %}
+{% endblock %}
 
 {% if __location is iterable and __location | length > 0 %}
 	# --> Custom locations

templates/etc/nginx/sites-available/_phalcon.j2

@@ -1,5 +1,5 @@
 {% extends "_php.j2" %}
 
 {% block template_try_files %}
-	try_files $uri $uri/ /index.php?_url=$uri;
+		try_files $uri $uri/ /index.php?_url=$uri$is_args&$args;
 {% endblock %}

templates/etc/nginx/sites-available/_php.j2

@@ -4,15 +4,18 @@
 {% endblock %}
 
 {% block template_try_files %}
-		try_files $uri $uri/ /index.php;
+		try_files {{ override_try_files | default('$uri $uri/ /index.php') }};
 {% endblock %}
 
 {% block template_upstream_location %}
 	location ~ \.php$ {
 		fastcgi_pass php;
 		fastcgi_index index.php;
-{# TODO:	fastcgi_intercept_errors {{ item.php.intercept_errors | default('on') }}; #}
+{% if item.upstream_params is defined and item.upstream_params is iterable %}
-		fastcgi_intercept_errors on;
+{% for param in item.upstream_params %}
+		{{ param }}
+{% endfor %}
+{% endif %}
 {% if nginx_version.stdout | version_compare('1.6.1', 'lt') %}
 		include fastcgi_params;
 {% else %}

templates/etc/nginx/sites-available/_proxy.j2

@@ -0,0 +1,23 @@
+{% extends "_base.j2" %}
+
+{% block template_try_files %}
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		
+		proxy_pass http://{{ item.upstream_name }};
+		proxy_read_timeout 90;
+		
+		{#proxy_redirect http://{{ upstream.name }} https://jenkins.domain.tld;#}
+
+{% if item.proxy_params is defined and item.proxy_params is iterable %}
+{% for param in item.proxy_params %}
+		{{ param }}
+{% endfor %}
+{% endif %}
+{% endblock %}
+
+{# We flush the default local content (locations) #}
+{% block template_local_content %}
+{% endblock %}

templates/etc/nginx/upstream/upstream.conf.j2

@@ -0,0 +1,19 @@
+{%- macro s(key, value, is_bool, min_version) %}
+{% if nginx_version.stdout | version_compare(min_version, 'ge') %}
+{% if is_bool and value %} {{ key }}{% elif not is_bool %} {{ key }}={{ value }}{% endif %}
+{% endif %}
+{%- endmacro -%}
+#
+# {{ ansible_managed }}
+#
+
+upstream {{ item.name }} {
+{% for server in item.servers %}
+	server {{ server.path }}{% for p in nginx_upstream_server_params if server[p.key] is defined %}{{ s(p.key, server[p.key] | default(p.default), p.is_bool | default(false), p.min_version | default('0.0.1')) }}{% endfor %};
+{% endfor %}
+{% if item.params is defined and item.params is iterable %}
+{% for param in item.params %}
+	{{ param }};
+{% endfor %}
+{% endif %}
+}

tests/test.yml

@@ -8,12 +8,23 @@
         - curl
   vars:
     nginx_php: true
+    nginx_upstreams:
+      - name: 'test'
+        servers:
+          - path: '127.0.0.1:80'
+            max_conns: 150
+            weight: 10
+            down: false
     nginx_vhosts:
       - name:
           - 'test.local'
           - 'test-alias.local'
           - 'test2-alias.local'
         template: '_base'
+        override_try_files: '$uri $uri index.htm index.html'
+        manage_local_content: false
+        more:
+          - 'autoindex off;'
         location:
           '/test':
             - 'return 403;'
@@ -21,9 +32,17 @@
             - 'return 404;'
       - name:
           - 'test-php.local'
+        upstream_params:
+          - 'fastcgi_param FOO bar;'
         redirect_from:
           - 'www.test-php.local'
         template: '_php'
+      - name:
+          - 'test-proxy.local'
+        listen:
+          - 8080
+        template: '_proxy'
+        upstream_name: 'test'
       - name:
           - 'deleted.local'
         template: '_base'
@@ -36,7 +55,7 @@
     - name: -- Add HTML file --
       copy: dest="{{ nginx_root }}/test.local/public/index.html" content="Index HTML test OK\n"
     - name: -- VERIFY VHOSTS --
-      shell: "curl -H 'Host: {{ item.name[0] }}' http://127.0.0.1/"
+      shell: "curl -H 'Host: {{ item.name[0] }}' http://127.0.0.1{% if item.listen is defined and item.listen is iterable %}:{{ item.listen[0] }}{% endif %}/"
       with_items: nginx_vhosts
       when: item.delete is undefined or not item.delete
       changed_when: false

vars/main.yml

@@ -1 +1,25 @@
 nginx_dh_path: /etc/nginx/ssl/dhparams.pem
+
+nginx_upstream_server_params:
+  - key: 'weight'
+    default: 1
+  - key: 'max_fails'
+    default: 1
+  - key: 'fail_timeout'
+    default: '10s'
+  - key: 'backup'
+    is_bool: true
+  - key: 'down'
+    is_bool: true
+    default: false
+  - key: 'route'
+    default: 'configuration_error'
+  - key: 'slow_start'
+    default: 0
+# Nginx Plus only
+#  - key: 'max_conns'
+#    default: 0
+#    min_version: '1.5.9'
+#  - key: 'resolve'
+#    is_bool: true
+#    min_version: '1.5.12'