Fix jessie and add doc

Fix boolean values on upstream
Test proxy with a real back-end: himself
2026-02-28 09:22:10 +07:00 · 2015-10-09 17:54:07 +02:00 · 2015-10-09 14:36:55 +02:00 · 2015-10-09 14:31:01 +02:00 · 2015-10-08 18:21:40 +02:00 · 2015-10-07 19:31:12 +02:00
11 changed files with 149 additions and 15 deletions
--- a/.travis.yml
+++ b/.travis.yml
@@ -2,10 +2,12 @@ env:
  - PLATFORM=debian-wheezy
  - PLATFORM=debian-jessie

-sudo: true
+sudo: required

-install:
- curl -sLo - http://j.mp/install-travis-docker | sh -xe
+language: python
+
+services:
+  - docker

 script:
- ./run 'docker build -f tests/$PLATFORM.Dockerfile -t test-$PLATFORM . && docker run --name $PLATFORM test-$PLATFORM'
+  - docker build -f tests/$PLATFORM.Dockerfile -t test-$PLATFORM . && docker run --name $PLATFORM test-$PLATFORM
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 Nginx for Debian Ansible role
 =============================

-[![Build Status](https://travis-ci.org/HanXHX/ansible-nginx.svg)](https://travis-ci.org/HanXHX/ansible-nginx)
+[![Ansible Galaxy](http://img.shields.io/badge/ansible--galaxy-HanXHX.nginx-blue.svg)](https://galaxy.ansible.com/list#/roles/4399) [![Build Status](https://travis-ci.org/HanXHX/ansible-nginx.svg)](https://travis-ci.org/HanXHX/ansible-nginx)

 Install and configure Nginx on Debian.

@@ -47,9 +47,11 @@ Socket:

 ### Vhost management

+You can see many examples in: [tests/test.yml](tests/test.yml).
+
  - `nginx_vhosts`: List of dict. A vhost has few keys. See bellow.

-####
+#### Common

  - `name`: (M) List of domain used. The first occurence is the most important!
  - `template`: (M) template used to create vhost
@@ -58,6 +60,7 @@ Socket:
  - `redirect_from`: (O) Domain list to redirect to the first `name`. You can use this key to redirect non-www to www
  - `location`: (O) Add new custom locations (it does not overwrite!)
  - `more`: (O) Add more custom infos.
+  - `upstream_params`: (O) Add upstream params (useful when you want to pass variables to PHP)

 (O) : Optional
 (M) : Mandatory
@@ -68,10 +71,48 @@ Socket:
  - `php`: PHP base template. Can work with many frameworks/tools.
  - `wordpress`
  - `dokuwiki`
+  - `proxy`

 Templates works as parent-child.

-You can see many examples in: [tests/test.yml](tests/test.yml).
+#### About proxy template
+
+Proxy template allow you to use Nginx as reverse proxy. Usefull when you have application serveur such as Redmine, Jenkins...
+
+You have many key added to vhost key:
+
+  - `upstream_name`: (O) upstream name used to pass proxy
+  - `proxy_params`: (M) list of raw params passed to the vhost
+
+(O) : Optional
+(M) : Mandatory
+
+
+### Upstream management
+
+  - `nginx_upstreams`: List of dict. An upstream has few keys. See bellow.
+
+Note: Few params are unavailable on old Nginx version. But this role don't put it if your version is too old!
+
+#### Upstream params
+
+- `name`: upstream name. Can be use in vhost with *proxy_pass http://upstream_name*
+- `params`: list of param (hash, zone...)
+- `servers`: each upstream MUST have at least 1 server
+
+#### Server params
+
+You must set a `path`. For example: *192.168.0.50:8080* or *unix:/tmp/my.sock*.
+
+All this params are optional. You should see [Nginx upstream doc](http://nginx.org/en/docs/http/ngx_http_upstream_module.html).
+
+  - `weight`
+  - `max`fails`
+  - `fail`timeout`
+  - `backup`
+  - `down`
+  - `route`
+  - `slow`start`

 Dependencies
 ------------
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -70,3 +70,4 @@ nginx_http:
 #  etag: 'off'

 nginx_vhosts: []
+nginx_upstreams: []
--- a/tasks/upstream.yml
+++ b/tasks/upstream.yml
@@ -4,3 +4,7 @@
  template: src=etc/nginx/upstream/php.conf.j2 dest=/etc/nginx/conf.d/php.conf
  notify: reload nginx

+- name: TEMPLATE | Deploy other upstreams
+  template: src=etc/nginx/upstream/upstream.conf.j2 dest=/etc/nginx/conf.d/upstream-{{ item.name }}.conf
+  with_items: nginx_upstreams
+  notify: reload nginx
--- a/tasks/vhost.yml
+++ b/tasks/vhost.yml
@@ -8,7 +8,7 @@
    group={{ item.group | default('www-data') }}
    mode={{ item.mode | default('0755') }}
  with_items: nginx_vhosts
-  when: item.root is not defined
+  when: item.root is not defined and item.template != '_proxy'

 - name: TEMPLATE | Create vhosts
  template: >
--- a/templates/etc/nginx/sites-available/_base.j2
+++ b/templates/etc/nginx/sites-available/_base.j2
@@ -24,7 +24,7 @@ server {

 {% if item.more is defined and item.more is iterable %}
 {% for line in item.more %}
-	{{ item.more }}
+	{{ line }}
 {% endfor %}
 {% endif %}

@@ -43,6 +43,7 @@ server {
 		deny all;
 	}

+{% block template_local_content %}
 	location = /favicon.ico {
 		expires 30d;
 		access_log off;
@@ -53,6 +54,7 @@ server {
 		expires 30d;
 		log_not_found off;
 	}
+{% endblock %}

 {% if __location is iterable and __location | length > 0 %}
 	# --> Custom locations
--- a/templates/etc/nginx/sites-available/_php.j2
+++ b/templates/etc/nginx/sites-available/_php.j2
@@ -11,8 +11,11 @@
 	location ~ \.php$ {
 		fastcgi_pass php;
 		fastcgi_index index.php;
-{# TODO:	fastcgi_intercept_errors {{ item.php.intercept_errors | default('on') }}; #}
-		fastcgi_intercept_errors on;
+{% if item.upstream_params is defined and item.upstream_params is iterable %}
+{% for param in item.upstream_params %}
+		{{ param }}
+{% endfor %}
+{% endif %}
 {% if nginx_version.stdout | version_compare('1.6.1', 'lt') %}
 		include fastcgi_params;
 {% else %}
--- a/templates/etc/nginx/sites-available/_proxy.j2
+++ b/templates/etc/nginx/sites-available/_proxy.j2
@@ -0,0 +1,23 @@
+{% extends "_base.j2" %}
+
+{% block template_try_files %}
+		proxy_set_header Host $host;
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header X-Forwarded-Proto $scheme;
+		
+		proxy_pass http://{{ item.upstream_name }};
+		proxy_read_timeout 90;
+		
+		{#proxy_redirect http://{{ upstream.name }} https://jenkins.domain.tld;#}
+
+{% if item.proxy_params is defined and item.proxy_params is iterable %}
+{% for param in item.proxy_params %}
+		{{ param }}
+{% endfor %}
+{% endif %}
+{% endblock %}
+
+{# We flush the default local content (locations) #}
+{% block template_local_content %}
+{% endblock %}
--- a/templates/etc/nginx/upstream/upstream.conf.j2
+++ b/templates/etc/nginx/upstream/upstream.conf.j2
@@ -0,0 +1,19 @@
+{%- macro s(key, value, is_bool, min_version) %}
+{% if nginx_version.stdout | version_compare(min_version, 'ge') %}
+{% if is_bool and value %} {{ key }}{% elif not is_bool %} {{ key }}={{ value }}{% endif %}
+{% endif %}
+{%- endmacro -%}
+#
+# {{ ansible_managed }}
+#
+
+upstream {{ item.name }} {
+{% for server in item.servers %}
+	server {{ server.path }}{% for p in nginx_upstream_server_params if server[p.key] is defined %}{{ s(p.key, server[p.key] | default(p.default), p.is_bool | default(false), p.min_version | default('0.0.1')) }}{% endfor %};
+{% endfor %}
+{% if item.params is defined and item.params is iterable %}
+{% for param in item.params %}
+	{{ param }};
+{% endfor %}
+{% endif %}
+}
--- a/tests/test.yml
+++ b/tests/test.yml
@@ -8,6 +8,13 @@
        - curl
  vars:
    nginx_php: true
+    nginx_upstreams:
+      - name: 'test'
+        servers:
+          - path: '127.0.0.1:80'
+            max_conns: 150
+            weight: 10
+            down: false
    nginx_vhosts:
      - name:
          - 'test.local'
@@ -15,7 +22,7 @@
          - 'test2-alias.local'
        template: '_base'
        more:
-          - 'etag off;'
+          - 'autoindex off;'
        location:
          '/test':
            - 'return 403;'
@@ -23,9 +30,17 @@
            - 'return 404;'
      - name:
          - 'test-php.local'
+        upstream_params:
+          - 'fastcgi_param FOO bar;'
        redirect_from:
          - 'www.test-php.local'
        template: '_php'
+      - name:
+          - 'test-proxy.local'
+        listen:
+          - 8080
+        template: '_proxy'
+        upstream_name: 'test'
      - name:
          - 'deleted.local'
        template: '_base'
@@ -38,7 +53,7 @@
    - name: -- Add HTML file --
      copy: dest="{{ nginx_root }}/test.local/public/index.html" content="Index HTML test OK\n"
    - name: -- VERIFY VHOSTS --
-      shell: "curl -H 'Host: {{ item.name[0] }}' http://127.0.0.1/"
+      shell: "curl -H 'Host: {{ item.name[0] }}' http://127.0.0.1{% if item.listen is defined and item.listen is iterable %}:{{ item.listen[0] }}{% endif %}/"
      with_items: nginx_vhosts
      when: item.delete is undefined or not item.delete
      changed_when: false
--- a/vars/main.yml
+++ b/vars/main.yml
@@ -1 +1,25 @@
 nginx_dh_path: /etc/nginx/ssl/dhparams.pem
+
+nginx_upstream_server_params:
+  - key: 'weight'
+    default: 1
+  - key: 'max_fails'
+    default: 1
+  - key: 'fail_timeout'
+    default: '10s'
+  - key: 'backup'
+    is_bool: true
+  - key: 'down'
+    is_bool: true
+    default: false
+  - key: 'route'
+    default: 'configuration_error'
+  - key: 'slow_start'
+    default: 0
+# Nginx Plus only
+#  - key: 'max_conns'
+#    default: 0
+#    min_version: '1.5.9'
+#  - key: 'resolve'
+#    is_bool: true
+#    min_version: '1.5.12'
Author	SHA1	Message	Date
Emilien Mantel	eaf4032bc0	Fix jessie and add doc	2015-10-09 17:54:07 +02:00
Emilien Mantel	63fee94d90	Fix boolean values on upstream	2015-10-09 14:36:55 +02:00
Emilien Mantel	a50d7e8774	Test proxy with a real back-end: himself	2015-10-09 14:31:01 +02:00
Emilien Mantel	96bbc47d27	First shot proxy (unstable)	2015-10-08 18:21:40 +02:00
Emilien Mantel	a9a898e910	Test travis docker	2015-10-07 19:31:12 +02:00
Emilien Mantel	edb36acd5d	Fix badge	2015-10-07 19:25:57 +02:00
Emilien Mantel	fb0b210d45	Update badge	2015-10-07 19:19:46 +02:00
Emilien Mantel	a02b44a2f0	Add Ansible Galaxy badge	2015-10-07 19:19:09 +02:00
Emilien Mantel	95e2cb5f12	Fix more params and add upstream params	2015-09-21 16:29:14 +02:00