From fb36b5b643c1473f41de5414dd534f0876edf3c4 Mon Sep 17 00:00:00 2001 From: rickydelorier Date: Wed, 4 Apr 2018 19:48:31 -0400 Subject: [PATCH 01/34] Fix template path issues --- tasks/conf/template-config.yml | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/tasks/conf/template-config.yml b/tasks/conf/template-config.yml index 46490ec..e34ae53 100644 --- a/tasks/conf/template-config.yml +++ b/tasks/conf/template-config.yml @@ -5,18 +5,32 @@ dest: /etc/nginx/nginx.conf notify: "(Handler: All OSs) Reload NGINX" +- name: "(Setup: All NGINX) Ensures /etc/nginx/conf.d/http dir exists" + file: + path: /etc/nginx/conf.d/http + state: directory + when: http_template_enable + - name: "(Setup: All NGINX) Dynamically Generate NGINX HTTP Configuration Files" template: src: "{{ item }}" - dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }} + dest: /etc/nginx/conf.d/http/{{ item | basename | regex_replace('\.j2','') }} with_fileglob: - "../templates/http/*.j2" + when: http_template_enable notify: "(Handler: All OSs) Reload NGINX" +- name: "(Setup: All NGINX) Ensures /etc/nginx/conf.d/stream dir exists" + file: + path: /etc/nginx/conf.d/stream + state: directory + when: stream_template_enable + - name: "(Setup: All NGINX) Dynamically Generate NGINX Stream Configuration Files" template: src: "{{ item }}" - dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }} + dest: /etc/nginx/conf.d/stream/{{ item | basename | regex_replace('\.j2','') }} with_fileglob: - "../templates/stream/*.j2" + when: stream_template_enable notify: "(Handler: All OSs) Reload NGINX" From 8bf17d77c0ef9bced28168cb9b985177c3689497 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Thu, 5 Apr 2018 14:32:37 -0700 Subject: [PATCH 02/34] Fix path for all HTTP/Stream *.conf files Change path in all relevant tasks to ensure that HTTP and Stream NGINX *.conf files get uploaded/created in the right directory --- tasks/conf/push-config.yml | 16 ++++++++++++++-- tasks/conf/setup-status.yml | 4 ++-- tasks/conf/template-config.yml | 4 ++-- 3 files changed, 18 insertions(+), 6 deletions(-) diff --git a/tasks/conf/push-config.yml b/tasks/conf/push-config.yml index 6dd21b6..254f9b9 100644 --- a/tasks/conf/push-config.yml +++ b/tasks/conf/push-config.yml @@ -6,19 +6,31 @@ notify: "(Handler: All OSs) Reload NGINX" when: main_upload_enable +- name: "(Setup: All NGINX) Ensure NGINX HTTP Directory Exists" + file: + path: /etc/nginx/conf.d/http + state: directory + when: http_template_enable + - name: "(Setup: All NGINX) Upload NGINX HTTP Configuration Files" copy: src: "{{ item }}" - dest: /etc/nginx/conf.d/ + dest: /etc/nginx/conf.d/http with_fileglob: - "{{ http_upload_location }}" notify: "(Handler: All OSs) Reload NGINX" when: http_upload_enable +- name: "(Setup: All NGINX) Ensure NGINX Stream Directory Exists" + file: + path: /etc/nginx/conf.d/stream + state: directory + when: stream_template_enable + - name: "(Setup: All NGINX) Upload NGINX Stream Configuration Files" copy: src: "{{ item }}" - dest: /etc/nginx/conf.d/ + dest: /etc/nginx/conf.d/stream with_fileglob: - "{{ stream_upload_location }}" notify: "(Handler: All OSs) Reload NGINX" diff --git a/tasks/conf/setup-status.yml b/tasks/conf/setup-status.yml index c8258e9..1b1a4a9 100644 --- a/tasks/conf/setup-status.yml +++ b/tasks/conf/setup-status.yml @@ -1,7 +1,7 @@ --- - name: "(Setup: Open Source NGINX) Enable Open Source NGINX Status" blockinfile: - path: /etc/nginx/conf.d/stub_status.conf + path: "{{ (http_template_enable) | ternary('/etc/nginx/conf.d/http/stub_status.conf','/etc/nginx/conf.d/stub_status.conf') }}" create: yes block: | server { @@ -17,7 +17,7 @@ - name: "(Setup: NGINX Plus) Enable NGINX Plus Status" blockinfile: - path: /etc/nginx/conf.d/status.conf + path: "{{ (http_template_enable) | ternary('/etc/nginx/conf.d/http/status.conf','/etc/nginx/conf.d/status.conf') }}" create: yes block: | server { diff --git a/tasks/conf/template-config.yml b/tasks/conf/template-config.yml index e34ae53..1c51b52 100644 --- a/tasks/conf/template-config.yml +++ b/tasks/conf/template-config.yml @@ -5,7 +5,7 @@ dest: /etc/nginx/nginx.conf notify: "(Handler: All OSs) Reload NGINX" -- name: "(Setup: All NGINX) Ensures /etc/nginx/conf.d/http dir exists" +- name: "(Setup: All NGINX) Ensure NGINX HTTP Directory Exists" file: path: /etc/nginx/conf.d/http state: directory @@ -20,7 +20,7 @@ when: http_template_enable notify: "(Handler: All OSs) Reload NGINX" -- name: "(Setup: All NGINX) Ensures /etc/nginx/conf.d/stream dir exists" +- name: "(Setup: All NGINX) Ensure NGINX Stream Directory Exists" file: path: /etc/nginx/conf.d/stream state: directory From 681395baad4faf82b0f396c6bf8527fa3a7c8d5a Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 6 Apr 2018 16:05:23 -0700 Subject: [PATCH 03/34] Backup/remove default.conf NGINX configuration file Backup and then remove the default.conf configuration file created by NGINX upon initial installation --- tasks/conf/push-config.yml | 18 ++++++++++++++++++ tasks/conf/template-config.yml | 18 ++++++++++++++++++ 2 files changed, 36 insertions(+) diff --git a/tasks/conf/push-config.yml b/tasks/conf/push-config.yml index 254f9b9..cbb052e 100644 --- a/tasks/conf/push-config.yml +++ b/tasks/conf/push-config.yml @@ -1,4 +1,22 @@ --- +- name: "(Setup: All NGINX) Check NGINX Default Configuration File Exists" + stat: + path: /etc/nginx/conf.d/default.conf + register: default_exists + +- name: "(Setup: All NGINX) Backup NGINX Default Configuration File" + copy: + remote_src: yes + src: /etc/nginx/conf.d/default.conf + dest: /etc/nginx/conf.d/default.conf.bak + when: default_exists.stat.exists + +- name: "(Setup: All NGINX) Delete NGINX Default Configuration File" + file: + path: /etc/nginx/conf.d/default.conf + state: absent + when: default_exists.stat.exists + - name: "(Setup: All NGINX) Upload NGINX Main Configuration File" copy: src: "{{ main_upload_location }}" diff --git a/tasks/conf/template-config.yml b/tasks/conf/template-config.yml index 1c51b52..5d54b77 100644 --- a/tasks/conf/template-config.yml +++ b/tasks/conf/template-config.yml @@ -1,4 +1,22 @@ --- +- name: "(Setup: All NGINX) Check NGINX Default Configuration File Exists" + stat: + path: /etc/nginx/conf.d/default.conf + register: default_exists + +- name: "(Setup: All NGINX) Backup NGINX Default Configuration File" + copy: + remote_src: yes + src: /etc/nginx/conf.d/default.conf + dest: /etc/nginx/conf.d/default.conf.bak + when: default_exists.stat.exists + +- name: "(Setup: All NGINX) Delete NGINX Default Configuration File" + file: + path: /etc/nginx/conf.d/default.conf + state: absent + when: default_exists.stat.exists + - name: "(Setup: All NGINX) Dynamically Generate NGINX Main Configuration File" template: src: nginx.conf.j2 From 6047a1107dc52b788747d697b2e17c0f99bdcd11 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 6 Apr 2018 16:29:49 -0700 Subject: [PATCH 04/34] Refactor REST API deployment This refactor should fix #17 and ensure that api.conf only gets created when rest_api_enable is set to true and that api.conf gets created in the correct location --- defaults/main.yml | 9 +++------ tasks/conf/setup-rest-api.yml | 22 +++++++++++++++++++--- templates/http/api.conf.j2 | 17 ----------------- templates/nginx.conf.j2 | 2 +- 4 files changed, 23 insertions(+), 27 deletions(-) delete mode 100644 templates/http/api.conf.j2 diff --git a/defaults/main.yml b/defaults/main.yml index 168aaf0..355865e 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -31,14 +31,11 @@ amplify_key: null # Default is false. status_enable: false -# Enable NGINX Plus REST API and write access. +# Enable NGINX Plus REST API, write access to the REST API, and NGINX Plus dashboard. # Default is false. rest_api_enable: false rest_api_write: false - -# Enable NGINX Plus dashboard. REST API also needs to be enabled. -# Default is false. -dashboard: false +rest_api_dashboard: false # Location of your NGINX Plus license in your local machine. # Default is the files folder within the NGINX Ansible role. @@ -63,8 +60,8 @@ main_template_user: nginx main_template_worker_processes: auto main_template_error_level: warn main_template_worker_connections: 1024 -main_template_keepalive_timeout: 65 http_template_enable: false +http_template_keepalive_timeout: 65 http_template_listen: 80 http_template_server_name: localhost stream_template_enable: false diff --git a/tasks/conf/setup-rest-api.yml b/tasks/conf/setup-rest-api.yml index d49e1e2..67abbba 100644 --- a/tasks/conf/setup-rest-api.yml +++ b/tasks/conf/setup-rest-api.yml @@ -1,6 +1,22 @@ --- - name: "(Setup: NGINX Plus) Setup NGINX Plus API" - template: - src: api.conf.j2 - dest: "{{ (http_template_enable) | ternary('/etc/nginx/conf.d/http/api.conf','/etc/nginx/conf.d/api.conf') }}" + blockinfile: + path: "{{ (http_template_enable) | ternary('/etc/nginx/conf.d/http/api.conf','/etc/nginx/conf.d/api.conf') }}" + create: yes + block: | + server { + listen 8080; + location /api { + {% if rest_api_write %} + api write=on; + {% else %} + api; + {% endif %} + } + {% if rest_api_dashboard %} + location = /dashboard.html { + root /usr/share/nginx/html; + } + {% endif %} + } notify: "(Handler: All OSs) Reload NGINX" diff --git a/templates/http/api.conf.j2 b/templates/http/api.conf.j2 deleted file mode 100644 index 9b72fe6..0000000 --- a/templates/http/api.conf.j2 +++ /dev/null @@ -1,17 +0,0 @@ -{% if rest_api_enable %} -server { - listen 8080; - location /api { -{% if rest_api_write %} - api write=on; -{% else %} - api; -{% endif %} - } -{% if dashboard %} - location = /dashboard.html { - root /usr/share/nginx/html; - } -{% endif %} -} -{% endif %} diff --git a/templates/nginx.conf.j2 b/templates/nginx.conf.j2 index 5a60037..153696e 100644 --- a/templates/nginx.conf.j2 +++ b/templates/nginx.conf.j2 @@ -23,7 +23,7 @@ http { sendfile on; #tcp_nopush on; - keepalive_timeout {{ main_template_keepalive_timeout }}; + keepalive_timeout {{ http_template_keepalive_timeout }}; #gzip on; From 4723ffa4473f1bf8227b685fee2bdf03e76339d4 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Mon, 9 Apr 2018 10:52:24 -0700 Subject: [PATCH 05/34] Update README.md --- README.md | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 6f7f205..d19762a 100644 --- a/README.md +++ b/README.md @@ -111,14 +111,11 @@ This role has multiple variables. The defaults for all these variables are the f # Default is false. status_enable: false - # Enable NGINX Plus REST API and write access. + # Enable NGINX Plus REST API, write access to the REST API, and NGINX Plus dashboard. # Default is false. rest_api_enable: false rest_api_write: false - - # Enable NGINX Plus dashboard. REST API also needs to be enabled. - # Default is false. - dashboard: false + rest_api_dashboard: false # Location of your NGINX Plus license in your local machine. # Default is the files folder within the NGINX Ansible role. @@ -143,8 +140,8 @@ This role has multiple variables. The defaults for all these variables are the f main_template_worker_processes: auto main_template_error_level: warn main_template_worker_connections: 1024 - main_template_keepalive_timeout: 65 http_template_enable: false + http_template_keepalive_timeout: 65 http_template_listen: 80 http_template_server_name: localhost stream_template_enable: false From 9c80941892f3bf5bed08a6bedb9b1730866dd97e Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Thu, 12 Apr 2018 10:05:43 -0700 Subject: [PATCH 06/34] Only remove/backup nginx.conf when necessary --- tasks/conf/push-config.yml | 5 +++-- tasks/conf/template-config.yml | 6 ++++-- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/tasks/conf/push-config.yml b/tasks/conf/push-config.yml index cbb052e..d8bbb88 100644 --- a/tasks/conf/push-config.yml +++ b/tasks/conf/push-config.yml @@ -2,6 +2,7 @@ - name: "(Setup: All NGINX) Check NGINX Default Configuration File Exists" stat: path: /etc/nginx/conf.d/default.conf + when: main_upload_enable register: default_exists - name: "(Setup: All NGINX) Backup NGINX Default Configuration File" @@ -9,13 +10,13 @@ remote_src: yes src: /etc/nginx/conf.d/default.conf dest: /etc/nginx/conf.d/default.conf.bak - when: default_exists.stat.exists + when: default_exists.stat.exists && main_upload_enable - name: "(Setup: All NGINX) Delete NGINX Default Configuration File" file: path: /etc/nginx/conf.d/default.conf state: absent - when: default_exists.stat.exists + when: default_exists.stat.exists && main_upload_enable - name: "(Setup: All NGINX) Upload NGINX Main Configuration File" copy: diff --git a/tasks/conf/template-config.yml b/tasks/conf/template-config.yml index 5d54b77..e75bfb2 100644 --- a/tasks/conf/template-config.yml +++ b/tasks/conf/template-config.yml @@ -2,6 +2,7 @@ - name: "(Setup: All NGINX) Check NGINX Default Configuration File Exists" stat: path: /etc/nginx/conf.d/default.conf + when: main_template_enable register: default_exists - name: "(Setup: All NGINX) Backup NGINX Default Configuration File" @@ -9,18 +10,19 @@ remote_src: yes src: /etc/nginx/conf.d/default.conf dest: /etc/nginx/conf.d/default.conf.bak - when: default_exists.stat.exists + when: default_exists.stat.exists && main_template_enable - name: "(Setup: All NGINX) Delete NGINX Default Configuration File" file: path: /etc/nginx/conf.d/default.conf state: absent - when: default_exists.stat.exists + when: default_exists.stat.exists && main_template_enable - name: "(Setup: All NGINX) Dynamically Generate NGINX Main Configuration File" template: src: nginx.conf.j2 dest: /etc/nginx/nginx.conf + when: main_template_enable notify: "(Handler: All OSs) Reload NGINX" - name: "(Setup: All NGINX) Ensure NGINX HTTP Directory Exists" From 9555ab95594bc61147a5741a12756a853c0760e2 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Thu, 12 Apr 2018 10:20:39 -0700 Subject: [PATCH 07/34] Update branding --- README.md | 10 +++++----- defaults/main.yml | 6 +++--- tasks/conf/setup-status.yml | 2 +- tasks/modules/install-geoip.yml | 2 +- tasks/modules/install-image-filter.yml | 2 +- tasks/modules/install-njs.yml | 6 +++--- tasks/modules/install-perl.yml | 2 +- tasks/modules/install-rtmp.yml | 2 +- tasks/modules/install-xslt.yml | 2 +- 9 files changed, 17 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index d19762a..6ad524e 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ Ansible NGINX Role [![Ansible Galaxy](https://img.shields.io/badge/galaxy-nginxinc.nginx-5bbdbf.svg)](https://galaxy.ansible.com/nginxinc/nginx) [![Build Status](https://travis-ci.org/nginxinc/ansible-role-nginx.svg?branch=master)](https://travis-ci.org/nginxinc/ansible-role-nginx) -This role installs open source NGINX or NGINX Plus on your target host. +This role installs NGINX Open Source or NGINX Plus on your target host. Requirements ------------ @@ -13,9 +13,9 @@ This role was developed using Ansible 2.4.0.0. Backwards compatibility is not gu Use `ansible-galaxy install nginxinc.nginx` to install the role on your system. -It supports all platforms supported by [open source NGINX](https://nginx.org/en/linux_packages.html#mainline) and [NGINX Plus](https://www.nginx.com/products/technical-specs/): +It supports all platforms supported by [NGINX Open Source](https://nginx.org/en/linux_packages.html#mainline) and [NGINX Plus](https://www.nginx.com/products/technical-specs/): -**Open Source NGINX:** +**NGINX Open Source:** CentOS: versions: @@ -84,7 +84,7 @@ This role has multiple variables. The defaults for all these variables are the f # Default is 'opensource'. type: opensource - # Specify which branch of Open Source NGINX you want to install. + # Specify which branch of NGINX Open Source you want to install. # Options are 'mainline' or 'stable'. # Default is mainline. branch: mainline @@ -107,7 +107,7 @@ This role has multiple variables. The defaults for all these variables are the f amplify_key: null # Enable NGINX status data. - # Will enable 'stub_status' in open source NGINX and 'status' in NGINX Plus. + # Will enable 'stub_status' in NGINX Open Source and 'status' in NGINX Plus. # Default is false. status_enable: false diff --git a/defaults/main.yml b/defaults/main.yml index 355865e..10fb067 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -4,12 +4,12 @@ # Default is 'opensource'. type: opensource -# Specify which branch of Open Source NGINX you want to install. +# Specify which branch of NGINX Open Source you want to install. # Options are 'mainline' or 'stable'. # Default is mainline. branch: mainline -# Install nginscript, perl, waf (NGINX Plus only), geoip, image-filter, rtmp and/or xslt modules. +# Install NGINX JavaScript, Perl, ModSecurity WAF (NGINX Plus only), GeoIP, Image-Filter, RTMP Media Streaming, and/or XSLT modules. # Default is false. modules: njs: false @@ -27,7 +27,7 @@ amplify_enable: false amplify_key: null # Enable NGINX status data. -# Will enable 'stub_status' in open source NGINX and 'status' in NGINX Plus. +# Will enable 'stub_status' in NGINX Open Source and 'status' in NGINX Plus. # Default is false. status_enable: false diff --git a/tasks/conf/setup-status.yml b/tasks/conf/setup-status.yml index 1b1a4a9..e1f609a 100644 --- a/tasks/conf/setup-status.yml +++ b/tasks/conf/setup-status.yml @@ -1,5 +1,5 @@ --- -- name: "(Setup: Open Source NGINX) Enable Open Source NGINX Status" +- name: "(Setup: NGINX Open Source) Enable NGINX Open Source Status" blockinfile: path: "{{ (http_template_enable) | ternary('/etc/nginx/conf.d/http/stub_status.conf','/etc/nginx/conf.d/stub_status.conf') }}" create: yes diff --git a/tasks/modules/install-geoip.yml b/tasks/modules/install-geoip.yml index 29ca8aa..387c77c 100644 --- a/tasks/modules/install-geoip.yml +++ b/tasks/modules/install-geoip.yml @@ -1,5 +1,5 @@ --- -- name: "(Install: All OSs) Install Open Source NGINX GeoIP Module" +- name: "(Install: All OSs) Install NGINX Open Source GeoIP Module" package: name: nginx-geoip-perl state: present diff --git a/tasks/modules/install-image-filter.yml b/tasks/modules/install-image-filter.yml index 8072617..ab89bc6 100644 --- a/tasks/modules/install-image-filter.yml +++ b/tasks/modules/install-image-filter.yml @@ -1,5 +1,5 @@ --- -- name: "(Install: All OSs) Install Open Source NGINX Image Filter Module" +- name: "(Install: All OSs) Install NGINX Open Source Image Filter Module" package: name: nginx-module-image-filter state: present diff --git a/tasks/modules/install-njs.yml b/tasks/modules/install-njs.yml index 6216308..54ab926 100644 --- a/tasks/modules/install-njs.yml +++ b/tasks/modules/install-njs.yml @@ -1,17 +1,17 @@ --- -- name: "(Install: All OSs) Install Open Source NGINX NJS Module" +- name: "(Install: All OSs) Install NGINX Open Source JavaScript Module" package: name: nginx-module-njs state: present when: type == "opensource" -- name: "(Install: All OSs) Install NGINX Plus NJS Module" +- name: "(Install: All OSs) Install NGINX Plus JavaScript Module" package: name: nginx-plus-module-njs state: present when: type == "plus" -- name: "(Setup: All NGINX) Load NGINX NJS Module" +- name: "(Setup: All NGINX) Load NGINX JavaScript Module" blockinfile: path: /etc/nginx/nginx.conf insertbefore: BOF diff --git a/tasks/modules/install-perl.yml b/tasks/modules/install-perl.yml index 5adf910..e14ef06 100644 --- a/tasks/modules/install-perl.yml +++ b/tasks/modules/install-perl.yml @@ -1,5 +1,5 @@ --- -- name: "(Install: All OSs) Install Open Source NGINX Perl Module" +- name: "(Install: All OSs) Install NGINX Open Source Perl Module" package: name: nginx-module-perl state: present diff --git a/tasks/modules/install-rtmp.yml b/tasks/modules/install-rtmp.yml index b08626f..70c7831 100644 --- a/tasks/modules/install-rtmp.yml +++ b/tasks/modules/install-rtmp.yml @@ -1,5 +1,5 @@ --- -- name: "(Install: All OSs) Install Open Source NGINX RTMP Module" +- name: "(Install: All OSs) Install NGINX Open Source RTMP Module" package: name: nginx-module-rtmp state: present diff --git a/tasks/modules/install-xslt.yml b/tasks/modules/install-xslt.yml index 206852c..270d115 100644 --- a/tasks/modules/install-xslt.yml +++ b/tasks/modules/install-xslt.yml @@ -1,5 +1,5 @@ --- -- name: "(Install: All OSs) Install Open Source NGINX XSLT Module" +- name: "(Install: All OSs) Install NGINX Open Source XSLT Module" package: name: nginx-module-xslt state: present From e5317544ddbc848096e83f5fc7cc46c38078006d Mon Sep 17 00:00:00 2001 From: Ismandra Eka Nugraha Date: Fri, 13 Apr 2018 15:57:56 +0700 Subject: [PATCH 08/34] Change `--sudo` to `--become` since `--sudo` has been deprecated. --- .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 290642c..337141e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -19,10 +19,10 @@ script: # Basic role syntax check - ansible-playbook tests/test.yml -i tests/inventory --syntax-check # Run the role with ansible-playbook. - - ansible-playbook tests/test.yml -i tests/inventory --connection=local --sudo + - ansible-playbook tests/test.yml -i tests/inventory --connection=local --become # Run the role again, checking to make sure it's idempotent. - > - ansible-playbook tests/test.yml -i tests/inventory --connection=local --sudo | grep -q 'changed=0.*failed=0' + ansible-playbook tests/test.yml -i tests/inventory --connection=local --become | grep -q 'changed=0.*failed=0' && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1) # Request a page via the web server, to make sure NGINX is running and responds. - curl http://localhost/ From c8342226df9d1512c9b223c6426c64e5a106b12c Mon Sep 17 00:00:00 2001 From: Ismandra Eka Nugraha Date: Fri, 13 Apr 2018 16:11:39 +0700 Subject: [PATCH 09/34] Add sudo:required to be able to run ansible --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 337141e..2afc404 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,7 +2,7 @@ language: python python: "2.7" # Use the new container infrastructure -sudo: false +sudo: required # Install ansible addons: apt: From fd2e13bd69952fa4bed6e7c04a0527f2dec02411 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 13 Apr 2018 12:53:38 -0700 Subject: [PATCH 10/34] Replace `&&` with `and` --- tasks/conf/push-config.yml | 4 ++-- tasks/conf/template-config.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tasks/conf/push-config.yml b/tasks/conf/push-config.yml index d8bbb88..0c7c287 100644 --- a/tasks/conf/push-config.yml +++ b/tasks/conf/push-config.yml @@ -10,13 +10,13 @@ remote_src: yes src: /etc/nginx/conf.d/default.conf dest: /etc/nginx/conf.d/default.conf.bak - when: default_exists.stat.exists && main_upload_enable + when: default_exists.stat.exists and main_upload_enable - name: "(Setup: All NGINX) Delete NGINX Default Configuration File" file: path: /etc/nginx/conf.d/default.conf state: absent - when: default_exists.stat.exists && main_upload_enable + when: default_exists.stat.exists and main_upload_enable - name: "(Setup: All NGINX) Upload NGINX Main Configuration File" copy: diff --git a/tasks/conf/template-config.yml b/tasks/conf/template-config.yml index e75bfb2..0819d54 100644 --- a/tasks/conf/template-config.yml +++ b/tasks/conf/template-config.yml @@ -10,13 +10,13 @@ remote_src: yes src: /etc/nginx/conf.d/default.conf dest: /etc/nginx/conf.d/default.conf.bak - when: default_exists.stat.exists && main_template_enable + when: default_exists.stat.exists and main_template_enable - name: "(Setup: All NGINX) Delete NGINX Default Configuration File" file: path: /etc/nginx/conf.d/default.conf state: absent - when: default_exists.stat.exists && main_template_enable + when: default_exists.stat.exists and main_template_enable - name: "(Setup: All NGINX) Dynamically Generate NGINX Main Configuration File" template: From 2b72889d9075594da07cbbaef65761fda779ded4 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 13 Apr 2018 15:24:09 -0700 Subject: [PATCH 11/34] Test role across multiple distributions Implement support to test the role in multiple Linux distributions by deploying Docker containers within Travis --- .travis.yml | 52 +++++++++++---------- tests/dockerfiles/Dockerfile.centos-6 | 12 +++++ tests/dockerfiles/Dockerfile.centos-7 | 24 ++++++++++ tests/dockerfiles/Dockerfile.debian-jessie | 17 +++++++ tests/dockerfiles/Dockerfile.debian-stretch | 18 +++++++ tests/dockerfiles/Dockerfile.ubuntu-trusty | 12 +++++ tests/dockerfiles/Dockerfile.ubuntu-xenial | 12 +++++ 7 files changed, 123 insertions(+), 24 deletions(-) create mode 100644 tests/dockerfiles/Dockerfile.centos-6 create mode 100644 tests/dockerfiles/Dockerfile.centos-7 create mode 100644 tests/dockerfiles/Dockerfile.debian-jessie create mode 100644 tests/dockerfiles/Dockerfile.debian-stretch create mode 100644 tests/dockerfiles/Dockerfile.ubuntu-trusty create mode 100644 tests/dockerfiles/Dockerfile.ubuntu-xenial diff --git a/.travis.yml b/.travis.yml index 2afc404..0f32d06 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,30 +1,34 @@ --- -language: python -python: "2.7" -# Use the new container infrastructure sudo: required -# Install ansible -addons: - apt: - packages: - - python-pip -install: - # Install ansible - - pip install ansible - # Check ansible version - - ansible --version - # Create ansible.cfg with correct roles_path - - printf '[defaults]\nroles_path=../' >ansible.cfg +services: + - docker +env: + - distribution: centos + version: 6 + - distribution: centos + version: 7 + - distribution: ubuntu + version: trusty + - distribution: ubuntu + version: xenial + - distribution: debian + version: jessie + - distribution: debian + version: stretch +before_install: + - 'sudo docker pull ${distribution}:${version}' + - 'sudo docker build --no-cache --rm --file=tests/dockerfiles/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' script: - # Basic role syntax check - - ansible-playbook tests/test.yml -i tests/inventory --syntax-check - # Run the role with ansible-playbook. - - ansible-playbook tests/test.yml -i tests/inventory --connection=local --become - # Run the role again, checking to make sure it's idempotent. + - container_id=$(mktemp) + - 'sudo docker run --detach --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro --volume="${PWD}":/etc/ansible/roles/ansible-role-nginx:ro ${distribution}-${version}:ansible > "${container_id}"' + - 'sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/test.yml --syntax-check' + - 'sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/test.yml' - > - ansible-playbook tests/test.yml -i tests/inventory --connection=local --become | grep -q 'changed=0.*failed=0' - && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1) - # Request a page via the web server, to make sure NGINX is running and responds. - - curl http://localhost/ + sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/test.yml + | grep -q 'changed=0.*failed=0' + && (echo 'Idempotence test: pass' && exit 0) + || (echo 'Idempotence test: fail' && exit 1) + - 'sudo docker exec "$(cat ${container_id})" curl http://localhost/' + - 'sudo docker rm -f "$(cat ${container_id})"' notifications: webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/tests/dockerfiles/Dockerfile.centos-6 b/tests/dockerfiles/Dockerfile.centos-6 new file mode 100644 index 0000000..164d3cd --- /dev/null +++ b/tests/dockerfiles/Dockerfile.centos-6 @@ -0,0 +1,12 @@ +FROM centos:6 + +RUN yum -y install epel-release +RUN yum -y install git ansible sudo + +RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers + +RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts + +VOLUME ["/sys/fs/cgroup"] + +CMD ["/usr/sbin/init"] diff --git a/tests/dockerfiles/Dockerfile.centos-7 b/tests/dockerfiles/Dockerfile.centos-7 new file mode 100644 index 0000000..b7c1e90 --- /dev/null +++ b/tests/dockerfiles/Dockerfile.centos-7 @@ -0,0 +1,24 @@ +FROM centos:7 + +# Install systemd -- See https://hub.docker.com/_/centos/ +RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs +RUN yum -y update; \ +(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \ +rm -f /lib/systemd/system/multi-user.target.wants/*; \ +rm -f /etc/systemd/system/*.wants/*; \ +rm -f /lib/systemd/system/local-fs.target.wants/*; \ +rm -f /lib/systemd/system/sockets.target.wants/*udev*; \ +rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \ +rm -f /lib/systemd/system/basic.target.wants/*; \ +rm -f /lib/systemd/system/anaconda.target.wants/*; + +RUN yum -y install epel-release +RUN yum -y install git ansible sudo + +RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers + +RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts + +VOLUME ["/sys/fs/cgroup"] + +CMD ["/usr/sbin/init"] diff --git a/tests/dockerfiles/Dockerfile.debian-jessie b/tests/dockerfiles/Dockerfile.debian-jessie new file mode 100644 index 0000000..8d38f0c --- /dev/null +++ b/tests/dockerfiles/Dockerfile.debian-jessie @@ -0,0 +1,17 @@ +FROM debian:jessie + +RUN apt-get update -y && apt-get install -y --no-install-recommends \ + software-properties-common \ + build-essential \ + libffi-dev \ + libssl-dev \ + python-dev \ + python-pip \ + git \ + && rm -rf /var/lib/apt/lists/* + +RUN pip install --upgrade setuptools && pip install ansible + +RUN mkdir -p /etc/ansible && echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts + +ENTRYPOINT ["/sbin/init"] diff --git a/tests/dockerfiles/Dockerfile.debian-stretch b/tests/dockerfiles/Dockerfile.debian-stretch new file mode 100644 index 0000000..ee2fbc7 --- /dev/null +++ b/tests/dockerfiles/Dockerfile.debian-stretch @@ -0,0 +1,18 @@ +FROM debian:stretch + +RUN apt-get update -y && apt-get install -y --no-install-recommends \ + software-properties-common \ + build-essential \ + libffi-dev \ + libssl-dev \ + python-dev \ + python-pip \ + git \ + systemd \ + && rm -rf /var/lib/apt/lists/* + +RUN pip install --upgrade setuptools && pip install ansible + +RUN mkdir -p /etc/ansible && echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts + +ENTRYPOINT ["/bin/systemd"] diff --git a/tests/dockerfiles/Dockerfile.ubuntu-trusty b/tests/dockerfiles/Dockerfile.ubuntu-trusty new file mode 100644 index 0000000..c9687d2 --- /dev/null +++ b/tests/dockerfiles/Dockerfile.ubuntu-trusty @@ -0,0 +1,12 @@ +FROM ubuntu:trusty + +RUN apt-get update && apt-get dist-upgrade -y && apt-get install -y software-properties-common && rm -rf /var/lib/apt/lists/* + +RUN apt-add-repository -y ppa:ansible/ansible && apt-get update && apt-get install -y \ + git \ + ansible \ + && rm -rf /var/lib/apt/lists/* + +RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts + +ENTRYPOINT ["/sbin/init"] diff --git a/tests/dockerfiles/Dockerfile.ubuntu-xenial b/tests/dockerfiles/Dockerfile.ubuntu-xenial new file mode 100644 index 0000000..2faaba1 --- /dev/null +++ b/tests/dockerfiles/Dockerfile.ubuntu-xenial @@ -0,0 +1,12 @@ +FROM ubuntu:xenial + +RUN apt-get update && apt-get dist-upgrade -y && apt-get install -y software-properties-common && rm -rf /var/lib/apt/lists/* + +RUN apt-add-repository -y ppa:ansible/ansible && apt-get update && apt-get install -y \ + git \ + ansible \ + && rm -rf /var/lib/apt/lists/* + +RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts + +ENTRYPOINT ["/sbin/init"] From 51cd432317033008967de19a1108d19743d2e8fb Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 13 Apr 2018 15:53:19 -0700 Subject: [PATCH 12/34] Fix Dockerfiles * Install apt-transport-https depency in Debian based containers * Test different CMD instruction in CentOS 6 container --- tests/dockerfiles/Dockerfile.centos-6 | 2 +- tests/dockerfiles/Dockerfile.debian-jessie | 1 + tests/dockerfiles/Dockerfile.debian-stretch | 1 + tests/dockerfiles/Dockerfile.ubuntu-trusty | 1 + tests/dockerfiles/Dockerfile.ubuntu-xenial | 1 + 5 files changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/dockerfiles/Dockerfile.centos-6 b/tests/dockerfiles/Dockerfile.centos-6 index 164d3cd..fef4a5e 100644 --- a/tests/dockerfiles/Dockerfile.centos-6 +++ b/tests/dockerfiles/Dockerfile.centos-6 @@ -9,4 +9,4 @@ RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts VOLUME ["/sys/fs/cgroup"] -CMD ["/usr/sbin/init"] +CMD ["/sbin/init"] diff --git a/tests/dockerfiles/Dockerfile.debian-jessie b/tests/dockerfiles/Dockerfile.debian-jessie index 8d38f0c..b63e28f 100644 --- a/tests/dockerfiles/Dockerfile.debian-jessie +++ b/tests/dockerfiles/Dockerfile.debian-jessie @@ -8,6 +8,7 @@ RUN apt-get update -y && apt-get install -y --no-install-recommends \ python-dev \ python-pip \ git \ + apt-transport-https && rm -rf /var/lib/apt/lists/* RUN pip install --upgrade setuptools && pip install ansible diff --git a/tests/dockerfiles/Dockerfile.debian-stretch b/tests/dockerfiles/Dockerfile.debian-stretch index ee2fbc7..8481241 100644 --- a/tests/dockerfiles/Dockerfile.debian-stretch +++ b/tests/dockerfiles/Dockerfile.debian-stretch @@ -9,6 +9,7 @@ RUN apt-get update -y && apt-get install -y --no-install-recommends \ python-pip \ git \ systemd \ + apt-transport-https && rm -rf /var/lib/apt/lists/* RUN pip install --upgrade setuptools && pip install ansible diff --git a/tests/dockerfiles/Dockerfile.ubuntu-trusty b/tests/dockerfiles/Dockerfile.ubuntu-trusty index c9687d2..3d3466a 100644 --- a/tests/dockerfiles/Dockerfile.ubuntu-trusty +++ b/tests/dockerfiles/Dockerfile.ubuntu-trusty @@ -5,6 +5,7 @@ RUN apt-get update && apt-get dist-upgrade -y && apt-get install -y software-pro RUN apt-add-repository -y ppa:ansible/ansible && apt-get update && apt-get install -y \ git \ ansible \ + apt-transport-https && rm -rf /var/lib/apt/lists/* RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/tests/dockerfiles/Dockerfile.ubuntu-xenial b/tests/dockerfiles/Dockerfile.ubuntu-xenial index 2faaba1..d5457d3 100644 --- a/tests/dockerfiles/Dockerfile.ubuntu-xenial +++ b/tests/dockerfiles/Dockerfile.ubuntu-xenial @@ -5,6 +5,7 @@ RUN apt-get update && apt-get dist-upgrade -y && apt-get install -y software-pro RUN apt-add-repository -y ppa:ansible/ansible && apt-get update && apt-get install -y \ git \ ansible \ + apt-transport-https && rm -rf /var/lib/apt/lists/* RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts From cb33749393f5bbb46c8bce6b4870127f41ecce23 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 13 Apr 2018 15:59:19 -0700 Subject: [PATCH 13/34] Fix Dockerfiles syntax --- tests/dockerfiles/Dockerfile.debian-jessie | 2 +- tests/dockerfiles/Dockerfile.debian-stretch | 2 +- tests/dockerfiles/Dockerfile.ubuntu-trusty | 2 +- tests/dockerfiles/Dockerfile.ubuntu-xenial | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/dockerfiles/Dockerfile.debian-jessie b/tests/dockerfiles/Dockerfile.debian-jessie index b63e28f..edafeac 100644 --- a/tests/dockerfiles/Dockerfile.debian-jessie +++ b/tests/dockerfiles/Dockerfile.debian-jessie @@ -8,7 +8,7 @@ RUN apt-get update -y && apt-get install -y --no-install-recommends \ python-dev \ python-pip \ git \ - apt-transport-https + apt-transport-https \ && rm -rf /var/lib/apt/lists/* RUN pip install --upgrade setuptools && pip install ansible diff --git a/tests/dockerfiles/Dockerfile.debian-stretch b/tests/dockerfiles/Dockerfile.debian-stretch index 8481241..5cb8157 100644 --- a/tests/dockerfiles/Dockerfile.debian-stretch +++ b/tests/dockerfiles/Dockerfile.debian-stretch @@ -9,7 +9,7 @@ RUN apt-get update -y && apt-get install -y --no-install-recommends \ python-pip \ git \ systemd \ - apt-transport-https + apt-transport-https \ && rm -rf /var/lib/apt/lists/* RUN pip install --upgrade setuptools && pip install ansible diff --git a/tests/dockerfiles/Dockerfile.ubuntu-trusty b/tests/dockerfiles/Dockerfile.ubuntu-trusty index 3d3466a..4223f20 100644 --- a/tests/dockerfiles/Dockerfile.ubuntu-trusty +++ b/tests/dockerfiles/Dockerfile.ubuntu-trusty @@ -5,7 +5,7 @@ RUN apt-get update && apt-get dist-upgrade -y && apt-get install -y software-pro RUN apt-add-repository -y ppa:ansible/ansible && apt-get update && apt-get install -y \ git \ ansible \ - apt-transport-https + apt-transport-https \ && rm -rf /var/lib/apt/lists/* RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/tests/dockerfiles/Dockerfile.ubuntu-xenial b/tests/dockerfiles/Dockerfile.ubuntu-xenial index d5457d3..56b7c39 100644 --- a/tests/dockerfiles/Dockerfile.ubuntu-xenial +++ b/tests/dockerfiles/Dockerfile.ubuntu-xenial @@ -5,7 +5,7 @@ RUN apt-get update && apt-get dist-upgrade -y && apt-get install -y software-pro RUN apt-add-repository -y ppa:ansible/ansible && apt-get update && apt-get install -y \ git \ ansible \ - apt-transport-https + apt-transport-https \ && rm -rf /var/lib/apt/lists/* RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts From 42c1be1b24af3f84b903ddbb76cd15ca1469373e Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 13 Apr 2018 16:11:25 -0700 Subject: [PATCH 14/34] Install curl depency in Debian based containers --- tests/dockerfiles/Dockerfile.debian-jessie | 1 + tests/dockerfiles/Dockerfile.debian-stretch | 1 + tests/dockerfiles/Dockerfile.ubuntu-trusty | 1 + tests/dockerfiles/Dockerfile.ubuntu-xenial | 1 + 4 files changed, 4 insertions(+) diff --git a/tests/dockerfiles/Dockerfile.debian-jessie b/tests/dockerfiles/Dockerfile.debian-jessie index edafeac..eafadf5 100644 --- a/tests/dockerfiles/Dockerfile.debian-jessie +++ b/tests/dockerfiles/Dockerfile.debian-jessie @@ -9,6 +9,7 @@ RUN apt-get update -y && apt-get install -y --no-install-recommends \ python-pip \ git \ apt-transport-https \ + curl \ && rm -rf /var/lib/apt/lists/* RUN pip install --upgrade setuptools && pip install ansible diff --git a/tests/dockerfiles/Dockerfile.debian-stretch b/tests/dockerfiles/Dockerfile.debian-stretch index 5cb8157..26135da 100644 --- a/tests/dockerfiles/Dockerfile.debian-stretch +++ b/tests/dockerfiles/Dockerfile.debian-stretch @@ -10,6 +10,7 @@ RUN apt-get update -y && apt-get install -y --no-install-recommends \ git \ systemd \ apt-transport-https \ + curl \ && rm -rf /var/lib/apt/lists/* RUN pip install --upgrade setuptools && pip install ansible diff --git a/tests/dockerfiles/Dockerfile.ubuntu-trusty b/tests/dockerfiles/Dockerfile.ubuntu-trusty index 4223f20..c36e55e 100644 --- a/tests/dockerfiles/Dockerfile.ubuntu-trusty +++ b/tests/dockerfiles/Dockerfile.ubuntu-trusty @@ -6,6 +6,7 @@ RUN apt-add-repository -y ppa:ansible/ansible && apt-get update && apt-get insta git \ ansible \ apt-transport-https \ + curl \ && rm -rf /var/lib/apt/lists/* RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts diff --git a/tests/dockerfiles/Dockerfile.ubuntu-xenial b/tests/dockerfiles/Dockerfile.ubuntu-xenial index 56b7c39..f8ad055 100644 --- a/tests/dockerfiles/Dockerfile.ubuntu-xenial +++ b/tests/dockerfiles/Dockerfile.ubuntu-xenial @@ -6,6 +6,7 @@ RUN apt-add-repository -y ppa:ansible/ansible && apt-get update && apt-get insta git \ ansible \ apt-transport-https \ + curl \ && rm -rf /var/lib/apt/lists/* RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts From 68f4939d0fdcba8456535310cd1b528c5ea56fb6 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 13 Apr 2018 16:47:07 -0700 Subject: [PATCH 15/34] Install gnupg1 dependency --- tests/dockerfiles/Dockerfile.debian-stretch | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/dockerfiles/Dockerfile.debian-stretch b/tests/dockerfiles/Dockerfile.debian-stretch index 26135da..7d924dc 100644 --- a/tests/dockerfiles/Dockerfile.debian-stretch +++ b/tests/dockerfiles/Dockerfile.debian-stretch @@ -11,6 +11,7 @@ RUN apt-get update -y && apt-get install -y --no-install-recommends \ systemd \ apt-transport-https \ curl \ + gnupg1 \ && rm -rf /var/lib/apt/lists/* RUN pip install --upgrade setuptools && pip install ansible From 408b09222cf16b22fed8d1b0c80ceb3f15be11da Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 13 Apr 2018 16:57:39 -0700 Subject: [PATCH 16/34] Replace gnupg1 by gnupg2 --- tests/dockerfiles/Dockerfile.debian-stretch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/dockerfiles/Dockerfile.debian-stretch b/tests/dockerfiles/Dockerfile.debian-stretch index 7d924dc..3071aab 100644 --- a/tests/dockerfiles/Dockerfile.debian-stretch +++ b/tests/dockerfiles/Dockerfile.debian-stretch @@ -11,7 +11,7 @@ RUN apt-get update -y && apt-get install -y --no-install-recommends \ systemd \ apt-transport-https \ curl \ - gnupg1 \ + gnupg2 \ && rm -rf /var/lib/apt/lists/* RUN pip install --upgrade setuptools && pip install ansible From 722b99d766422c8e05ade7857a6e82819caf651a Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 13 Apr 2018 17:10:29 -0700 Subject: [PATCH 17/34] Install dirmngr dependency --- tests/dockerfiles/Dockerfile.debian-stretch | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/dockerfiles/Dockerfile.debian-stretch b/tests/dockerfiles/Dockerfile.debian-stretch index 3071aab..1a0e1e3 100644 --- a/tests/dockerfiles/Dockerfile.debian-stretch +++ b/tests/dockerfiles/Dockerfile.debian-stretch @@ -12,6 +12,7 @@ RUN apt-get update -y && apt-get install -y --no-install-recommends \ apt-transport-https \ curl \ gnupg2 \ + dirmngr \ && rm -rf /var/lib/apt/lists/* RUN pip install --upgrade setuptools && pip install ansible From 4281c51dbc97897451d637c20b32853a12e677f5 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Mon, 16 Apr 2018 13:28:32 -0700 Subject: [PATCH 18/34] Create test playbooks --- .travis.yml | 10 +++-- tests/files/http/default.conf | 44 +++++++++++++++++++ tests/files/nginx.conf | 31 +++++++++++++ tests/inventory | 1 - .../nginx-opensource.yml} | 1 + tests/playbooks/nginx-template.yml | 10 +++++ tests/playbooks/nginx-upload.yml | 11 +++++ 7 files changed, 104 insertions(+), 4 deletions(-) create mode 100644 tests/files/http/default.conf create mode 100644 tests/files/nginx.conf delete mode 100644 tests/inventory rename tests/{test.yml => playbooks/nginx-opensource.yml} (83%) create mode 100644 tests/playbooks/nginx-template.yml create mode 100644 tests/playbooks/nginx-upload.yml diff --git a/.travis.yml b/.travis.yml index 0f32d06..b315d0b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -15,16 +15,20 @@ env: version: jessie - distribution: debian version: stretch +tests: + - opensource + - template + - upload before_install: - 'sudo docker pull ${distribution}:${version}' - 'sudo docker build --no-cache --rm --file=tests/dockerfiles/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' script: - container_id=$(mktemp) - 'sudo docker run --detach --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro --volume="${PWD}":/etc/ansible/roles/ansible-role-nginx:ro ${distribution}-${version}:ansible > "${container_id}"' - - 'sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/test.yml --syntax-check' - - 'sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/test.yml' + - 'sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/playbooks/nginx-${tests}.yml --syntax-check' + - 'sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/playbooks/nginx-${tests}.yml' - > - sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/test.yml + sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/playbooks/nginx-${tests}.yml | grep -q 'changed=0.*failed=0' && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1) diff --git a/tests/files/http/default.conf b/tests/files/http/default.conf new file mode 100644 index 0000000..cb80625 --- /dev/null +++ b/tests/files/http/default.conf @@ -0,0 +1,44 @@ +server { + listen 8080; + server_name localhost; + + #charset koi8-r; + #access_log /var/log/nginx/host.access.log main; + + location / { + root /usr/share/nginx/html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/share/nginx/html; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + #location ~ /\.ht { + # deny all; + #} +} diff --git a/tests/files/nginx.conf b/tests/files/nginx.conf new file mode 100644 index 0000000..ba09f41 --- /dev/null +++ b/tests/files/nginx.conf @@ -0,0 +1,31 @@ +user nginx; +worker_processes 4; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + #tcp_nopush on; + + keepalive_timeout 65; + + #gzip on; + + include /etc/nginx/conf.d/*.conf; +} diff --git a/tests/inventory b/tests/inventory deleted file mode 100644 index 2fbb50c..0000000 --- a/tests/inventory +++ /dev/null @@ -1 +0,0 @@ -localhost diff --git a/tests/test.yml b/tests/playbooks/nginx-opensource.yml similarity index 83% rename from tests/test.yml rename to tests/playbooks/nginx-opensource.yml index 42bba2c..25ce5e7 100644 --- a/tests/test.yml +++ b/tests/playbooks/nginx-opensource.yml @@ -1,5 +1,6 @@ --- - hosts: localhost + become: true remote_user: root roles: - ansible-role-nginx diff --git a/tests/playbooks/nginx-template.yml b/tests/playbooks/nginx-template.yml new file mode 100644 index 0000000..1c95862 --- /dev/null +++ b/tests/playbooks/nginx-template.yml @@ -0,0 +1,10 @@ +--- +- hosts: localhost + become: true + remote_user: root + roles: + - ansible-role-nginx + vars: + http_template_enable: true + http_template_keepalive_timeout: 70 + http_template_listen: 82 diff --git a/tests/playbooks/nginx-upload.yml b/tests/playbooks/nginx-upload.yml new file mode 100644 index 0000000..66db643 --- /dev/null +++ b/tests/playbooks/nginx-upload.yml @@ -0,0 +1,11 @@ +--- +- hosts: localhost + become: true + remote_user: root + roles: + - ansible-role-nginx + vars: + main_push_enable: true + main_push_location: ../files/nginx.conf + http_push_enable: false + http_push_location: ../files/http/*.conf From 60331d7b39d7dbc98d88867a1cca4866ec16bd23 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Mon, 16 Apr 2018 13:46:19 -0700 Subject: [PATCH 19/34] Use global environment variable in Travis build matrix --- .travis.yml | 39 ++++++++++++++++++++------------------- 1 file changed, 20 insertions(+), 19 deletions(-) diff --git a/.travis.yml b/.travis.yml index b315d0b..3cd14bb 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,32 +3,33 @@ sudo: required services: - docker env: - - distribution: centos - version: 6 - - distribution: centos - version: 7 - - distribution: ubuntu - version: trusty - - distribution: ubuntu - version: xenial - - distribution: debian - version: jessie - - distribution: debian - version: stretch -tests: - - opensource - - template - - upload + global: + - playbook: opensource + - playbook: template + - playbook: upload + matrix: + - distribution: centos + version: 6 + - distribution: centos + version: 7 + - distribution: ubuntu + version: trusty + - distribution: ubuntu + version: xenial + - distribution: debian + version: jessie + - distribution: debian + version: stretch before_install: - 'sudo docker pull ${distribution}:${version}' - 'sudo docker build --no-cache --rm --file=tests/dockerfiles/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' script: - container_id=$(mktemp) - 'sudo docker run --detach --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro --volume="${PWD}":/etc/ansible/roles/ansible-role-nginx:ro ${distribution}-${version}:ansible > "${container_id}"' - - 'sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/playbooks/nginx-${tests}.yml --syntax-check' - - 'sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/playbooks/nginx-${tests}.yml' + - 'sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/playbooks/nginx-${playbook}.yml --syntax-check' + - 'sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/playbooks/nginx-${playbook}.yml' - > - sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/playbooks/nginx-${tests}.yml + sudo docker exec "$(cat ${container_id})" env ANSIBLE_FORCE_COLOR=1 ansible-playbook -v /etc/ansible/roles/ansible-role-nginx/tests/playbooks/nginx-${playbook}.yml | grep -q 'changed=0.*failed=0' && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1) From 5c7924618af5441d66e21ed72e6f9d5d79fe94b4 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Mon, 16 Apr 2018 15:26:33 -0700 Subject: [PATCH 20/34] Replace *_upload_enable with *_push_enable Fixes #23 --- tasks/conf/push-config.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/tasks/conf/push-config.yml b/tasks/conf/push-config.yml index 0c7c287..ed168e6 100644 --- a/tasks/conf/push-config.yml +++ b/tasks/conf/push-config.yml @@ -2,7 +2,7 @@ - name: "(Setup: All NGINX) Check NGINX Default Configuration File Exists" stat: path: /etc/nginx/conf.d/default.conf - when: main_upload_enable + when: main_push_enable register: default_exists - name: "(Setup: All NGINX) Backup NGINX Default Configuration File" @@ -10,26 +10,26 @@ remote_src: yes src: /etc/nginx/conf.d/default.conf dest: /etc/nginx/conf.d/default.conf.bak - when: default_exists.stat.exists and main_upload_enable + when: default_exists.stat.exists and main_push_enable - name: "(Setup: All NGINX) Delete NGINX Default Configuration File" file: path: /etc/nginx/conf.d/default.conf state: absent - when: default_exists.stat.exists and main_upload_enable + when: default_exists.stat.exists and main_push_enable - name: "(Setup: All NGINX) Upload NGINX Main Configuration File" copy: src: "{{ main_upload_location }}" dest: /etc/nginx/nginx.conf notify: "(Handler: All OSs) Reload NGINX" - when: main_upload_enable + when: main_push_enable - name: "(Setup: All NGINX) Ensure NGINX HTTP Directory Exists" file: path: /etc/nginx/conf.d/http state: directory - when: http_template_enable + when: http_push_enable - name: "(Setup: All NGINX) Upload NGINX HTTP Configuration Files" copy: @@ -38,13 +38,13 @@ with_fileglob: - "{{ http_upload_location }}" notify: "(Handler: All OSs) Reload NGINX" - when: http_upload_enable + when: http_push_enablee - name: "(Setup: All NGINX) Ensure NGINX Stream Directory Exists" file: path: /etc/nginx/conf.d/stream state: directory - when: stream_template_enable + when: stream_push_enable - name: "(Setup: All NGINX) Upload NGINX Stream Configuration Files" copy: @@ -53,4 +53,4 @@ with_fileglob: - "{{ stream_upload_location }}" notify: "(Handler: All OSs) Reload NGINX" - when: stream_upload_enable + when: stream_push_enable From 1bedaa9e0c2e2bfbfd17e4c71aa55342b8a2389a Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Mon, 16 Apr 2018 15:56:56 -0700 Subject: [PATCH 21/34] Remove global variable from Travis build matrix Global variables rewrite each other on Travis instead of creating a build matrix --- .travis.yml | 71 ++++++++++++++----- .../{nginx-upload.yml => nginx-push.yml} | 2 +- 2 files changed, 55 insertions(+), 18 deletions(-) rename tests/playbooks/{nginx-upload.yml => nginx-push.yml} (88%) diff --git a/.travis.yml b/.travis.yml index 3cd14bb..eea3856 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,23 +3,60 @@ sudo: required services: - docker env: - global: - - playbook: opensource - - playbook: template - - playbook: upload - matrix: - - distribution: centos - version: 6 - - distribution: centos - version: 7 - - distribution: ubuntu - version: trusty - - distribution: ubuntu - version: xenial - - distribution: debian - version: jessie - - distribution: debian - version: stretch + - distribution: centos + version: 6 + playbook: opensource + - distribution: centos + version: 6 + playbook: template + - distribution: centos + version: 6 + playbook: push + - distribution: centos + version: 7 + playbook: opensource + - distribution: centos + version: 7 + playbook: template + - distribution: centos + version: 7 + playbook: push + - distribution: ubuntu + version: trusty + playbook: opensource + - distribution: ubuntu + version: trusty + playbook: template + - distribution: ubuntu + version: trusty + playbook: push + - distribution: ubuntu + version: xenial + playbook: opensource + - distribution: ubuntu + version: xenial + playbook: template + - distribution: ubuntu + version: xenial + playbook: push + - distribution: debian + version: jessie + playbook: opensource + - distribution: debian + version: jessie + playbook: template + - distribution: debian + version: jessie + playbook: push + - distribution: debian + version: stretch + playbook: opensource + - distribution: debian + version: stretch + playbook: template + - distribution: debian + version: stretch + playbook: push before_install: - 'sudo docker pull ${distribution}:${version}' - 'sudo docker build --no-cache --rm --file=tests/dockerfiles/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' diff --git a/tests/playbooks/nginx-upload.yml b/tests/playbooks/nginx-push.yml similarity index 88% rename from tests/playbooks/nginx-upload.yml rename to tests/playbooks/nginx-push.yml index 66db643..92b753b 100644 --- a/tests/playbooks/nginx-upload.yml +++ b/tests/playbooks/nginx-push.yml @@ -7,5 +7,5 @@ vars: main_push_enable: true main_push_location: ../files/nginx.conf - http_push_enable: false + http_push_enable: true http_push_location: ../files/http/*.conf From e20dd288bf7ee44795b7b1fa46a00641e2880241 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Mon, 16 Apr 2018 16:41:46 -0700 Subject: [PATCH 22/34] Check if configuration file is defined --- tasks/conf/push-config.yml | 4 ++-- tasks/conf/template-config.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tasks/conf/push-config.yml b/tasks/conf/push-config.yml index ed168e6..40ff267 100644 --- a/tasks/conf/push-config.yml +++ b/tasks/conf/push-config.yml @@ -10,13 +10,13 @@ remote_src: yes src: /etc/nginx/conf.d/default.conf dest: /etc/nginx/conf.d/default.conf.bak - when: default_exists.stat.exists and main_push_enable + when: default_exists.stat.exists is defined and default_exists.stat.isreg and main_push_enable - name: "(Setup: All NGINX) Delete NGINX Default Configuration File" file: path: /etc/nginx/conf.d/default.conf state: absent - when: default_exists.stat.exists and main_push_enable + when: default_exists.stat.exists is defined and default_exists.stat.isreg and main_push_enable - name: "(Setup: All NGINX) Upload NGINX Main Configuration File" copy: diff --git a/tasks/conf/template-config.yml b/tasks/conf/template-config.yml index 0819d54..314a5f0 100644 --- a/tasks/conf/template-config.yml +++ b/tasks/conf/template-config.yml @@ -10,13 +10,13 @@ remote_src: yes src: /etc/nginx/conf.d/default.conf dest: /etc/nginx/conf.d/default.conf.bak - when: default_exists.stat.exists and main_template_enable + when: default_exists.stat.exists is defined and default_exists.stat.isreg and main_template_enable - name: "(Setup: All NGINX) Delete NGINX Default Configuration File" file: path: /etc/nginx/conf.d/default.conf state: absent - when: default_exists.stat.exists and main_template_enable + when: default_exists.stat.exists is defined and default_exists.stat.isreg and main_template_enable - name: "(Setup: All NGINX) Dynamically Generate NGINX Main Configuration File" template: From 05fcff7986335c88a3ffb8c8211ab1e6c59e2a3e Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Tue, 17 Apr 2018 14:30:43 -0700 Subject: [PATCH 23/34] Replace *_upload_* with *_push_* --- tasks/conf/push-config.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tasks/conf/push-config.yml b/tasks/conf/push-config.yml index 40ff267..9aeba47 100644 --- a/tasks/conf/push-config.yml +++ b/tasks/conf/push-config.yml @@ -20,7 +20,7 @@ - name: "(Setup: All NGINX) Upload NGINX Main Configuration File" copy: - src: "{{ main_upload_location }}" + src: "{{ main_push_location }}" dest: /etc/nginx/nginx.conf notify: "(Handler: All OSs) Reload NGINX" when: main_push_enable @@ -36,9 +36,9 @@ src: "{{ item }}" dest: /etc/nginx/conf.d/http with_fileglob: - - "{{ http_upload_location }}" + - "{{ http_push_location }}" notify: "(Handler: All OSs) Reload NGINX" - when: http_push_enablee + when: http_push_enable - name: "(Setup: All NGINX) Ensure NGINX Stream Directory Exists" file: @@ -51,6 +51,6 @@ src: "{{ item }}" dest: /etc/nginx/conf.d/stream with_fileglob: - - "{{ stream_upload_location }}" + - "{{ stream_push_location }}" notify: "(Handler: All OSs) Reload NGINX" when: stream_push_enable From c5459496539edd1ab7c9a796520cb3c7d331f0c2 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Tue, 17 Apr 2018 15:21:07 -0700 Subject: [PATCH 24/34] Fix stat path Use the path for nginx.conf instead of default.conf --- tasks/conf/push-config.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/tasks/conf/push-config.yml b/tasks/conf/push-config.yml index 9aeba47..e56c77f 100644 --- a/tasks/conf/push-config.yml +++ b/tasks/conf/push-config.yml @@ -1,22 +1,22 @@ --- - name: "(Setup: All NGINX) Check NGINX Default Configuration File Exists" stat: - path: /etc/nginx/conf.d/default.conf + path: /etc/nginx/nginx.conf when: main_push_enable - register: default_exists + register: main_exists - name: "(Setup: All NGINX) Backup NGINX Default Configuration File" copy: remote_src: yes - src: /etc/nginx/conf.d/default.conf - dest: /etc/nginx/conf.d/default.conf.bak - when: default_exists.stat.exists is defined and default_exists.stat.isreg and main_push_enable + src: /etc/nginx/nginx.conf + dest: /etc/nginx/nginx.conf.bak + when: main_exists.stat.exists and main_exists.stat.isreg and main_push_enable - name: "(Setup: All NGINX) Delete NGINX Default Configuration File" file: - path: /etc/nginx/conf.d/default.conf + path: /etc/nginx/nginx.conf state: absent - when: default_exists.stat.exists is defined and default_exists.stat.isreg and main_push_enable + when: main_exists.stat.exists is defined and main_exists.stat.isreg and main_push_enable - name: "(Setup: All NGINX) Upload NGINX Main Configuration File" copy: From b8657834f866f68f58956c1470cea8c16f48e387 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Tue, 17 Apr 2018 16:25:37 -0700 Subject: [PATCH 25/34] Fix stat path Use the path for nginx.conf instead of default.conf --- tasks/conf/template-config.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tasks/conf/template-config.yml b/tasks/conf/template-config.yml index 314a5f0..bb9f23c 100644 --- a/tasks/conf/template-config.yml +++ b/tasks/conf/template-config.yml @@ -1,22 +1,22 @@ --- - name: "(Setup: All NGINX) Check NGINX Default Configuration File Exists" stat: - path: /etc/nginx/conf.d/default.conf + path: /etc/nginx/nginx.conf when: main_template_enable - register: default_exists + register: main_exists - name: "(Setup: All NGINX) Backup NGINX Default Configuration File" copy: remote_src: yes - src: /etc/nginx/conf.d/default.conf - dest: /etc/nginx/conf.d/default.conf.bak - when: default_exists.stat.exists is defined and default_exists.stat.isreg and main_template_enable + src: /etc/nginx/nginx.conf + dest: /etc/nginx/nginx.conf.bak + when: main_exists.stat.exists is defined and main_exists.stat.isreg and main_template_enable - name: "(Setup: All NGINX) Delete NGINX Default Configuration File" file: path: /etc/nginx/conf.d/default.conf state: absent - when: default_exists.stat.exists is defined and default_exists.stat.isreg and main_template_enable + when: main_exists.stat.exists is defined and main_exists.stat.isreg and main_template_enable - name: "(Setup: All NGINX) Dynamically Generate NGINX Main Configuration File" template: From 40d5b0bb2c393236dc34e29203f58ac67815443c Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Tue, 17 Apr 2018 17:21:31 -0700 Subject: [PATCH 26/34] Use copy/template backup parameter Use the backup parameter in the copy/template modules instead of using a convoluted backup system --- tasks/conf/push-config.yml | 22 +++------------------- tasks/conf/template-config.yml | 22 +++------------------- 2 files changed, 6 insertions(+), 38 deletions(-) diff --git a/tasks/conf/push-config.yml b/tasks/conf/push-config.yml index e56c77f..b996889 100644 --- a/tasks/conf/push-config.yml +++ b/tasks/conf/push-config.yml @@ -1,27 +1,9 @@ --- -- name: "(Setup: All NGINX) Check NGINX Default Configuration File Exists" - stat: - path: /etc/nginx/nginx.conf - when: main_push_enable - register: main_exists - -- name: "(Setup: All NGINX) Backup NGINX Default Configuration File" - copy: - remote_src: yes - src: /etc/nginx/nginx.conf - dest: /etc/nginx/nginx.conf.bak - when: main_exists.stat.exists and main_exists.stat.isreg and main_push_enable - -- name: "(Setup: All NGINX) Delete NGINX Default Configuration File" - file: - path: /etc/nginx/nginx.conf - state: absent - when: main_exists.stat.exists is defined and main_exists.stat.isreg and main_push_enable - - name: "(Setup: All NGINX) Upload NGINX Main Configuration File" copy: src: "{{ main_push_location }}" dest: /etc/nginx/nginx.conf + backup: yes notify: "(Handler: All OSs) Reload NGINX" when: main_push_enable @@ -35,6 +17,7 @@ copy: src: "{{ item }}" dest: /etc/nginx/conf.d/http + backup: yes with_fileglob: - "{{ http_push_location }}" notify: "(Handler: All OSs) Reload NGINX" @@ -50,6 +33,7 @@ copy: src: "{{ item }}" dest: /etc/nginx/conf.d/stream + backup: yes with_fileglob: - "{{ stream_push_location }}" notify: "(Handler: All OSs) Reload NGINX" diff --git a/tasks/conf/template-config.yml b/tasks/conf/template-config.yml index bb9f23c..49c8756 100644 --- a/tasks/conf/template-config.yml +++ b/tasks/conf/template-config.yml @@ -1,27 +1,9 @@ --- -- name: "(Setup: All NGINX) Check NGINX Default Configuration File Exists" - stat: - path: /etc/nginx/nginx.conf - when: main_template_enable - register: main_exists - -- name: "(Setup: All NGINX) Backup NGINX Default Configuration File" - copy: - remote_src: yes - src: /etc/nginx/nginx.conf - dest: /etc/nginx/nginx.conf.bak - when: main_exists.stat.exists is defined and main_exists.stat.isreg and main_template_enable - -- name: "(Setup: All NGINX) Delete NGINX Default Configuration File" - file: - path: /etc/nginx/conf.d/default.conf - state: absent - when: main_exists.stat.exists is defined and main_exists.stat.isreg and main_template_enable - - name: "(Setup: All NGINX) Dynamically Generate NGINX Main Configuration File" template: src: nginx.conf.j2 dest: /etc/nginx/nginx.conf + backup: yes when: main_template_enable notify: "(Handler: All OSs) Reload NGINX" @@ -35,6 +17,7 @@ template: src: "{{ item }}" dest: /etc/nginx/conf.d/http/{{ item | basename | regex_replace('\.j2','') }} + backup: yes with_fileglob: - "../templates/http/*.j2" when: http_template_enable @@ -50,6 +33,7 @@ template: src: "{{ item }}" dest: /etc/nginx/conf.d/stream/{{ item | basename | regex_replace('\.j2','') }} + backup: yes with_fileglob: - "../templates/stream/*.j2" when: stream_template_enable From 5d291c394389d0e6546f479eebd87b5accb94638 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Wed, 18 Apr 2018 13:18:48 -0700 Subject: [PATCH 27/34] Refactor .travis.yml --- .travis.yml | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/.travis.yml b/.travis.yml index eea3856..9c4878b 100644 --- a/.travis.yml +++ b/.travis.yml @@ -21,24 +21,6 @@ env: - distribution: centos version: 7 playbook: push - - distribution: ubuntu - version: trusty - playbook: opensource - - distribution: ubuntu - version: trusty - playbook: template - - distribution: ubuntu - version: trusty - playbook: push - - distribution: ubuntu - version: xenial - playbook: opensource - - distribution: ubuntu - version: xenial - playbook: template - - distribution: ubuntu - version: xenial - playbook: push - distribution: debian version: jessie playbook: opensource @@ -57,6 +39,24 @@ env: - distribution: debian version: stretch playbook: push + - distribution: ubuntu + version: trusty + playbook: opensource + - distribution: ubuntu + version: trusty + playbook: template + - distribution: ubuntu + version: trusty + playbook: push + - distribution: ubuntu + version: xenial + playbook: opensource + - distribution: ubuntu + version: xenial + playbook: template + - distribution: ubuntu + version: xenial + playbook: push before_install: - 'sudo docker pull ${distribution}:${version}' - 'sudo docker build --no-cache --rm --file=tests/dockerfiles/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests' From 70a2906268f82946116b1eb2f1ffb75efad463ad Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Wed, 9 May 2018 13:31:16 -0700 Subject: [PATCH 28/34] Implement FreeBSD support for NGINX Open Source Use FreeBSD ports instead of pkgng to fetch the latest version of NGINX Open Source --- tasks/opensource/install-oss.yml | 13 ++++++++++++- tasks/opensource/setup-freebsd.yml | 10 ++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 tasks/opensource/setup-freebsd.yml diff --git a/tasks/opensource/install-oss.yml b/tasks/opensource/install-oss.yml index e93dbcb..94b25c1 100644 --- a/tasks/opensource/install-oss.yml +++ b/tasks/opensource/install-oss.yml @@ -8,8 +8,19 @@ - import_tasks: setup-suse.yml when: ansible_os_family == "Suse" -- name: "(Install: All OSs) Install NGINX" +- import_tasks: setup-freebsd.yml + when: ansible_os_family == "FreeBSD" + +- name: "(Install: Debian/Ubuntu/CentOS/RedHat) Install NGINX" package: name: nginx state: present + when: ansible_os_family != "FreeBSD" + notify: "(Handler: All OSs) Start NGINX" + +- name: "(Install: FreeBSD) Install NGINX" + package: + name: nginx + state: present + when: ansible_os_family == "FreeBSD" notify: "(Handler: All OSs) Start NGINX" diff --git a/tasks/opensource/setup-freebsd.yml b/tasks/opensource/setup-freebsd.yml new file mode 100644 index 0000000..fdc1ae5 --- /dev/null +++ b/tasks/opensource/setup-freebsd.yml @@ -0,0 +1,10 @@ +--- +- name: "(Install: FreeBSD) Fetch Ports" + command: portsnap fetch --interactive + args: + creates: /var/db/portsnap/INDEX + +- name: "(Install: FreeBSD) Extract Ports" + command: portsnap extract + args: + creates: /usr/ports From ea6de99eed0d052b286f771eaeb73e812a901c18 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Wed, 9 May 2018 14:05:57 -0700 Subject: [PATCH 29/34] Use portinstall module instead of package module --- tasks/opensource/install-oss.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tasks/opensource/install-oss.yml b/tasks/opensource/install-oss.yml index 94b25c1..1ae3fd6 100644 --- a/tasks/opensource/install-oss.yml +++ b/tasks/opensource/install-oss.yml @@ -19,7 +19,7 @@ notify: "(Handler: All OSs) Start NGINX" - name: "(Install: FreeBSD) Install NGINX" - package: + portinstall: name: nginx state: present when: ansible_os_family == "FreeBSD" From 98974fbf1aa76cb73f9321d7b61909ca06507766 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 11 May 2018 13:31:31 -0700 Subject: [PATCH 30/34] Implement support to select NGINX repository Resolve #32 - Initial options include using the default NGINX packages included in the host system or using the NGINX packages included in the NGINX repository --- README.md | 8 +++++- defaults/main.yml | 6 +++++ tasks/opensource/install-oss.yml | 46 ++++++++++++++++++++------------ 3 files changed, 42 insertions(+), 18 deletions(-) diff --git a/README.md b/README.md index 6ad524e..7596411 100644 --- a/README.md +++ b/README.md @@ -84,12 +84,18 @@ This role has multiple variables. The defaults for all these variables are the f # Default is 'opensource'. type: opensource + # Specify source respository for NGINX Open Source. + # Options are 'nginx_repository' or 'os_repository'. + # Default is nginx_repository. + install_from: nginx_repository + # Specify which branch of NGINX Open Source you want to install. # Options are 'mainline' or 'stable'. + # Only works if 'install_from' is set to 'nginx_repository'. # Default is mainline. branch: mainline - # Install nginscript, perl, waf (NGINX Plus only), geoip, image-filter, rtmp and/or xslt modules. + # Install NGINX JavaScript, Perl, ModSecurity WAF (NGINX Plus only), GeoIP, Image-Filter, RTMP Media Streaming, and/or XSLT modules. # Default is false. modules: njs: false diff --git a/defaults/main.yml b/defaults/main.yml index 10fb067..020fc8c 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -4,8 +4,14 @@ # Default is 'opensource'. type: opensource +# Specify source respository for NGINX Open Source. +# Options are 'nginx_repository' or 'os_repository'. +# Default is nginx_repository. +install_from: nginx_repository + # Specify which branch of NGINX Open Source you want to install. # Options are 'mainline' or 'stable'. +# Only works if 'install_from' is set to 'nginx_repository'. # Default is mainline. branch: mainline diff --git a/tasks/opensource/install-oss.yml b/tasks/opensource/install-oss.yml index 1ae3fd6..d19e5a5 100644 --- a/tasks/opensource/install-oss.yml +++ b/tasks/opensource/install-oss.yml @@ -1,26 +1,38 @@ --- -- import_tasks: setup-debian.yml - when: ansible_os_family == "Debian" +- name: "" + block: -- import_tasks: setup-redhat.yml - when: ansible_os_family == "RedHat" + - import_tasks: setup-debian.yml + when: ansible_os_family == "Debian" -- import_tasks: setup-suse.yml - when: ansible_os_family == "Suse" + - import_tasks: setup-redhat.yml + when: ansible_os_family == "RedHat" -- import_tasks: setup-freebsd.yml - when: ansible_os_family == "FreeBSD" + - import_tasks: setup-suse.yml + when: ansible_os_family == "Suse" -- name: "(Install: Debian/Ubuntu/CentOS/RedHat) Install NGINX" + - import_tasks: setup-freebsd.yml + when: ansible_os_family == "FreeBSD" + + - name: "(Install: Debian/Ubuntu/CentOS/RedHat) Install NGINX" + package: + name: nginx + state: present + when: ansible_os_family != "FreeBSD" + notify: "(Handler: All OSs) Start NGINX" + + - name: "(Install: FreeBSD) Install NGINX" + portinstall: + name: nginx + state: present + when: ansible_os_family == "FreeBSD" + notify: "(Handler: All OSs) Start NGINX" + + when: install_from == "nginx_repository" + +- name: "(Install: Debian/Ubuntu/CentOS/RedHat/FreeBSD) Install NGINX" package: name: nginx state: present - when: ansible_os_family != "FreeBSD" - notify: "(Handler: All OSs) Start NGINX" - -- name: "(Install: FreeBSD) Install NGINX" - portinstall: - name: nginx - state: present - when: ansible_os_family == "FreeBSD" + when: install_from == "os_repository" notify: "(Handler: All OSs) Start NGINX" From 4037b195ff4ae5765a79626d9bda6edee5ecbc47 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 11 May 2018 15:12:06 -0700 Subject: [PATCH 31/34] Refactor repository into a variable --- README.md | 15 ++++++++++++++- defaults/main.yml | 15 ++++++++++++++- tasks/opensource/setup-debian.yml | 14 ++------------ tasks/opensource/setup-redhat.yml | 32 ++----------------------------- tasks/opensource/setup-suse.yml | 11 ++--------- 5 files changed, 34 insertions(+), 53 deletions(-) diff --git a/README.md b/README.md index 7596411..fd11749 100644 --- a/README.md +++ b/README.md @@ -84,11 +84,24 @@ This role has multiple variables. The defaults for all these variables are the f # Default is 'opensource'. type: opensource - # Specify source respository for NGINX Open Source. + # Specify repository origin for NGINX Open Source. # Options are 'nginx_repository' or 'os_repository'. + # Only works if 'type' is set to 'opensource'. # Default is nginx_repository. install_from: nginx_repository + # Specify source repository for NGINX Open Source. + # Only works if 'install_from' is set to 'nginx_repository'. + # Defaults are the official NGINX repositories. + nginx_repository: + debian: + - 'deb https://nginx.org/packages/{{ "mainline/" if branch == "mainline" }}{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx' + - 'deb-src https://nginx.org/packages/{{ "mainline/" if branch == "mainline" }}{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx' + redhat: + - https://nginx.org/packages/{{ "mainline/" if branch == "mainline" }}{{ (ansible_distribution == "RedHat") | ternary('rhel/', 'centos/') }}{{ ansible_distribution_major_version|int }}/$basearch/ + suse: + - https://nginx.org/packages/{{ "mainline/" if branch == "mainline" }}sles/12 + # Specify which branch of NGINX Open Source you want to install. # Options are 'mainline' or 'stable'. # Only works if 'install_from' is set to 'nginx_repository'. diff --git a/defaults/main.yml b/defaults/main.yml index 020fc8c..c1120ab 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -4,11 +4,24 @@ # Default is 'opensource'. type: opensource -# Specify source respository for NGINX Open Source. +# Specify repository origin for NGINX Open Source. # Options are 'nginx_repository' or 'os_repository'. +# Only works if 'type' is set to 'opensource'. # Default is nginx_repository. install_from: nginx_repository +# Specify source repository for NGINX Open Source. +# Only works if 'install_from' is set to 'nginx_repository'. +# Defaults are the official NGINX repositories. +nginx_repository: + debian: + - 'deb https://nginx.org/packages/{{ "mainline/" if branch == "mainline" }}{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx' + - 'deb-src https://nginx.org/packages/{{ "mainline/" if branch == "mainline" }}{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx' + redhat: + - https://nginx.org/packages/{{ "mainline/" if branch == "mainline" }}{{ (ansible_distribution == "RedHat") | ternary('rhel/', 'centos/') }}{{ ansible_distribution_major_version|int }}/$basearch/ + suse: + - https://nginx.org/packages/{{ "mainline/" if branch == "mainline" }}sles/12 + # Specify which branch of NGINX Open Source you want to install. # Options are 'mainline' or 'stable'. # Only works if 'install_from' is set to 'nginx_repository'. diff --git a/tasks/opensource/setup-debian.yml b/tasks/opensource/setup-debian.yml index 8feb1d4..2b90dd3 100644 --- a/tasks/opensource/setup-debian.yml +++ b/tasks/opensource/setup-debian.yml @@ -1,16 +1,6 @@ --- -- name: "(Install: Debian/Ubuntu) Add Mainline NGINX Repository" +- name: "(Install: Debian/Ubuntu) Add NGINX Repository" apt_repository: repo: "{{ item }}" with_items: - - deb https://nginx.org/packages/mainline/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx - - deb-src https://nginx.org/packages/mainline/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx - when: branch == "mainline" - -- name: "(Install: Debian/Ubuntu) Add Stable NGINX Repository" - apt_repository: - repo: "{{ item }}" - with_items: - - deb https://nginx.org/packages/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx - - deb-src https://nginx.org/packages/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx - when: branch == "stable" + - "{{ nginx_repository.debian }}" diff --git a/tasks/opensource/setup-redhat.yml b/tasks/opensource/setup-redhat.yml index abecbd9..6e70aff 100644 --- a/tasks/opensource/setup-redhat.yml +++ b/tasks/opensource/setup-redhat.yml @@ -1,36 +1,8 @@ --- -- name: "(Install: RedHat) Add Mainline NGINX Repository" +- name: "(Install: CentOS/RedHat) Add NGINX Repository" yum_repository: name: nginx - baseurl: https://nginx.org/packages/mainline/rhel/{{ ansible_distribution_major_version|int }}/$basearch/ + baseurl: "{{ nginx_repository.redhat }}" description: NGINX Repository enabled: yes gpgcheck: yes - when: branch == "mainline" and ansible_distribution == "RedHat" - -- name: "(Install: CentOS) Add Mainline NGINX Repository" - yum_repository: - name: nginx - baseurl: https://nginx.org/packages/mainline/centos/{{ ansible_distribution_major_version|int }}/$basearch/ - description: NGINX Repository - enabled: yes - gpgcheck: yes - when: branch == "mainline" and ansible_distribution == "CentOS" - -- name: "(Install: RedHat) Add Stable NGINX Repository" - yum_repository: - name: nginx - baseurl: https://nginx.org/packages/rhel/{{ ansible_distribution_major_version|int }}/$basearch/ - description: NGINX Repository - enabled: yes - gpgcheck: yes - when: branch == "stable" and ansible_distribution == "RedHat" - -- name: "(Install: CentOS) Add Stable NGINX Repository" - yum_repository: - name: nginx - baseurl: https://nginx.org/packages/centos/{{ ansible_distribution_major_version|int }}/$basearch/ - description: NGINX Repository - enabled: yes - gpgcheck: yes - when: branch == "stable" and ansible_distribution == "CentOS" diff --git a/tasks/opensource/setup-suse.yml b/tasks/opensource/setup-suse.yml index 2a1c61c..3e9b3e1 100644 --- a/tasks/opensource/setup-suse.yml +++ b/tasks/opensource/setup-suse.yml @@ -1,12 +1,5 @@ --- -- name: "(Install: SUSE) Add Mainline NGINX Repository" +- name: "(Install: SUSE) Add NGINX Repository" zypper_repository: name: nginx - repo: https://nginx.org/packages/mainline/sles/12 - when: branch == "mainline" - -- name: "(Install: SUSE) Add Stable NGINX Repository" - zypper_repository: - name: nginx - repo: https://nginx.org/packages/sles/12 - when: branch == "stable" + repo: "{{ nginx_repository.suse }}" From 75939983e18c0b1fdf944d18a88a210a511bbde5 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 11 May 2018 15:48:17 -0700 Subject: [PATCH 32/34] Add stable branch test playbook --- tests/playbooks/{nginx-opensource.yml => nginx-basic.yml} | 0 tests/playbooks/nginx-stable.yml | 8 ++++++++ 2 files changed, 8 insertions(+) rename tests/playbooks/{nginx-opensource.yml => nginx-basic.yml} (100%) create mode 100644 tests/playbooks/nginx-stable.yml diff --git a/tests/playbooks/nginx-opensource.yml b/tests/playbooks/nginx-basic.yml similarity index 100% rename from tests/playbooks/nginx-opensource.yml rename to tests/playbooks/nginx-basic.yml diff --git a/tests/playbooks/nginx-stable.yml b/tests/playbooks/nginx-stable.yml new file mode 100644 index 0000000..27ef08c --- /dev/null +++ b/tests/playbooks/nginx-stable.yml @@ -0,0 +1,8 @@ +--- +- hosts: localhost + become: true + remote_user: root + roles: + - ansible-role-nginx + vars: + branch: stable From c1a4eb6a99745e81e741188d43b6847d0ca62149 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Fri, 11 May 2018 16:06:53 -0700 Subject: [PATCH 33/34] Fix Travis --- .travis.yml | 36 +++++++++++++++++++++++++++--------- 1 file changed, 27 insertions(+), 9 deletions(-) diff --git a/.travis.yml b/.travis.yml index 9c4878b..7838e42 100644 --- a/.travis.yml +++ b/.travis.yml @@ -5,55 +5,73 @@ services: env: - distribution: centos version: 6 - playbook: opensource - - distribution: centos - version: 6 - playbook: template + playbook: basic - distribution: centos version: 6 playbook: push + - distribution: centos + version: 6 + playbook: stable + - distribution: centos + version: 6 + playbook: template - distribution: centos version: 7 - playbook: opensource + playbook: basic - distribution: centos version: 7 playbook: template + - distribution: centos + version: 7 + playbook: stable - distribution: centos version: 7 playbook: push - distribution: debian version: jessie - playbook: opensource + playbook: basic - distribution: debian version: jessie playbook: template + - distribution: debian + version: jessie + playbook: stable - distribution: debian version: jessie playbook: push - distribution: debian version: stretch - playbook: opensource + playbook: basic - distribution: debian version: stretch playbook: template + - distribution: debian + version: stretch + playbook: stable - distribution: debian version: stretch playbook: push - distribution: ubuntu version: trusty - playbook: opensource + playbook: basic - distribution: ubuntu version: trusty playbook: template + - distribution: ubuntu + version: trusty + playbook: stable - distribution: ubuntu version: trusty playbook: push - distribution: ubuntu version: xenial - playbook: opensource + playbook: basic - distribution: ubuntu version: xenial playbook: template + - distribution: ubuntu + version: xenial + playbook: stable - distribution: ubuntu version: xenial playbook: push From 8e3ca5e5a06a13391fd39ac8c6ff6908b60f1d0b Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Mon, 14 May 2018 11:31:46 -0700 Subject: [PATCH 34/34] Use Ansible ternary operator instead of J2 conditionals --- defaults/main.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index c1120ab..d61463b 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -15,12 +15,12 @@ install_from: nginx_repository # Defaults are the official NGINX repositories. nginx_repository: debian: - - 'deb https://nginx.org/packages/{{ "mainline/" if branch == "mainline" }}{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx' - - 'deb-src https://nginx.org/packages/{{ "mainline/" if branch == "mainline" }}{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx' + - deb https://nginx.org/packages/{{ (branch == 'mainline') | ternary('mainline/','') }}{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx + - deb-src https://nginx.org/packages/{{ (branch == 'mainline') | ternary('mainline/','') }}{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx redhat: - - https://nginx.org/packages/{{ "mainline/" if branch == "mainline" }}{{ (ansible_distribution == "RedHat") | ternary('rhel/', 'centos/') }}{{ ansible_distribution_major_version|int }}/$basearch/ + - https://nginx.org/packages/{{ (branch == 'mainline') | ternary('mainline/','') }}{{ (ansible_distribution == "RedHat") | ternary('rhel/', 'centos/') }}{{ ansible_distribution_major_version|int }}/$basearch/ suse: - - https://nginx.org/packages/{{ "mainline/" if branch == "mainline" }}sles/12 + - https://nginx.org/packages/{{ (branch == 'mainline') | ternary('mainline/','') }}sles/12 # Specify which branch of NGINX Open Source you want to install. # Options are 'mainline' or 'stable'.