Refactor templates
Refactor template variables and configuration scripts
This commit is contained in:
parent
4446ff2b88
commit
147410ab03
69
README.md
69
README.md
@ -85,60 +85,61 @@ This role has multiple variables. The defaults for all these variables are the f
|
||||
type: opensource
|
||||
# Specify which branch of Open Source NGINX you want to install.
|
||||
# Options are 'mainline' or 'stable'.
|
||||
# Default is stable.
|
||||
# Default is mainline.
|
||||
branch: mainline
|
||||
# Install nginscript, perl and/or waf modules.
|
||||
# Install nginscript, perl, waf, geoip, image-filter, rtmp and/or xslt modules.
|
||||
# Default is false.
|
||||
modules:
|
||||
njs: false
|
||||
perl: false
|
||||
waf: false
|
||||
geoip: false
|
||||
image_filter: false
|
||||
rtmp: false
|
||||
xslt: false
|
||||
# Install NGINX Amplify.
|
||||
# Use your NGINX Amplify API key.
|
||||
# Default is null.
|
||||
amplify: null
|
||||
amplify_enable: false
|
||||
amplify_key: null
|
||||
# Enable NGINX status data.
|
||||
# Will enable 'stub_status' in open source NGINX and 'status' in NGINX Plus.
|
||||
# Default is false.
|
||||
status: false
|
||||
# Enable NGINX Plus REST API and dashboard.
|
||||
# Default is false for all three variables.
|
||||
api:
|
||||
enable: false
|
||||
write: false
|
||||
status_enable: false
|
||||
# Enable NGINX Plus REST API and write access.
|
||||
# Default is false.
|
||||
rest_api_enable: false
|
||||
rest_api_write: false
|
||||
# Enable NGINX Plus dashboard. REST API also needs to be enabled.
|
||||
# Default is false.
|
||||
dashboard: false
|
||||
# Location of your NGINX Plus license in your local machine.
|
||||
# Default is the files folder within the NGINX Ansible role.
|
||||
license:
|
||||
certificate: license/nginx-repo.crt
|
||||
key: license/nginx-repo.key
|
||||
# Location of the configuration files you wish to upload to NGINX.
|
||||
# Default is the files folder within the NGINX Ansible role.
|
||||
configuration_files:
|
||||
enable: false
|
||||
main: conf/nginx.conf
|
||||
http: conf/http/*.conf
|
||||
# Enable uploading NGINX configuration files to your system.
|
||||
# Default for uploading files is false.
|
||||
# Default location of files is the files folder within the NGINX Ansible role.
|
||||
main_push_enable: false
|
||||
main_push_location: conf/nginx.conf
|
||||
http_push_enable: false
|
||||
http_push_location: conf/http/*.conf
|
||||
stream_push_enable: false
|
||||
stream_push_location: conf/stream/*.conf
|
||||
# Configuration variables to create a templated NGINX configuration.
|
||||
# Defaults are the values found in a fresh NGINX installation.
|
||||
configuration_templates:
|
||||
enable: false
|
||||
opensource:
|
||||
user: nginx
|
||||
worker_processes: 1
|
||||
error_level: warn
|
||||
worker_connections: 1024
|
||||
keepalive_timeout: 65
|
||||
listen: 80
|
||||
server_name: localhost
|
||||
plus:
|
||||
user: nginx
|
||||
worker_processes: auto
|
||||
error_level: notice
|
||||
worker_connections: 1024
|
||||
keepalive_timeout: 65
|
||||
listen: 80
|
||||
server_name: localhost
|
||||
|
||||
main_template_enable: false
|
||||
main_template_user: nginx
|
||||
main_template_worker_processes: auto
|
||||
main_template_error_level: warn
|
||||
main_template_worker_connections: 1024
|
||||
main_template_keepalive_timeout: 65
|
||||
http_template_enable: false
|
||||
http_template_listen: 80
|
||||
http_template_server_name: localhost
|
||||
stream_template_enable: false
|
||||
stream_template_listen: 12345
|
||||
|
||||
Dependencies
|
||||
------------
|
||||
|
@ -5,7 +5,7 @@
|
||||
type: opensource
|
||||
# Specify which branch of Open Source NGINX you want to install.
|
||||
# Options are 'mainline' or 'stable'.
|
||||
# Default is stable.
|
||||
# Default is mainline.
|
||||
branch: mainline
|
||||
# Install nginscript, perl, waf, geoip, image-filter, rtmp and/or xslt modules.
|
||||
# Default is false.
|
||||
@ -20,45 +20,43 @@ modules:
|
||||
# Install NGINX Amplify.
|
||||
# Use your NGINX Amplify API key.
|
||||
# Default is null.
|
||||
amplify: null
|
||||
amplify_enable: false
|
||||
amplify_key: null
|
||||
# Enable NGINX status data.
|
||||
# Will enable 'stub_status' in open source NGINX and 'status' in NGINX Plus.
|
||||
# Default is false.
|
||||
status: false
|
||||
# Enable NGINX Plus REST API and dashboard.
|
||||
# Default is false for all three variables.
|
||||
api:
|
||||
enable: false
|
||||
write: false
|
||||
dashboard: false
|
||||
status_enable: false
|
||||
# Enable NGINX Plus REST API and write access.
|
||||
# Default is false.
|
||||
rest_api_enable: false
|
||||
rest_api_write: false
|
||||
# Enable NGINX Plus dashboard. REST API also needs to be enabled.
|
||||
# Default is false.
|
||||
dashboard: false
|
||||
# Location of your NGINX Plus license in your local machine.
|
||||
# Default is the files folder within the NGINX Ansible role.
|
||||
license:
|
||||
certificate: license/nginx-repo.crt
|
||||
key: license/nginx-repo.key
|
||||
# Location of the configuration files you wish to upload to NGINX.
|
||||
# Default is the files folder within the NGINX Ansible role.
|
||||
configuration_files:
|
||||
enable: false
|
||||
main: conf/nginx.conf
|
||||
http: conf/http/*.conf
|
||||
# Enable uploading NGINX configuration files to your system.
|
||||
# Default for uploading files is false.
|
||||
# Default location of files is the files folder within the NGINX Ansible role.
|
||||
main_push_enable: false
|
||||
main_push_location: conf/nginx.conf
|
||||
http_push_enable: false
|
||||
http_push_location: conf/http/*.conf
|
||||
stream_push_enable: false
|
||||
stream_push_location: conf/stream/*.conf
|
||||
# Configuration variables to create a templated NGINX configuration.
|
||||
# Defaults are the values found in a fresh NGINX installation.
|
||||
configuration_templates:
|
||||
enable: false
|
||||
opensource:
|
||||
user: nginx
|
||||
worker_processes: 1
|
||||
error_level: warn
|
||||
worker_connections: 1024
|
||||
keepalive_timeout: 65
|
||||
listen: 80
|
||||
server_name: localhost
|
||||
plus:
|
||||
user: nginx
|
||||
worker_processes: auto
|
||||
error_level: notice
|
||||
worker_connections: 1024
|
||||
keepalive_timeout: 65
|
||||
listen: 80
|
||||
server_name: localhost
|
||||
main_template_enable: false
|
||||
main_template_user: nginx
|
||||
main_template_worker_processes: auto
|
||||
main_template_error_level: warn
|
||||
main_template_worker_connections: 1024
|
||||
main_template_keepalive_timeout: 65
|
||||
http_template_enable: false
|
||||
http_template_listen: 80
|
||||
http_template_server_name: localhost
|
||||
stream_template_enable: false
|
||||
stream_template_listen: 12345
|
||||
|
0
files/conf/stream/.gitkeep
Normal file
0
files/conf/stream/.gitkeep
Normal file
@ -7,4 +7,4 @@
|
||||
dest: /tmp/install.sh
|
||||
|
||||
- name: "(Install: All NGINX) Install NGINX Amplify"
|
||||
shell: API_KEY='{{ amplify }}' sh /tmp/install.sh -y
|
||||
shell: API_KEY='{{ amplify_key }}' sh /tmp/install.sh -y
|
||||
|
25
tasks/conf/push-config.yml
Normal file
25
tasks/conf/push-config.yml
Normal file
@ -0,0 +1,25 @@
|
||||
---
|
||||
- name: "(Setup: All NGINX) Upload NGINX Main Configuration File"
|
||||
copy:
|
||||
src: "{{ main_upload_location }}"
|
||||
dest: /etc/nginx/nginx.conf
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
when: main_upload_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Upload NGINX HTTP Configuration Files"
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/nginx/conf.d/
|
||||
with_fileglob:
|
||||
- "{{ http_upload_location }}"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
when: http_upload_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Upload NGINX Stream Configuration Files"
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/nginx/conf.d/
|
||||
with_fileglob:
|
||||
- "{{ stream_upload_location }}"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
when: stream_upload_enable
|
@ -1,6 +0,0 @@
|
||||
---
|
||||
- name: "(Setup: NGINX Plus) Setup NGINX Plus API"
|
||||
template:
|
||||
src: api.j2
|
||||
dest: /etc/nginx/conf.d/api.conf
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
6
tasks/conf/setup-rest-api.yml
Normal file
6
tasks/conf/setup-rest-api.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
- name: "(Setup: NGINX Plus) Setup NGINX Plus API"
|
||||
template:
|
||||
src: api.conf.j2
|
||||
dest: "{{ (http_template_enable) | ternary('/etc/nginx/conf.d/http/api.conf','/etc/nginx/conf.d/api.conf')}}"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
22
tasks/conf/template-config.yml
Normal file
22
tasks/conf/template-config.yml
Normal file
@ -0,0 +1,22 @@
|
||||
---
|
||||
- name: "(Setup: All NGINX) Dynamically Generate NGINX Main Configuration File"
|
||||
template:
|
||||
src: nginx.conf.j2
|
||||
dest: /etc/nginx/nginx.conf
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: All NGINX) Dynamically Generate NGINX HTTP Configuration Files"
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }}
|
||||
with_fileglob:
|
||||
- "../templates/http/*.j2"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: All NGINX) Dynamically Generate NGINX Stream Configuration Files"
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }}
|
||||
with_fileglob:
|
||||
- "../templates/stream/*.j2"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
@ -1,14 +0,0 @@
|
||||
---
|
||||
- name: "(Setup: All NGINX) Upload NGINX Main Configuration File"
|
||||
copy:
|
||||
src: conf/nginx.conf
|
||||
dest: /etc/nginx/nginx.conf
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: All NGINX) Upload NGINX HTTP Configuration Files"
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/nginx/conf.d/
|
||||
with_fileglob:
|
||||
- "conf/http/*.conf"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
@ -1,32 +0,0 @@
|
||||
---
|
||||
- name: "(Setup: Open Source NGINX) Upload Open Source NGINX Main Configuration File"
|
||||
template:
|
||||
src: opensource/nginx.conf.j2
|
||||
dest: /etc/nginx/nginx.conf
|
||||
when: type == "opensource"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: Open Source NGINX) Upload Open Source NGINX HTTP Configuration Files"
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }}
|
||||
with_fileglob:
|
||||
- "../templates/opensource/http/*.j2"
|
||||
when: type == "opensource"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: NGINX Plus) Upload NGINX Plus Main Configuration File"
|
||||
template:
|
||||
src: plus/nginx.conf.j2
|
||||
dest: /etc/nginx/nginx.conf
|
||||
when: type == "plus"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: NGINX Plus) Upload NGINX Plus HTTP Configuration Files"
|
||||
template:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/nginx/conf.d/{{ item | basename | regex_replace('\.j2','') }}
|
||||
with_fileglob:
|
||||
- "../templates/plus/http/*.j2"
|
||||
when: type == "plus"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
@ -32,17 +32,17 @@
|
||||
- import_tasks: modules/install-waf.yml
|
||||
when: modules.waf and type == "plus"
|
||||
|
||||
- import_tasks: conf/upload-files.yml
|
||||
when: configuration_files.enable
|
||||
- import_tasks: conf/push-config.yml
|
||||
when: main_push_enable or http_push_enable or stream_push_enable
|
||||
|
||||
- import_tasks: conf/upload-templates.yml
|
||||
when: configuration_templates.enable
|
||||
- import_tasks: conf/template-config.yml
|
||||
when: main_template_enable or http_template_enable or stream_template_enable
|
||||
|
||||
- import_tasks: conf/setup-status.yml
|
||||
when: status
|
||||
when: status_enable
|
||||
|
||||
- import_tasks: conf/setup-api.yml
|
||||
when: api.enable and type == "plus"
|
||||
- import_tasks: conf/setup-rest-api.yml
|
||||
when: rest_api_enable and type == "plus"
|
||||
|
||||
- import_tasks: amplify/install-amplify.yml
|
||||
when: amplify is defined and amplify
|
||||
when: amplify_enable and amplify_key is defined and amplify_key
|
||||
|
@ -1,13 +1,13 @@
|
||||
server {
|
||||
listen 8080;
|
||||
location /api {
|
||||
{% if api.write %}
|
||||
{% if rest_api_write %}
|
||||
api write=on;
|
||||
{% else %}
|
||||
api;
|
||||
{% endif %}
|
||||
}
|
||||
{% if api.dashboard %}
|
||||
{% if dashboard %}
|
||||
location = /dashboard.html {
|
||||
root /usr/share/nginx/html;
|
||||
}
|
@ -1,6 +1,6 @@
|
||||
server {
|
||||
listen {{ configuration_templates.opensource.listen }};
|
||||
server_name {{ configuration_templates.opensource.server_name }};
|
||||
listen {{ http_template_listen }};
|
||||
server_name {{ http_template_server_name }};
|
||||
|
||||
#charset koi8-r;
|
||||
#access_log /var/log/nginx/host.access.log main;
|
@ -1,15 +1,15 @@
|
||||
user {{ configuration_templates.opensource.user }};
|
||||
worker_processes {{ configuration_templates.opensource.worker_processes }};
|
||||
user {{ main_template_user }};
|
||||
worker_processes {{ main_teamplate_worker_processes }};
|
||||
|
||||
error_log /var/log/nginx/error.log {{ configuration_templates.opensource.error_level }};
|
||||
error_log /var/log/nginx/error.log {{ main_template_error_level }};
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
|
||||
events {
|
||||
worker_connections {{ configuration_templates.opensource.worker_connections }};
|
||||
worker_connections {{ main_template_worker_connections }};
|
||||
}
|
||||
|
||||
|
||||
{% if http_template_enable %}
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
@ -23,9 +23,16 @@ http {
|
||||
sendfile on;
|
||||
#tcp_nopush on;
|
||||
|
||||
keepalive_timeout {{ configuration_templates.opensource.keepalive_timeout }};
|
||||
keepalive_timeout {{ main_template_keepalive_timeout }};
|
||||
|
||||
#gzip on;
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
include /etc/nginx/conf.d/http/*.conf;
|
||||
}
|
||||
{% endif %}
|
||||
|
||||
{% if stream_template_enable %}
|
||||
stream {
|
||||
include /etc/nginx/conf.d/stream/*.conf;
|
||||
}
|
||||
{% endif %}
|
@ -1,60 +0,0 @@
|
||||
server {
|
||||
listen {{ configuration_templates.plus.listen }} default_server;
|
||||
server_name {{ configuration_templates.plus.server_name }};
|
||||
|
||||
#charset koi8-r;
|
||||
#access_log /var/log/nginx/host.access.log main;
|
||||
|
||||
location / {
|
||||
root /usr/share/nginx/html;
|
||||
index index.html index.htm;
|
||||
}
|
||||
|
||||
#error_page 404 /404.html;
|
||||
|
||||
# redirect server error pages to the static page /50x.html
|
||||
#
|
||||
error_page 500 502 503 504 /50x.html;
|
||||
location = /50x.html {
|
||||
root /usr/share/nginx/html;
|
||||
}
|
||||
|
||||
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
|
||||
#
|
||||
#location ~ \.php$ {
|
||||
# proxy_pass http://127.0.0.1;
|
||||
#}
|
||||
|
||||
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
|
||||
#
|
||||
#location ~ \.php$ {
|
||||
# root html;
|
||||
# fastcgi_pass 127.0.0.1:9000;
|
||||
# fastcgi_index index.php;
|
||||
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
|
||||
# include fastcgi_params;
|
||||
#}
|
||||
|
||||
# deny access to .htaccess files, if Apache's document root
|
||||
# concurs with nginx's one
|
||||
#
|
||||
#location ~ /\.ht {
|
||||
# deny all;
|
||||
#}
|
||||
|
||||
# enable /api/ location with appropriate access control in order
|
||||
# to make use of NGINX Plus API
|
||||
#
|
||||
#location /api/ {
|
||||
# api write=on;
|
||||
# allow 127.0.0.1;
|
||||
# deny all;
|
||||
#}
|
||||
|
||||
# enable NGINX Plus Dashboard; requires /api/ location to be
|
||||
# enabled and appropriate access control for remote access
|
||||
#
|
||||
#location = /dashboard.html {
|
||||
# root /usr/share/nginx/html;
|
||||
#}
|
||||
}
|
@ -1,50 +0,0 @@
|
||||
user {{ configuration_templates.plus.user }};
|
||||
worker_processes {{ configuration_templates.plus.worker_processes }};
|
||||
|
||||
error_log /var/log/nginx/error.log {{ configuration_templates.plus.error_level }};
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
|
||||
events {
|
||||
worker_connections {{ configuration_templates.plus.worker_connections }};
|
||||
}
|
||||
|
||||
|
||||
http {
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
sendfile on;
|
||||
#tcp_nopush on;
|
||||
|
||||
keepalive_timeout {{ configuration_templates.plus.keepalive_timeout }};
|
||||
|
||||
#gzip on;
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
}
|
||||
|
||||
|
||||
# TCP/UDP proxy and load balancing block
|
||||
#
|
||||
#stream {
|
||||
# Example configuration for TCP load balancing
|
||||
|
||||
#upstream stream_backend {
|
||||
# zone tcp_servers 64k;
|
||||
# server backend1.example.com:12345;
|
||||
# server backend2.example.com:12345;
|
||||
#}
|
||||
|
||||
#server {
|
||||
# listen 12345;
|
||||
# status_zone tcp_server;
|
||||
# proxy_pass stream_backend;
|
||||
#}
|
||||
#}
|
3
templates/stream/default.conf.j2
Normal file
3
templates/stream/default.conf.j2
Normal file
@ -0,0 +1,3 @@
|
||||
server {
|
||||
listen {{ stream_template_listen }};
|
||||
}
|
Loading…
Reference in New Issue
Block a user