sebclem/ansible-role-nginx
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Buildfromsource (#233)

Browse Source 
* Add build from source option

* Update to Molecule 3.0

* Add service manager to Debian images

* Add .gitignore entry for Ansible retry files

Co-authored-by: Alessandro Fael Garcia <alessfg@hotmail.com>
This commit is contained in:
Tom Gamull 2020-03-25 13:43:32 -04:00 committed by GitHub
parent d0548a7b0b
commit 2289b6a070
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
42 changed files with 1432 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.gitignore vendored
View File

@ -5,3 +5,11 @@
__pycache__
*~
\#*
# OS Specific
Thumbs.db
.DS_Store
.vscode
# Ansible specific
*.retry

64
.travis.yml
View File

@ -1,30 +1,56 @@
---
sudo: required
language: python
services:
- docker
env:
- scenario: default
- scenario: default_alpine
- scenario: default_centos
- scenario: module
- scenario: module_alpine
- scenario: module_centos
- scenario: stable_push
- scenario: stable_push_alpine
- scenario: stable_push_centos
- scenario: template
- scenario: template_alpine
- scenario: template_centos
- scenario: unit
- scenario: unit_alpine
- scenario: unit_centos
jobs:
include:
- name: "Install Specific Version Test - Debian"
env: scenario=default
- name: "Install Specific Version Test - Alpine"
env: scenario=default_alpine
- name: "Install Specific Version Test - CentOS"
env: scenario=default_centos
- name: "Install Modules Test - Debian"
env: scenario=module
- name: "Install Modules Test - Alpine"
env: scenario=module_alpine
- name: "Install Modules Test - CentOS"
env: scenario=module_centos
- name: "Install Stable Branch and Push Configuration Test - Debian"
env: scenario=stable_push
- name: "Install Stable Branch and Push Configuration Test - Alpine"
env: scenario=stable_push_alpine
- name: "Install Stable Branch and Push Configuration Test - CentOS"
env: scenario=stable_push_centos
- name: "Use Template Setting Test - Debian"
env: scenario=template
- name: "Use Template Setting Test - Alpine"
env: scenario=template_alpine
- name: "Use Template Setting Test - CentOS"
env: scenario=template_centos
- name: "Install Unit Test - Debian"
env: scenario=unit
- name: "Install Unit Test - Alpine"
env: scenario=unit_alpine
- name: "Install Unit Test - CentOS"
env: scenario=unit_centos
- name: "Install from Source Test - Debian"
env: scenario=source
- name: "Install from Source Test - Alpine"
env: scenario=source_alpine
- name: "Install from Source Test - CentOS"
env: scenario=source_centos
before_install:
- sudo apt-get -qq update
install:
- pip install ansible==2.9.4
- pip install molecule[docker]==2.22
- pip install ansible==2.9.6
- pip install molecule[docker]>=3.0.0
- pip install testinfra
- pip install ansible-lint
- pip install flake8
script:
- molecule --version
- ansible --version
- travis_wait 50 molecule test -s $scenario
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

1
.yamllint
View File

@ -1,3 +1,4 @@
---
extends: default
rules:

4
README.md
View File

@ -19,7 +19,7 @@ Instructions on how to install Ansible can be found in the [Ansible website](htt
**Molecule**
Molecule is used to test the various functionailities of the role. Instructions on how to install Molecule can be found in the [Molecule website](https://molecule.readthedocs.io/en/stable/installation.html).
Molecule is used to test the various functionailities of the role. Instructions on how to install Molecule can be found in the [Molecule website](https://molecule.readthedocs.io/en/latest/installation.html).
Installation
------------
@ -45,6 +45,7 @@ Alpine:
- 3.8
- 3.9
- 3.10
- 3.11
CentOS:
versions:
- 6
@ -81,6 +82,7 @@ Alpine:
- 3.8
- 3.9
- 3.10
- 3.11
Amazon Linux:
versions:
- 2018.03

5
defaults/main/linux.yml
View File

@ -6,3 +6,8 @@ nginx_linux_families: ['Alpine', 'Debian', 'RedHat', 'Suse']
# https://docs.nginx.com/nginx/technical-specs/
# RedHat={Amazon,CentOS,OracleLinux,RHEL} Debian={Ubuntu,Debian}
nginx_plus_linux_families: ['Alpine', 'Debian', 'RedHat', 'Suse']
# Default locations and versions for install from source
pcre_version: pcre-8.43
zlib_version: zlib-1.2.11
openssl_version: openssl-1.1.1c

18
defaults/main/main.yml
View File

@ -28,11 +28,25 @@ nginx_type: opensource
nginx_state: present
# Specify repository origin for NGINX Open Source.
# Options are 'nginx_repository' or 'os_repository'.
# Options are 'nginx_repository', 'source' or 'os_repository'.
# Only works if 'nginx_type' is set to 'opensource'.
# Default is nginx_repository.
nginx_install_from: nginx_repository
# Specify source install options for NGINX Open Source.
# Options represent whether to install from source also
# or to install from packages (default). These only apply
# if 'nginx_install_from' is set to 'source'
# For the tools, true means we will isntall from a package
# and false means install from source.
# 'nginx_install_source_build_tools' will install compiler
# and build tools from packages. If false, you need to have
# these present.
nginx_install_source_build_tools: true
nginx_install_source_pcre: false
nginx_install_source_openssl: true
nginx_install_source_zlib: false
# Choose where to fetch the NGINX signing key from.
# Default is the official NGINX signing key host.
# nginx_signing_key: http://nginx.org/keys/nginx_signing.key
@ -44,7 +58,7 @@ nginx_install_from: nginx_repository
# Specify which branch of NGINX Open Source you want to install.
# Options are 'mainline' or 'stable'.
# Only works if 'install_from' is set to 'nginx_repository'.
# Only works if 'install_from' is set to 'nginx_repository' or 'source'.
# Default is mainline.
nginx_branch: mainline

16
files/services/nginx.conf.upstart Normal file
View File

@ -0,0 +1,16 @@
description "nginx - small, powerful, scalable web/proxy server"
start on filesystem and static-network-up
stop on runlevel [016]
expect fork
respawn
pre-start script
[ -x /usr/sbin/nginx ] || { stop; exit 0; }
/usr/sbin/nginx -q -t -g 'daemon on; master_process on;' || { stop; exit 0; }
end script
exec /usr/sbin/nginx -g 'daemon on; master_process on;'
pre-stop exec /usr/sbin/nginx -s quit

70
files/services/nginx.openrc Normal file
View File

@ -0,0 +1,70 @@
#!/sbin/openrc-run
description="Nginx http and reverse proxy server"
extra_commands="checkconfig"
extra_started_commands="reload reopen upgrade"
cfgfile=${cfgfile:-/etc/nginx/nginx.conf}
pidfile=/var/run/nginx.pid
command=/usr/sbin/nginx
command_args="-c $cfgfile"
required_files="$cfgfile"
depend() {
need net
use dns logger netmount
}
start_pre() {
$command $command_args -t -q
}
checkconfig() {
ebegin "Checking $RC_SVCNAME configuration"
start_pre
eend $?
}
reload() {
ebegin "Reloading $RC_SVCNAME configuration"
start_pre && start-stop-daemon --signal HUP --pidfile $pidfile
eend $?
}
reopen() {
ebegin "Reopening $RC_SVCNAME log files"
start-stop-daemon --signal USR1 --pidfile $pidfile
eend $?
}
upgrade() {
start_pre || return 1
ebegin "Upgrading $RC_SVCNAME binary"
einfo "Sending USR2 to old binary"
start-stop-daemon --signal USR2 --pidfile $pidfile
einfo "Sleeping 3 seconds before pid-files checking"
sleep 3
if [ ! -f $pidfile.oldbin ]; then
eerror "File with old pid ($pidfile.oldbin) not found"
return 1
fi
if [ ! -f $pidfile ]; then
eerror "New binary failed to start"
return 1
fi
einfo "Sleeping 3 seconds before WINCH"
sleep 3 ; start-stop-daemon --signal 28 --pidfile $pidfile.oldbin
einfo "Sending QUIT to old binary"
start-stop-daemon --signal QUIT --pidfile $pidfile.oldbin
einfo "Upgrade completed"
eend $? "Upgrade failed"
}

15
files/services/nginx.systemd Normal file
View File

@ -0,0 +1,15 @@
[Unit]
Description=nginx - high performance web server
Documentation=http://nginx.org/en/docs/
After=network-online.target remote-fs.target nss-lookup.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/var/run/nginx.pid
ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s TERM $MAINPID
[Install]
WantedBy=multi-user.target

196
files/services/nginx.sysvinit Normal file
View File

@ -0,0 +1,196 @@
#!/bin/sh
### BEGIN INIT INFO
# Provides: nginx
# Required-Start: $local_fs $remote_fs $network $syslog $named
# Required-Stop: $local_fs $remote_fs $network $syslog $named
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: starts the nginx web server
# Description: starts nginx using start-stop-daemon
### END INIT INFO
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/sbin/nginx
NAME=nginx
DESC=nginx
# Include nginx defaults if available
if [ -r /etc/default/nginx ]; then
. /etc/default/nginx
fi
STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/5/KILL/5}"
test -x $DAEMON || exit 0
. /lib/init/vars.sh
. /lib/lsb/init-functions
# Try to extract nginx pidfile
PID=$(cat /etc/nginx/nginx.conf | grep -Ev '^\s*#' | awk 'BEGIN { RS="[;{}]" } { if ($1 == "pid") print $2 }' | head -n1)
if [ -z "$PID" ]; then
PID=/run/nginx.pid
fi
if [ -n "$ULIMIT" ]; then
# Set ulimit if it is set in /etc/default/nginx
ulimit $ULIMIT
fi
start_nginx() {
# Start the daemon/service
#
# Returns:
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON -- \
$DAEMON_OPTS 2>/dev/null \
|| return 2
}
test_config() {
# Test the nginx configuration
$DAEMON -t $DAEMON_OPTS >/dev/null 2>&1
}
stop_nginx() {
# Stops the daemon/service
#
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=$STOP_SCHEDULE --pidfile $PID --name $NAME
RETVAL="$?"
sleep 1
return "$RETVAL"
}
reload_nginx() {
# Function that sends a SIGHUP to the daemon/service
start-stop-daemon --stop --signal HUP --quiet --pidfile $PID --name $NAME
return 0
}
rotate_logs() {
# Rotate log files
start-stop-daemon --stop --signal USR1 --quiet --pidfile $PID --name $NAME
return 0
}
upgrade_nginx() {
# Online upgrade nginx executable
# http://nginx.org/en/docs/control.html
#
# Return
# 0 if nginx has been successfully upgraded
# 1 if nginx is not running
# 2 if the pid files were not created on time
# 3 if the old master could not be killed
if start-stop-daemon --stop --signal USR2 --quiet --pidfile $PID --name $NAME; then
# Wait for both old and new master to write their pid file
while [ ! -s "${PID}.oldbin" ] || [ ! -s "${PID}" ]; do
cnt=`expr $cnt + 1`
if [ $cnt -gt 10 ]; then
return 2
fi
sleep 1
done
# Everything is ready, gracefully stop the old master
if start-stop-daemon --stop --signal QUIT --quiet --pidfile "${PID}.oldbin" --name $NAME; then
return 0
else
return 3
fi
else
return 1
fi
}
case "$1" in
start)
log_daemon_msg "Starting $DESC" "$NAME"
start_nginx
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
stop)
log_daemon_msg "Stopping $DESC" "$NAME"
stop_nginx
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
restart)
log_daemon_msg "Restarting $DESC" "$NAME"
# Check configuration before stopping nginx
if ! test_config; then
log_end_msg 1 # Configuration error
exit $?
fi
stop_nginx
case "$?" in
0|1)
start_nginx
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
reload|force-reload)
log_daemon_msg "Reloading $DESC configuration" "$NAME"
# Check configuration before stopping nginx
#
# This is not entirely correct since the on-disk nginx binary
# may differ from the in-memory one, but that's not common.
# We prefer to check the configuration and return an error
# to the administrator.
if ! test_config; then
log_end_msg 1 # Configuration error
exit $?
fi
reload_nginx
log_end_msg $?
;;
configtest|testconfig)
log_daemon_msg "Testing $DESC configuration"
test_config
log_end_msg $?
;;
status)
status_of_proc -p $PID "$DAEMON" "$NAME" && exit 0 || exit $?
;;
upgrade)
log_daemon_msg "Upgrading binary" "$NAME"
upgrade_nginx
log_end_msg $?
;;
rotate)
log_daemon_msg "Re-opening $DESC log files" "$NAME"
rotate_logs
log_end_msg $?
;;
*)
echo "Usage: $NAME {start|stop|restart|reload|force-reload|status|configtest|rotate|upgrade}" >&2
exit 3
;;
esac

196
files/services/nginx.upstart Normal file
View File

@ -0,0 +1,196 @@
#!/bin/sh
### BEGIN INIT INFO
# Provides: nginx
# Required-Start: $local_fs $remote_fs $network $syslog $named
# Required-Stop: $local_fs $remote_fs $network $syslog $named
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: starts the nginx web server
# Description: starts nginx using start-stop-daemon
### END INIT INFO
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/sbin/nginx
NAME=nginx
DESC=nginx
# Include nginx defaults if available
if [ -r /etc/default/nginx ]; then
. /etc/default/nginx
fi
STOP_SCHEDULE="${STOP_SCHEDULE:-QUIT/5/TERM/5/KILL/5}"
test -x $DAEMON || exit 0
. /lib/init/vars.sh
. /lib/lsb/init-functions
# Try to extract nginx pidfile
PID=$(cat /etc/nginx/nginx.conf | grep -Ev '^\s*#' | awk 'BEGIN { RS="[;{}]" } { if ($1 == "pid") print $2 }' | head -n1)
if [ -z "$PID" ]; then
PID=/run/nginx.pid
fi
if [ -n "$ULIMIT" ]; then
# Set ulimit if it is set in /etc/default/nginx
ulimit $ULIMIT
fi
start_nginx() {
# Start the daemon/service
#
# Returns:
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile $PID --exec $DAEMON -- \
$DAEMON_OPTS 2>/dev/null \
|| return 2
}
test_config() {
# Test the nginx configuration
$DAEMON -t $DAEMON_OPTS >/dev/null 2>&1
}
stop_nginx() {
# Stops the daemon/service
#
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=$STOP_SCHEDULE --pidfile $PID --name $NAME
RETVAL="$?"
sleep 1
return "$RETVAL"
}
reload_nginx() {
# Function that sends a SIGHUP to the daemon/service
start-stop-daemon --stop --signal HUP --quiet --pidfile $PID --name $NAME
return 0
}
rotate_logs() {
# Rotate log files
start-stop-daemon --stop --signal USR1 --quiet --pidfile $PID --name $NAME
return 0
}
upgrade_nginx() {
# Online upgrade nginx executable
# http://nginx.org/en/docs/control.html
#
# Return
# 0 if nginx has been successfully upgraded
# 1 if nginx is not running
# 2 if the pid files were not created on time
# 3 if the old master could not be killed
if start-stop-daemon --stop --signal USR2 --quiet --pidfile $PID --name $NAME; then
# Wait for both old and new master to write their pid file
while [ ! -s "${PID}.oldbin" ] || [ ! -s "${PID}" ]; do
cnt=`expr $cnt + 1`
if [ $cnt -gt 10 ]; then
return 2
fi
sleep 1
done
# Everything is ready, gracefully stop the old master
if start-stop-daemon --stop --signal QUIT --quiet --pidfile "${PID}.oldbin" --name $NAME; then
return 0
else
return 3
fi
else
return 1
fi
}
case "$1" in
start)
log_daemon_msg "Starting $DESC" "$NAME"
start_nginx
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
stop)
log_daemon_msg "Stopping $DESC" "$NAME"
stop_nginx
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
restart)
log_daemon_msg "Restarting $DESC" "$NAME"
# Check configuration before stopping nginx
if ! test_config; then
log_end_msg 1 # Configuration error
exit $?
fi
stop_nginx
case "$?" in
0|1)
start_nginx
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
reload|force-reload)
log_daemon_msg "Reloading $DESC configuration" "$NAME"
# Check configuration before stopping nginx
#
# This is not entirely correct since the on-disk nginx binary
# may differ from the in-memory one, but that's not common.
# We prefer to check the configuration and return an error
# to the administrator.
if ! test_config; then
log_end_msg 1 # Configuration error
exit $?
fi
reload_nginx
log_end_msg $?
;;
configtest|testconfig)
log_daemon_msg "Testing $DESC configuration"
test_config
log_end_msg $?
;;
status)
status_of_proc -p $PID "$DAEMON" "$NAME" && exit 0 || exit $?
;;
upgrade)
log_daemon_msg "Upgrading binary" "$NAME"
upgrade_nginx
log_end_msg $?
;;
rotate)
log_daemon_msg "Re-opening $DESC log files" "$NAME"
rotate_logs
log_end_msg $?
;;
*)
echo "Usage: $NAME {start|stop|restart|reload|force-reload|status|configtest|rotate|upgrade}" >&2
exit 3
;;
esac

25
files/www/index.html Normal file
View File

@ -0,0 +1,25 @@
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>

16
molecule/common/Dockerfile.j2
View File

@ -17,31 +17,27 @@ ENV {{ var }} {{ value }}
RUN \
if [ $(command -v apt-get) ]; then \
apt-get update \
&& apt-get install -y python sudo bash ca-certificates iproute2 curl \
&& apt-get install -y python3 sudo bash ca-certificates iproute2 python3-apt aptitude systemd systemd-sysv procps curl \
&& apt-get clean; \
elif [ $(command -v dnf) ] && [ $(rpm -E %{rhel}) -eq 8 ]; then \
dnf makecache \
&& dnf --assumeyes install python3 python3-devel python3-dnf python3-pip bash iproute \
&& dnf clean all; \
elif [ $(command -v dnf) ]; then \
dnf makecache \
&& dnf --assumeyes install python sudo python-devel python*-dnf bash iproute \
&& dnf --assumeyes install /usr/bin/python3 /usr/bin/python3-config /usr/bin/dnf-3 bash iproute \
&& dnf clean all; \
elif [ $(command -v yum) ]; then \
yum makecache fast \
&& yum install -y python sudo yum-plugin-ovl bash iproute \
&& yum install -y /usr/bin/python /usr/bin/python2-config sudo yum-plugin-ovl bash iproute \
&& sed -i 's/plugins=0/plugins=1/g' /etc/yum.conf \
&& yum clean all; \
elif [ $(command -v zypper) ]; then \
zypper refresh \
&& zypper install -y python sudo bash python-xml iproute2 \
&& zypper install -y python3 sudo bash iproute2 \
&& zypper clean -a; \
elif [ $(command -v apk) ]; then \
apk update \
&& apk add --no-cache python sudo bash ca-certificates curl openrc; \
&& apk add --no-cache python3 sudo bash ca-certificates curl openrc; \
echo 'rc_provide="loopback net"' >> /etc/rc.conf; \
elif [ $(command -v xbps-install) ]; then \
xbps-install -Syu \
&& xbps-install -y python sudo bash ca-certificates iproute2 \
&& xbps-install -y python3 sudo bash ca-certificates iproute2 \
&& xbps-remove -O; \
fi

0
files/www/.gitkeep → molecule/common/files/www/.gitkeep
View File

6
molecule/common/playbook_default.yml
View File

@ -4,15 +4,15 @@
pre_tasks:
- name: "Set repo if Alpine"
set_fact:
version: "=1.17.6-r1"
version: "=1.17.8-r1"
when: ansible_os_family == "Alpine"
- name: "Set repo if Debian"
set_fact:
version: "=1.17.6-1~{{ ansible_distribution_release }}"
version: "=1.17.8-1~{{ ansible_distribution_release }}"
when: ansible_os_family == "Debian"
- name: "Set repo if RedHat"
set_fact:
version: "-1.17.6-1.el{{ ansible_distribution_major_version }}.ngx"
version: "-1.17.8-1.el{{ ansible_distribution_major_version }}.ngx"
when: ansible_os_family == "RedHat"
roles:
- role: ansible-role-nginx

19
molecule/common/playbook_source.yml Normal file
View File

@ -0,0 +1,19 @@
---
- name: Converge
hosts: all
roles:
- role: ansible-role-nginx
vars:
nginx_debug_output: true
nginx_install_from: source
nginx_branch: mainline
nginx_install_source_build_tools: true
nginx_install_source_pcre: false
nginx_install_source_openssl: true
nginx_install_source_zlib: false
nginx_main_upload_enable: true
nginx_main_upload_src: files/nginx.conf
nginx_http_upload_enable: true
nginx_http_upload_src: files/http/*.conf

2
molecule/common/playbook_stable_push.yml
View File

@ -4,6 +4,8 @@
roles:
- role: ansible-role-nginx
vars:
nginx_debug_output: true
nginx_branch: stable
nginx_main_upload_enable: true
nginx_main_upload_src: files/nginx.conf

3
molecule/common/test_module/test_default.py
View File

@ -2,7 +2,8 @@ import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') # noqa E501
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
def test_nginx_is_installed(host):

25
molecule/common/test_source/test_default.py Normal file
View File

@ -0,0 +1,25 @@
import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
def test_nginx_running_and_enabled(host):
ngx = host.service("nginx")
assert ngx.is_running
assert ngx.is_enabled
def test_hosts_file(host):
ngx = host.file('/etc/hosts')
assert ngx.exists
assert ngx.user == 'root'
assert ngx.group == 'root'
def test_endpoint(host):
command = """curl -I http://localhost/"""
cmd = host.run(command)
assert '200 OK' in cmd.stdout

3
molecule/common/test_stable_push/test_default.py
View File

@ -3,7 +3,8 @@ import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') # noqa E501
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
def test_nginx_is_installed(host):

3
molecule/common/test_template/test_default.py
View File

@ -3,7 +3,8 @@ import os
import testinfra.utils.ansible_runner
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') # noqa E501
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
def test_nginx_is_installed(host):

27
molecule/default/molecule.yml
View File

@ -1,29 +1,44 @@
---
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: debian-stretch
image: debian:stretch-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: debian-buster
image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-xenial
image: ubuntu:xenial
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-bionic
image: ubuntu:bionic
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_default.yml
lint:
name: ansible-lint
verifier:
name: testinfra
directory: ../common/test_default
lint:
name: flake8

24
molecule/default_alpine/molecule.yml
View File

@ -1,27 +1,37 @@
---
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: alpine-3.8
image: alpine:3.8
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.9
image: alpine:3.9
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.10
image: alpine:3.10
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.11
image: alpine:3.11
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
@ -29,10 +39,6 @@ provisioner:
name: ansible
playbooks:
converge: ../common/playbook_default.yml
lint:
name: ansible-lint
verifier:
name: testinfra
directory: ../common/test_default
lint:
name: flake8

15
molecule/default_centos/molecule.yml
View File

@ -1,8 +1,11 @@
---
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: centos-6
image: centos:6
@ -10,14 +13,14 @@ platforms:
- name: centos-7
image: centos:7
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: centos-8
image: centos:8
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
@ -25,10 +28,6 @@ provisioner:
name: ansible
playbooks:
converge: ../common/playbook_default.yml
lint:
name: ansible-lint
verifier:
name: testinfra
directory: ../common/test_default
lint:
name: flake8

27
molecule/module/molecule.yml
View File

@ -1,29 +1,44 @@
---
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: debian-stretch
image: debian:stretch-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: debian-buster
image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-xenial
image: ubuntu:xenial
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-bionic
image: ubuntu:bionic
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_module.yml
lint:
name: ansible-lint
verifier:
name: testinfra
directory: ../common/test_module
lint:
name: flake8

24
molecule/module_alpine/molecule.yml
View File

@ -1,27 +1,37 @@
---
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: alpine-3.8
image: alpine:3.8
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.9
image: alpine:3.9
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.10
image: alpine:3.10
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.11
image: alpine:3.11
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
@ -29,10 +39,6 @@ provisioner:
name: ansible
playbooks:
converge: ../common/playbook_module.yml
lint:
name: ansible-lint
verifier:
name: testinfra
directory: ../common/test_module
lint:
name: flake8

15
molecule/module_centos/molecule.yml
View File

@ -1,8 +1,11 @@
---
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: centos-6
image: centos:6
@ -10,14 +13,14 @@ platforms:
- name: centos-7
image: centos:7
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: centos-8
image: centos:8
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
@ -25,10 +28,6 @@ provisioner:
name: ansible
playbooks:
converge: ../common/playbook_module.yml
lint:
name: ansible-lint
verifier:
name: testinfra
directory: ../common/test_module
lint:
name: flake8

44
molecule/source/molecule.yml Normal file
View File

@ -0,0 +1,44 @@
---
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: debian-stretch
image: debian:stretch-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: debian-buster
image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-xenial
image: ubuntu:xenial
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-bionic
image: ubuntu:bionic
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_source.yml
verifier:
name: testinfra
directory: ../common/test_source

44
molecule/source_alpine/molecule.yml Normal file
View File

@ -0,0 +1,44 @@
---
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: alpine-3.8
image: alpine:3.8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.9
image: alpine:3.9
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.10
image: python:alpine3.10
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.11
image: python:alpine3.11
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_source.yml
verifier:
name: testinfra
directory: ../common/test_source

30
molecule/source_centos/molecule.yml Normal file
View File

@ -0,0 +1,30 @@
---
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: centos-7
image: centos:7
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: centos-8
image: centos:8
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_source.yml
verifier:
name: testinfra
directory: ../common/test_source

27
molecule/stable_push/molecule.yml
View File

@ -4,29 +4,44 @@ dependency:
command: pip install python-nginx
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: debian-stretch
image: debian:stretch-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: debian-buster
image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-xenial
image: ubuntu:xenial
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-bionic
image: ubuntu:bionic
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_stable_push.yml
lint:
name: ansible-lint
verifier:
name: testinfra
directory: ../common/test_stable_push
lint:
name: flake8

24
molecule/stable_push_alpine/molecule.yml
View File

@ -4,27 +4,37 @@ dependency:
command: pip install python-nginx
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: alpine-3.8
image: alpine:3.8
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.9
image: alpine:3.9
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.10
image: alpine:3.10
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.11
image: alpine:3.11
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
@ -32,10 +42,6 @@ provisioner:
name: ansible
playbooks:
converge: ../common/playbook_stable_push.yml
lint:
name: ansible-lint
verifier:
name: testinfra
directory: ../common/test_stable_push
lint:
name: flake8

15
molecule/stable_push_centos/molecule.yml
View File

@ -4,8 +4,11 @@ dependency:
command: pip install python-nginx
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: centos-6
image: centos:6
@ -13,14 +16,14 @@ platforms:
- name: centos-7
image: centos:7
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: centos-8
image: centos:8
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
@ -28,10 +31,6 @@ provisioner:
name: ansible
playbooks:
converge: ../common/playbook_stable_push.yml
lint:
name: ansible-lint
verifier:
name: testinfra
directory: ../common/test_stable_push
lint:
name: flake8

27
molecule/template/molecule.yml
View File

@ -4,29 +4,44 @@ dependency:
command: pip install python-nginx
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: debian-stretch
image: debian:stretch-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: debian-buster
image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-xenial
image: ubuntu:xenial
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-bionic
image: ubuntu:bionic
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_template.yml
lint:
name: ansible-lint
verifier:
name: testinfra
directory: ../common/test_template
lint:
name: flake8

24
molecule/template_alpine/molecule.yml
View File

@ -4,27 +4,37 @@ dependency:
command: pip install python-nginx
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: alpine-3.8
image: alpine:3.8
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.9
image: alpine:3.9
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.10
image: alpine:3.10
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.11
image: alpine:3.11
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
@ -32,10 +42,6 @@ provisioner:
name: ansible
playbooks:
converge: ../common/playbook_template.yml
lint:
name: ansible-lint
verifier:
name: testinfra
directory: ../common/test_template
lint:
name: flake8

15
molecule/template_centos/molecule.yml
View File

@ -4,8 +4,11 @@ dependency:
command: pip install python-nginx
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: centos-6
image: centos:6
@ -13,14 +16,14 @@ platforms:
- name: centos-7
image: centos:7
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: centos-8
image: centos:8
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
@ -28,10 +31,6 @@ provisioner:
name: ansible
playbooks:
converge: ../common/playbook_template.yml
lint:
name: ansible-lint
verifier:
name: testinfra
directory: ../common/test_template
lint:
name: flake8

25
molecule/unit/molecule.yml
View File

@ -1,24 +1,41 @@
---
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: debian-stretch
image: debian:stretch-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: debian-buster
image: debian:buster-slim
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-xenial
image: ubuntu:xenial
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: ubuntu-bionic
image: ubuntu:bionic
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
provisioner:
name: ansible
playbooks:
converge: ../common/playbook_unit.yml
lint:
name: ansible-lint

22
molecule/unit_alpine/molecule.yml
View File

@ -1,27 +1,37 @@
---
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: alpine-3.8
image: alpine:3.8
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.9
image: alpine:3.9
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.10
image: alpine:3.10
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
- name: alpine-3.11
image: alpine:3.11
dockerfile: ../common/Dockerfile.j2
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/sbin/init"
@ -29,5 +39,3 @@ provisioner:
name: ansible
playbooks:
converge: ../common/playbook_unit.yml
lint:
name: ansible-lint

13
molecule/unit_centos/molecule.yml
View File

@ -1,8 +1,11 @@
---
driver:
name: docker
lint:
name: yamllint
lint: |
set -e
yamllint .
ansible-lint
flake8
platforms:
- name: centos-6
image: centos:6
@ -10,14 +13,14 @@ platforms:
- name: centos-7
image: centos:7
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
- name: centos-8
image: centos:8
dockerfile: ../common/Dockerfile.j2
privileged: True
privileged: true
volumes:
- "/sys/fs/cgroup:/sys/fs/cgroup:rw"
command: "/usr/sbin/init"
@ -25,5 +28,3 @@ provisioner:
name: ansible
playbooks:
converge: ../common/playbook_unit.yml
lint:
name: ansible-lint

4
tasks/opensource/install-oss-linux.yml
View File

@ -16,6 +16,10 @@
when: nginx_install_from == "nginx_repository"
- name: "(Install: Linux) Install NGINX from source"
import_tasks: setup-source.yml
when: nginx_install_from == "source"
- name: "(Install: Linux) Install NGINX package"
package:
name: "nginx{{ nginx_version | default('') }}"

437
tasks/opensource/setup-source.yml Normal file
View File

@ -0,0 +1,437 @@
---
- name: "(Install: Linux) Check for build tools"
when: nginx_install_source_build_tools
block:
- name: "(Install: Linux) Install Python - Centos/RHEL"
package:
name:
- python3
- python3-pip
- python3-devel
state: present
when: ansible_os_family == "RedHat"
- name: "(Install: Linux) Set Python3 default - Centos/RHEL"
alternatives:
name: python
path: /usr/bin/python3
link: /usr/bin/python
when: ansible_os_family == "RedHat" and ansible_distribution_major_version == "8"
- name: "(Install: Linux) Install Build Tools - Centos/RHEL"
package:
name:
- "@Development tools"
- gcc
- glibc
- glibc-common
- gd
- gd-devel
- perl-core
- wget
- ca-certificates
- zlib-devel
state: present
when: ansible_os_family == "RedHat"
- name: "(Install: Linux) Install backports repo for Buster"
apt_repository:
repo: deb http://ftp.us.debian.org/debian buster-backports main
when: ansible_distribution_release == "buster"
- name: "(Install: Linux) Install Build Tools - Debian/Ubuntu"
package:
name:
- python-minimal
- build-essential
- perl
- tar
- checkinstall
- zlib1g-dev
- libtemplate-perl
state: present
when: ansible_os_family == "Debian"
- name: "(Install: Linux) Install Build Tools - Alpine"
package:
name:
- python
- alpine-sdk
- build-base
- git
- wget
- perl
- linux-headers
- tar
- openrc
state: present
when: ansible_os_family == "Alpine"
- name: "(Install: Linux) Enable openrc - Alpine"
copy:
content: ""
dest: /run/openrc/softlevel
force: no
owner: root
mode: 0644
when: ansible_os_family == "Alpine"
- name: "(Install: Linux) Check for Source Installs"
block:
- name: "(Install: Linux) Check for PCRE Install"
stat:
path: /tmp/{{ pcre_version }}
register: pcre_result
- name: "(Install: Linux) Check for zlib Install"
stat:
path: /tmp/{{ zlib_version }}
register: zlib_result
- name: "(Install: Linux) Check for openssl Install"
stat:
path: /tmp/{{ openssl_version }}
register: openssl_result
- name: "(Install: Linux) Install PCRE Dependency: Package: Centos/RHEL"
when: nginx_install_source_pcre and ansible_os_family == "RedHat"
package:
name: pcre-devel
state: present
- name: "(Install: Linux) Install PCRE Dependency: Package: Debian/Ubuntu"
when: nginx_install_source_pcre and ansible_os_family == "Debian"
package:
name: libpcre3dev
state: present
- name: "(Install: Linux) Install PCRE Dependency: Package: Alpine"
when: nginx_install_source_pcre and ansible_os_family == "Alpine"
package:
name: pcre-dev
state: present
- name: "(Install: Linux) Install PCRE Dependency: Source"
when: not pcre_result.stat.exists and not nginx_install_source_pcre
block:
- name: "(Install: Linux) Install PCRE Dependency: Download"
get_url:
url: "http://ftp.pcre.org/pub/pcre/{{ pcre_version }}.tar.gz"
dest: "/tmp/{{ pcre_version }}.tar.gz"
register: pcre_source
- name: "(Install: Linux) Install PCRE Dependency: Unpack"
unarchive:
copy: no
dest: /tmp/
src: "{{ pcre_source.dest }}"
register: pcre_source_unpack
- name: "(Install: Linux) Install PCRE Dependency: Configure"
command: "./configure"
args:
chdir: "/tmp/{{ pcre_version }}"
register: pcre_configure
- name: "(Install: Linux) Install PCRE Dependency: Install"
make:
chdir: "/tmp/{{ pcre_version }}"
- name: "(Install: Linux) Install PCRE Dependency: Install"
make:
chdir: "/tmp/{{ pcre_version }}"
target: install
- name: "(Install: Linux) Install zlib Dependency: Package: Centos/RHEL"
when: nginx_install_source_zlib and ansible_os_family == "RedHat"
package:
name: zlib-devel
state: present
- name: "(Install: Linux) Install zlib Dependency: Package: Debian/Ubuntu"
when: nginx_install_source_zlib and ansible_os_family == "Debian"
package:
name: zlib1g-dev
state: present
- name: "(Install: Linux) Install zlib Dependency: Package: Alpine"
when: nginx_install_source_zlib and ansible_os_family == "Alpine"
package:
name: zlib-dev
state: present
- name: "(Install: Linux) Install zlib Dependency: Source"
when: not zlib_result.stat.exists and not nginx_install_source_zlib
block:
- name: "(Install: Linux) Install zlib Dependency: Download"
get_url:
url: "http://zlib.net/{{ zlib_version }}.tar.gz"
dest: "/tmp/{{ zlib_version }}.tar.gz"
register: zlib_source
- name: "(Install: Linux) Install zlib Dependency: Unpack"
unarchive:
copy: no
dest: /tmp/
src: "{{ zlib_source.dest }}"
register: zlib_source_unpack
- name: "(Install: Linux) Install zlib Dependency: Configure"
command: "./configure"
args:
chdir: "/tmp/{{ zlib_version }}"
register: zlib_configure
- name: "(Install: Linux) Install zlib Dependency: Install"
make:
chdir: "/tmp/{{ zlib_version }}"
- name: "(Install: Linux) Install zlib Dependency: Install"
make:
chdir: "/tmp/{{ zlib_version }}"
target: install
- name: "(Install: Linux) Install OpenSSL Dependency: Package: Centos/RHEL"
when: nginx_install_source_openssl and ansible_os_family == "RedHat"
package:
name: openssl-devel
state: present
- name: "(Install: Linux) Install OpenSSL Dependency: Package: Debian/Ubuntu"
when: nginx_install_source_openssl and ansible_os_family == "Debian"
package:
name: libssl-dev
state: present
- name: "(Install: Linux) Install OpenSSL Dependency: Package: Alpine"
when: nginx_install_source_openssl and ansible_os_family == "Alpine"
package:
name: openssl-dev
state: present
- name: "(Install: Linux) Install OpenSSL Dependency: Source"
when: not openssl_result.stat.exists and not nginx_install_source_openssl
block:
- name: "(Install: Linux) Install OpenSSL Dependency: Download"
get_url:
url: "http://www.openssl.org/source/{{ openssl_version }}.tar.gz"
dest: "/tmp/{{ openssl_version }}.tar.gz"
register: openssl_source
- name: "(Install: Linux) Install OpenSSL Dependency: Unpack"
unarchive:
copy: no
dest: /tmp/
src: "{{ openssl_source.dest }}"
register: openssl_source_unpack
- name: "(Install: Linux) Install OpenSSL Dependency: Configure"
command: "./config --prefix=/usr"
args:
chdir: "/tmp/{{ openssl_version }}"
register: openssl_configure
- name: "(Install: Linux) Install OpenSSL Dependency: Make"
make:
chdir: "/tmp/{{ openssl_version }}"
- name: "(Install: Linux) Install OpenSSL Dependency: Install"
make:
chdir: "/tmp/{{ openssl_version }}"
target: install
- name: "(Install: Linux) Install NGINX: Get NGINX version"
block:
- name: "(Install: Linux) Install NGINX: Get NGINX mainline version"
shell:
args:
cmd: curl --stderr - https://trac.nginx.org/nginx/browser | grep release | head -1 | sed -e 's:.*<option value="[^"]*">release\([^<]*\)<.*:nginx\1:' # noqa 204 303
register: nginx_mainline_version
changed_when: false
when: nginx_branch == "mainline"
- name: "(Install: Linux) Install NGINX: Set NGINX mainline version"
set_fact:
nginx_version: "{{ nginx_mainline_version.stdout }}"
when: nginx_branch == "mainline"
- name: "(Install: Linux) Install NGINX: Get NGINX stable version 1/2"
shell:
args:
cmd: curl --stderr - https://trac.nginx.org/nginx/browser | grep stable | head -1 | sed -e 's:.*<option value="[^"]*">stable\([^<]*\)<.*:release\1:' # noqa 204 303
register: nginx_tmp_version
changed_when: false
when: nginx_branch == "stable"
- name: "(Install: Linux) Install NGINX: Get NGINX stable version 2/2"
shell:
args:
cmd: curl --stderr - https://trac.nginx.org/nginx/browser | grep {{ nginx_tmp_version.stdout }} | head -1 | sed -e 's:.*<option value="[^"]*">release\([^<]*\)<.*:nginx\1:' # noqa 204 303
register: nginx_stable_version
changed_when: false
when: nginx_branch == "stable"
- name: "(Install: Linux) Install NGINX: Set NGINX stable version"
set_fact:
nginx_version: "{{ nginx_stable_version.stdout }}"
when: nginx_branch == "stable"
- name: "(Install: Linux) Install NGINX: Set NGINX download filename"
set_fact:
nginx_download_name: "{{ nginx_version }}"
when: nginx_branch == "stable" or nginx_branch == "mainline"
- name: "(Install: Linux) Check for NGINX Install"
stat:
path: /usr/sbin/nginx
follow: true
register: nginx_result
- name: "(Install: Linux) Add NGINX User"
user:
name: nginx
- name: "(Install: Linux) Install NGINX"
when: not nginx_result.stat.exists
block:
- name: "(Install: Linux) Install NGINX: Download"
get_url:
url: "http://nginx.org/download/{{ nginx_download_name }}.tar.gz"
dest: "/tmp/{{ nginx_download_name }}.tar.gz"
register: nginx_source
- name: "(Install: Linux) Install NGINX: Unpack"
unarchive:
copy: no
dest: /tmp/
src: "{{ nginx_source.dest }}"
register: nginx_source_unpack
- name: "(Install: Linux) Install NGINX: Configure"
command: >-
./configure
--prefix=/usr
--pid-path=/var/run/nginx.pid
--conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-log-path=/var/log/nginx/access.log
--lock-path=/var/lock/nginx.lock
--modules-path=/usr/lib/nginx/modules
--with-http_ssl_module
--with-stream
--with-mail=dynamic
{{ nginx_install_source_pcre | ternary('', '--with-pcre=../' + pcre_version) }}
{{ nginx_install_source_zlib | ternary('', '--with-zlib=../' + zlib_version) }}
{{ nginx_install_source_openssl | ternary('', '--with-openssl=../' + openssl_version) }}
args:
chdir: "/tmp/{{ nginx_version }}"
register: nginx_configure
- name: "(Install: Linux) Install NGINX: Make"
make:
chdir: "/tmp/{{ nginx_version }}"
- name: "(Install: Linux) Install NGINX: Install"
make:
chdir: "/tmp/{{ nginx_version }}"
target: install
- name: "(Install: Linux) Install NGINX: Create html directory"
file:
path: /usr/share/nginx/html
state: directory
- name: "(Install: Linux) Install NGINX: Copy index.html"
copy:
src: www/index.html
owner: root
group: root
mode: '0644'
dest: /usr/share/nginx/html/index.html
- name: "(Install: Linux) Upload systemd NGINX service file"
copy:
src: services/nginx.systemd
dest: /lib/systemd/system/nginx.service
owner: root
group: root
mode: '0644'
when: ansible_service_mgr == "systemd"
- name: "(Install: Linux) Enable systemd NGINX service file"
systemd:
daemon_reload: yes
name: nginx
state: restarted
enabled: yes
notify: "(Handler: All OSs) Start NGINX"
when: ansible_service_mgr == "systemd"
- name: "(Install: Linux) Upload upstart NGINX service file"
copy:
src: services/nginx.upstart
dest: /etc/init.d/nginx
owner: root
group: root
mode: '0755'
when: ansible_service_mgr == "upstart"
- name: "(Install: Linux) Upload upstart NGINX service conf file"
copy:
src: services/nginx.conf.upstart
dest: /etc/init/nginx.conf
owner: root
group: root
mode: '0644'
when: ansible_service_mgr == "upstart"
- name: "(Install: Linux) Enable upstart NGINX service reload"
command: "initctl reload-configuration"
when: ansible_service_mgr == "upstart"
- name: "(Install: Linux) Start upstart NGINX service reload"
command: "nginx"
notify: "(Handler: All OSs) Start NGINX"
when: ansible_service_mgr == "upstart"
- name: "(Install: Linux) Upload sysvinit NGINX service file"
copy:
src: services/nginx.sysvinit
dest: /etc/init.d/nginx
owner: root
group: root
mode: '0755'
notify: "(Handler: All OSs) Start NGINX"
when: ansible_service_mgr == "sysvinit"
- name: "(Install: Linux) Upload openrc NGINX service file"
copy:
src: services/nginx.openrc
dest: /etc/init.d/nginx
owner: root
group: root
mode: '0755'
when: ansible_service_mgr == "openrc"
- name: "(Install: Linux) Enable openrc NGINX service"
command: rc-update add nginx default
notify: "(Handler: All OSs) Start NGINX"
when: ansible_service_mgr == "openrc"
- name: "(Install: Linux) Install NGINX: Cleanup Downloads"
file:
path: "{{ item }}"
state: absent
loop:
- "{{ pcre_source.dest }}"
- "{{ zlib_source.dest }}"
- "{{ openssl_source.dest }}"
- "{{ nginx_source.dest }}"
when: item is defined

1
tasks/prerequisites/setup-debian.yml
View File

@ -4,3 +4,4 @@
name:
- apt-transport-https
- dirmngr
- python-apt