Remove extra quotes (#326)
This commit is contained in:
parent
1291eca783
commit
2ca5ce87b5
36
.travis.yml
36
.travis.yml
@ -6,58 +6,58 @@ branches:
|
||||
- main
|
||||
jobs:
|
||||
include:
|
||||
- name: "(Debian/Ubuntu) Install Specific Version"
|
||||
- name: (Debian/Ubuntu) Install specific version
|
||||
env:
|
||||
scenario: default
|
||||
- name: "(Alpine Linux) Install Specific Version"
|
||||
- name: (Alpine Linux) Install specific version
|
||||
env:
|
||||
scenario: default_alpine
|
||||
- name: "(CentOS) Install Specific Version"
|
||||
- name: (CentOS) Install specific version
|
||||
env:
|
||||
scenario: default_centos
|
||||
- name: "(Debian/Ubuntu) Install Modules"
|
||||
- name: (Debian/Ubuntu) Cleanup config and try to install modules
|
||||
env:
|
||||
scenario: module
|
||||
- name: "(Alpine Linux) Install Modules"
|
||||
- name: (Alpine Linux) Cleanup config and try to install modules
|
||||
env:
|
||||
scenario: module_alpine
|
||||
- name: "(CentOS) Install Modules"
|
||||
- name: (CentOS) Cleanup config and try to install modules
|
||||
env:
|
||||
scenario: module_centos
|
||||
- name: "(Debian/Ubuntu) Install Stable Branch and Push Configuration"
|
||||
- name: (Debian/Ubuntu) Install stable branch and push a config
|
||||
env:
|
||||
scenario: stable_push
|
||||
- name: "(Alpine Linux) Install Stable Branch and Push Configuration"
|
||||
- name: (Alpine Linux) Install stable branch and push a config
|
||||
env:
|
||||
scenario: stable_push_alpine
|
||||
- name: "(CentOS) Install Stable Branch and Push Configuration"
|
||||
- name: (CentOS) Install stable branch and push a config
|
||||
env:
|
||||
scenario: stable_push_centos
|
||||
- name: "(Debian/Ubuntu) Use Template Setting"
|
||||
- name: (Debian/Ubuntu) Test config templates
|
||||
env:
|
||||
scenario: template
|
||||
- name: "(Alpine Linux) Use Template Setting"
|
||||
- name: (Alpine Linux) Test config templates
|
||||
env:
|
||||
scenario: template_alpine
|
||||
- name: "(CentOS) Use Template Setting"
|
||||
- name: (CentOS) Test config templates
|
||||
env:
|
||||
scenario: template_centos
|
||||
- name: "(Debian/Ubuntu) Install NGINX Unit"
|
||||
- name: (Debian/Ubuntu) Install NGINX Unit
|
||||
env:
|
||||
scenario: unit
|
||||
- name: "(Alpine Linux) Install NGINX Unit"
|
||||
- name: (Alpine Linux) Install NGINX Unit
|
||||
env:
|
||||
scenario: unit_alpine
|
||||
- name: "(CentOS) Install NGINX Unit"
|
||||
- name: (CentOS) Install NGINX Unit
|
||||
env:
|
||||
scenario: unit_centos
|
||||
- name: "(Debian/Ubuntu) Install from Source"
|
||||
- name: (Debian/Ubuntu) Build from source
|
||||
env:
|
||||
scenario: source
|
||||
- name: "(Alpine Linux) Install from Source"
|
||||
- name: (Alpine Linux) Build from source
|
||||
env:
|
||||
scenario: source_alpine
|
||||
- name: "(CentOS) Install from Source"
|
||||
- name: (CentOS) Build from source
|
||||
env:
|
||||
scenario: source_centos
|
||||
before_install:
|
||||
|
@ -1,22 +1,22 @@
|
||||
---
|
||||
- name: "(Handler) Check NGINX"
|
||||
command: "nginx -t"
|
||||
- name: (Handler) Check NGINX
|
||||
command: nginx -t
|
||||
register: config
|
||||
ignore_errors: yes
|
||||
listen: "(Handler) Run NGINX"
|
||||
listen: (Handler) Run NGINX
|
||||
|
||||
- name: "(Handler) Print NGINX error if syntax check fails"
|
||||
- name: (Handler) Print NGINX error if syntax check fails
|
||||
debug:
|
||||
var: config.stderr_lines
|
||||
failed_when: config.rc != 0
|
||||
when: config.rc != 0
|
||||
listen: "(Handler) Run NGINX"
|
||||
listen: (Handler) Run NGINX
|
||||
|
||||
- name: "(Handler) Systemd daemon-reload"
|
||||
- name: (Handler) Systemd daemon-reload
|
||||
systemd:
|
||||
daemon_reload: yes
|
||||
|
||||
- name: "(Handler) Start/Reload NGINX"
|
||||
- name: (Handler) Start/Reload NGINX
|
||||
service:
|
||||
name: nginx
|
||||
state: reloaded
|
||||
@ -26,22 +26,22 @@
|
||||
- not ansible_check_mode | bool
|
||||
listen: "(Handler) Run NGINX"
|
||||
|
||||
- name: "(Handler) Start NGINX Amplify agent"
|
||||
- name: (Handler) Start NGINX Amplify agent
|
||||
service:
|
||||
name: amplify-agent
|
||||
state: started
|
||||
|
||||
- name: "(DEPRECATED Handler: Debian/Ubuntu/CentOS/RedHat) Start NGINX Unit"
|
||||
- name: (DEPRECATED Handler - Debian/Ubuntu/CentOS/RedHat) Start NGINX Unit
|
||||
service:
|
||||
name: unit
|
||||
state: started
|
||||
enabled: yes
|
||||
|
||||
- name: "(DEPRECATED Handler: FreeBSD) Start NGINX Unit"
|
||||
- name: (DEPRECATED Handler - FreeBSD) Start NGINX Unit
|
||||
service:
|
||||
name: unitd
|
||||
state: started
|
||||
enabled: yes
|
||||
|
||||
- name: "(Handler) Run logrotate"
|
||||
- name: (Handler) Run logrotate
|
||||
command: logrotate -f /etc/logrotate.d/nginx
|
||||
|
@ -36,7 +36,7 @@
|
||||
nginx_logrotate_conf_enable: true
|
||||
nginx_logrotate_conf:
|
||||
paths:
|
||||
- "/var/log/nginx/*.log"
|
||||
- /var/log/nginx/*.log
|
||||
options:
|
||||
- daily
|
||||
- missingok
|
||||
|
@ -1,23 +1,23 @@
|
||||
---
|
||||
- name: "Configure NGINX Amplify agent repository"
|
||||
- name: Configure NGINX Amplify agent repository
|
||||
include_tasks: "{{ role_path }}/tasks/amplify/setup-{{ ansible_facts['os_family'] | lower }}.yml"
|
||||
when: ansible_facts['os_family'] in ['Debian', 'RedHat']
|
||||
|
||||
- name: "Install NGINX Amplify agent"
|
||||
- name: Install NGINX Amplify agent
|
||||
package:
|
||||
name: nginx-amplify-agent
|
||||
state: present
|
||||
|
||||
- name: "Copy NGINX configurator agent configuration template"
|
||||
- name: Copy NGINX configurator agent configuration template
|
||||
copy:
|
||||
remote_src: yes
|
||||
src: /etc/amplify-agent/agent.conf.default
|
||||
dest: /etc/amplify-agent/agent.conf
|
||||
mode: 0644
|
||||
|
||||
- name: "Configure NGINX Amplify agent API key"
|
||||
- name: Configure NGINX Amplify agent API key
|
||||
lineinfile:
|
||||
dest: /etc/amplify-agent/agent.conf
|
||||
regexp: api_key =.*
|
||||
line: "api_key = {{ nginx_amplify_api_key }}"
|
||||
notify: "(Handler) Start NGINX Amplify agent"
|
||||
notify: (Handler) Start NGINX Amplify agent
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- name: "(Debian/Ubuntu) Add NGINX Amplify agent repository"
|
||||
- name: (Debian/Ubuntu) Add NGINX Amplify agent repository
|
||||
apt_repository:
|
||||
filename: nginx-amplify
|
||||
repo: "deb [arch=amd64] https://packages.amplify.nginx.com/{{ ansible_facts['distribution'] | lower }}/
|
||||
@ -8,7 +8,7 @@
|
||||
mode: 0644
|
||||
when: ansible_facts['distribution_release'] != "focal"
|
||||
|
||||
- name: "(Ubuntu 20.04) Add NGINX Amplify agent repository"
|
||||
- name: (Ubuntu 20.04) Add NGINX Amplify agent repository
|
||||
apt_repository:
|
||||
filename: nginx-amplify
|
||||
repo: deb [arch=amd64] https://packages.amplify.nginx.com/py3/ubuntu focal amplify-agent
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- name: "(Amazon Linux/CentOS/RHEL) Add NGINX Amplify agent repository"
|
||||
- name: (Amazon Linux/CentOS/RHEL) Add NGINX Amplify agent repository
|
||||
yum_repository:
|
||||
name: nginx-amplify
|
||||
baseurl: http://packages.amplify.nginx.com/{{ (ansible_facts['distribution'] == "Amazon") | ternary('amzn/', 'centos/') }}/$releasever/$basearch/
|
||||
|
@ -1,10 +1,10 @@
|
||||
## DEPRECATED -- Use nginxinc.nginx_config role instead (https://github.com/nginxinc/ansible-role-nginx-config)
|
||||
---
|
||||
- name: "Deprecation warning"
|
||||
- name: Deprecation warning
|
||||
debug:
|
||||
msg: "DEPRECATED TASKS -- Use nginxinc.nginx_config role instead (https://github.com/nginxinc/ansible-role-nginx-config)"
|
||||
msg: DEPRECATED TASKS -- Use nginxinc.nginx_config role instead (https://github.com/nginxinc/ansible-role-nginx-config)
|
||||
|
||||
- name: "(DEPRECATED) Find NGINX Configuration Files"
|
||||
- name: (DEPRECATED) Find NGINX Configuration Files
|
||||
find:
|
||||
paths: "{{ item.directory }}"
|
||||
patterns: "*.conf"
|
||||
@ -13,7 +13,7 @@
|
||||
when: nginx_cleanup_config_paths is defined
|
||||
register: nginx_config_files
|
||||
|
||||
- name: "(DEPRECATED) Remove NGINX Configuration Files"
|
||||
- name: (DEPRECATED) Remove NGINX Configuration Files
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: absent
|
||||
|
@ -1,9 +1,9 @@
|
||||
---
|
||||
- name: "Register NGINX configuration"
|
||||
command: "nginx -T"
|
||||
- name: Register NGINX config
|
||||
command: nginx -T
|
||||
changed_when: false
|
||||
register: config
|
||||
|
||||
- name: "Print NGINX config"
|
||||
- name: Print NGINX config
|
||||
debug:
|
||||
var: config.stdout_lines
|
||||
|
@ -1,11 +1,11 @@
|
||||
---
|
||||
- name: "Create override directory for NGINX systemd service"
|
||||
- name: Create override directory for NGINX systemd service
|
||||
file:
|
||||
path: "{{ nginx_service_overridepath }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
||||
- name: "Create override for NGINX systemd service"
|
||||
- name: Create override for NGINX systemd service
|
||||
template:
|
||||
src: "{{ role_path }}/templates/services/nginx.service.override.conf.j2"
|
||||
dest: "{{ nginx_service_overridepath }}/{{ nginx_service_overridefilename }}"
|
||||
@ -15,9 +15,9 @@
|
||||
when:
|
||||
- not nginx_service_custom | bool
|
||||
- not nginx_service_clean | bool
|
||||
notify: "(Handler) Systemd daemon-reload"
|
||||
notify: (Handler) Systemd daemon-reload
|
||||
|
||||
- name: "Customize override for NGINX systemd service"
|
||||
- name: Customize override for NGINX systemd service
|
||||
copy:
|
||||
src: "{{ nginx_service_custom_file }}"
|
||||
dest: "{{ nginx_service_overridepath }}/{{ nginx_service_overridefilename }}"
|
||||
@ -27,11 +27,11 @@
|
||||
when:
|
||||
- nginx_service_custom | bool
|
||||
- not nginx_service_clean | bool
|
||||
notify: "(Handler) Systemd daemon-reload"
|
||||
notify: (Handler) Systemd daemon-reload
|
||||
|
||||
- name: "Remove override for NGINX systemd service"
|
||||
- name: Remove override for NGINX systemd service
|
||||
file:
|
||||
path: "{{ nginx_service_overridepath }}"
|
||||
state: absent
|
||||
when: nginx_service_clean | bool
|
||||
notify: "(Handler) Systemd daemon-reload"
|
||||
notify: (Handler) Systemd daemon-reload
|
||||
|
@ -1,36 +1,36 @@
|
||||
---
|
||||
- name: "(Alpine Linux) Install logrotate"
|
||||
- name: (Alpine Linux) Install logrotate
|
||||
apk:
|
||||
name: logrotate
|
||||
when: ansible_facts['os_family'] == "Alpine"
|
||||
|
||||
- name: "(Debian/Ubuntu) Install logrotate"
|
||||
- name: (Debian/Ubuntu) Install logrotate
|
||||
apt:
|
||||
name: logrotate
|
||||
state: present
|
||||
when: ansible_facts['os_family'] == "Debian"
|
||||
|
||||
- name: "(Amazon Linux/CentOS/Oracle Linux/RHEL) Install logrotate"
|
||||
- name: (Amazon Linux/CentOS/Oracle Linux/RHEL) Install logrotate
|
||||
yum:
|
||||
name: logrotate
|
||||
state: present
|
||||
when: ansible_facts['os_family'] == "RedHat"
|
||||
|
||||
- name: "(SLES) Set up logrotate"
|
||||
- name: (SLES) Set up logrotate
|
||||
block:
|
||||
- name: "(SLES) Configure logrotate repository"
|
||||
- name: (SLES) Configure logrotate repository
|
||||
zypper_repository:
|
||||
repo: https://download.opensuse.org/repositories/openSUSE:Leap:42.1/standard/openSUSE:Leap:42.1.repo
|
||||
|
||||
- name: "(SLES) Install Logrotate"
|
||||
- name: (SLES) Install Logrotate
|
||||
zypper:
|
||||
name: logrotate
|
||||
state: present
|
||||
when: ansible_facts['os_family'] == "Suse"
|
||||
|
||||
- name: "Create logrotate config"
|
||||
- name: Create logrotate config
|
||||
template:
|
||||
src: "logrotate/nginx.j2"
|
||||
dest: "/etc/logrotate.d/nginx"
|
||||
src: logrotate/nginx.j2
|
||||
dest: /etc/logrotate.d/nginx
|
||||
mode: 0644
|
||||
notify: "(Handler) Run logrotate"
|
||||
notify: (Handler) Run logrotate
|
||||
|
@ -1,10 +1,10 @@
|
||||
## DEPRECATED -- Use nginxinc.nginx_config role instead (https://github.com/nginxinc/ansible-role-nginx-config)
|
||||
---
|
||||
- name: "Deprecation warning"
|
||||
- name: Deprecation warning
|
||||
debug:
|
||||
msg: "DEPRECATED TASKS -- Use nginxinc.nginx_config role instead (https://github.com/nginxinc/ansible-role-nginx-config)"
|
||||
msg: DEPRECATED TASKS -- Use nginxinc.nginx_config role instead (https://github.com/nginxinc/ansible-role-nginx-config)
|
||||
|
||||
- name: "(DEPRECATED) Ensure HTML Directory Exists"
|
||||
- name: (DEPRECATED) Ensure HTML Directory Exists
|
||||
file:
|
||||
path: "{{ item.value.html_file_location | default('/usr/share/nginx/html') }}"
|
||||
state: directory
|
||||
@ -12,7 +12,7 @@
|
||||
with_dict: "{{ nginx_html_demo_template }}"
|
||||
when: nginx_html_demo_template_enable | bool
|
||||
|
||||
- name: "(DEPRECATED) Dynamically Generate HTML Files"
|
||||
- name: (DEPRECATED) Dynamically Generate HTML Files
|
||||
template:
|
||||
src: "{{ item.value.template_file | default('www/index.html.j2') }}"
|
||||
dest: "{{ item.value.html_file_location | default('/usr/share/nginx/html') }}/{{ item.value.html_file_name | default('index.html') }}"
|
||||
@ -21,14 +21,14 @@
|
||||
with_dict: "{{ nginx_html_demo_template }}"
|
||||
when: nginx_html_demo_template_enable | bool
|
||||
|
||||
- name: "(DEPRECATED) Ensure NGINX Main Directory Exists"
|
||||
- name: (DEPRECATED) Ensure NGINX Main Directory Exists
|
||||
file:
|
||||
path: "{{ nginx_main_template.conf_file_location | default('/etc/nginx') }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
when: nginx_main_template_enable | bool
|
||||
|
||||
- name: "(DEPRECATED) Dynamically Generate NGINX Main Configuration File"
|
||||
- name: (DEPRECATED) Dynamically Generate NGINX Main Configuration File
|
||||
template:
|
||||
src: "{{ nginx_main_template.template_file | default('nginx.conf.j2') }}"
|
||||
dest: "{{ nginx_main_template.conf_file_location | default('/etc/nginx') }}/{{ nginx_main_template.conf_file_name | default('nginx.conf') }}"
|
||||
@ -37,7 +37,7 @@
|
||||
when: nginx_main_template_enable | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
|
||||
- name: "(DEPRECATED) Ensure NGINX HTTP Directory Exists"
|
||||
- name: (DEPRECATED) Ensure NGINX HTTP Directory Exists
|
||||
file:
|
||||
path: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/') }}"
|
||||
state: directory
|
||||
@ -45,7 +45,7 @@
|
||||
with_dict: "{{ nginx_http_template }}"
|
||||
when: nginx_http_template_enable | bool
|
||||
|
||||
- name: "(DEPRECATED) Ensure NGINX Proxy Cache Directories Exist"
|
||||
- name: (DEPRECATED) Ensure NGINX Proxy Cache Directories Exist
|
||||
file:
|
||||
path: "{{ item.1.path }}"
|
||||
state: directory
|
||||
@ -57,7 +57,7 @@
|
||||
- skip_missing: yes
|
||||
when: nginx_http_template_enable | bool
|
||||
|
||||
- name: "(DEPRECATED) Dynamically Generate NGINX HTTP Configuration Files"
|
||||
- name: (DEPRECATED) Dynamically Generate NGINX HTTP Configuration Files
|
||||
template:
|
||||
src: "{{ item.value.template_file | default('http/default.conf.j2') }}"
|
||||
dest: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/') }}/{{ item.value.conf_file_name | default('default.conf') }}"
|
||||
@ -65,27 +65,27 @@
|
||||
mode: 0644
|
||||
with_dict: "{{ nginx_http_template }}"
|
||||
when: nginx_http_template_enable | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
||||
- name: "(DEPRECATED) Dynamically Generate NGINX Stub Status Configuration File"
|
||||
- name: (DEPRECATED) Dynamically Generate NGINX Stub Status Configuration File
|
||||
template:
|
||||
src: "{{ nginx_status_template_file | default('http/status.conf.j2') }}"
|
||||
dest: "{{ nginx_status_file_location | default('/etc/nginx/conf.d/status.conf') }}"
|
||||
backup: yes
|
||||
mode: 0644
|
||||
when: nginx_status_enable | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
||||
- name: "(DEPRECATED) Dynamically Generate NGINX API Configuration File"
|
||||
- name: (DEPRECATED) Dynamically Generate NGINX API Configuration File
|
||||
template:
|
||||
src: "{{ nginx_rest_api_template_file | default('http/api.conf.j2') }}"
|
||||
dest: "{{ nginx_rest_api_file_location | default('/etc/nginx/conf.d/api.conf') }}"
|
||||
backup: yes
|
||||
mode: 0644
|
||||
when: nginx_rest_api_enable | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
||||
- name: "(DEPRECATED) Ensure NGINX Stream Directory Exists"
|
||||
- name: (DEPRECATED) Ensure NGINX Stream Directory Exists
|
||||
file:
|
||||
path: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/stream/') }}"
|
||||
state: directory
|
||||
@ -93,7 +93,7 @@
|
||||
with_dict: "{{ nginx_stream_template }}"
|
||||
when: nginx_stream_template_enable | bool
|
||||
|
||||
- name: "(DEPRECATED) Dynamically Generate NGINX Stream Configuration Files"
|
||||
- name: (DEPRECATED) Dynamically Generate NGINX Stream Configuration Files
|
||||
template:
|
||||
src: "{{ item.value.template_file | default('stream/default.conf.j2') }}"
|
||||
dest: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/stream/') }}/{{ item.value.conf_file_name | default('default.conf') }}"
|
||||
@ -101,4 +101,4 @@
|
||||
mode: 0644
|
||||
with_dict: "{{ nginx_stream_template }}"
|
||||
when: nginx_stream_template_enable | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
@ -1,17 +1,17 @@
|
||||
## DEPRECATED -- Use nginxinc.nginx_config role instead (https://github.com/nginxinc/ansible-role-nginx-config)
|
||||
---
|
||||
- name: "Deprecation warning"
|
||||
- name: Deprecation warning
|
||||
debug:
|
||||
msg: "DEPRECATED TASKS -- Use nginxinc.nginx_config role instead (https://github.com/nginxinc/ansible-role-nginx-config)"
|
||||
msg: DEPRECATED TASKS -- Use nginxinc.nginx_config role instead (https://github.com/nginxinc/ansible-role-nginx-config)
|
||||
|
||||
- name: "(DEPRECATED) Ensure NGINX HTML Directory Exists"
|
||||
- name: (DEPRECATED) Ensure NGINX HTML Directory Exists
|
||||
file:
|
||||
path: "{{ nginx_html_upload_dest | default('/usr/share/nginx/html') }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
when: nginx_html_upload_enable | bool
|
||||
|
||||
- name: "(DEPRECATED) Upload NGINX HTML Files"
|
||||
- name: (DEPRECATED) Upload NGINX HTML Files
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ nginx_html_upload_dest | default('/usr/share/nginx/html') }}"
|
||||
@ -19,16 +19,16 @@
|
||||
mode: 0644
|
||||
with_fileglob: "{{ nginx_html_upload_src }}"
|
||||
when: nginx_html_upload_enable | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
||||
- name: "(DEPRECATED) Ensure NGINX Main Directory Exists"
|
||||
- name: (DEPRECATED) Ensure NGINX Main Directory Exists
|
||||
file:
|
||||
path: "{{ nginx_main_upload_dest | default('/etc/nginx/') }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
when: nginx_main_upload_enable | bool
|
||||
|
||||
- name: "(DEPRECATED) Upload NGINX Main Configuration File"
|
||||
- name: (DEPRECATED) Upload NGINX Main Configuration File
|
||||
copy:
|
||||
src: "{{ nginx_main_upload_src | default('conf/nginx.conf') }}"
|
||||
dest: "{{ nginx_main_upload_dest | default('/etc/nginx/') }}"
|
||||
@ -44,7 +44,7 @@
|
||||
mode: 0755
|
||||
when: nginx_http_upload_enable | bool
|
||||
|
||||
- name: "(DEPRECATED) Upload NGINX HTTP Configuration Files"
|
||||
- name: (DEPRECATED) Upload NGINX HTTP Configuration Files
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ nginx_http_upload_dest | default('/etc/nginx/conf.d/') }}"
|
||||
@ -52,16 +52,16 @@
|
||||
mode: 0644
|
||||
with_fileglob: "{{ nginx_http_upload_src }}"
|
||||
when: nginx_http_upload_enable | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
||||
- name: "(DEPRECATED) Ensure NGINX Stream Directory Exists"
|
||||
- name: (DEPRECATED) Ensure NGINX Stream Directory Exists
|
||||
file:
|
||||
path: "{{ nginx_stream_upload_dest | default('/etc/nginx/conf.d/') }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
when: nginx_stream_upload_enable | bool
|
||||
|
||||
- name: "(DEPRECATED) Upload NGINX Stream Configuration Files"
|
||||
- name: (DEPRECATED) Upload NGINX Stream Configuration Files
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ nginx_stream_upload_dest | default('/etc/nginx/conf.d/') }}"
|
||||
@ -69,23 +69,23 @@
|
||||
mode: 0644
|
||||
with_fileglob: "{{ nginx_stream_upload_src }}"
|
||||
when: nginx_stream_upload_enable | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
||||
- name: "(DEPRECATED) Ensure SSL Certificate Directory Exists"
|
||||
- name: (DEPRECATED) Ensure SSL Certificate Directory Exists
|
||||
file:
|
||||
path: "{{ nginx_ssl_crt_upload_dest | default('/etc/ssl/certs/') }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
when: nginx_ssl_upload_enable | bool
|
||||
|
||||
- name: "(DEPRECATED) Ensure SSL Key Directory Exists"
|
||||
- name: (DEPRECATED) Ensure SSL Key Directory Exists
|
||||
file:
|
||||
path: "{{ nginx_ssl_key_upload_dest | default('/etc/ssl/private/') }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
when: nginx_ssl_upload_enable | bool
|
||||
|
||||
- name: "(DEPRECATED) Upload NGINX SSL Certificates"
|
||||
- name: (DEPRECATED) Upload NGINX SSL Certificates
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ nginx_ssl_crt_upload_dest | default('/etc/ssl/certs/') }}"
|
||||
@ -95,7 +95,7 @@
|
||||
with_fileglob: "{{ nginx_ssl_crt_upload_src }}"
|
||||
when: nginx_ssl_upload_enable | bool
|
||||
|
||||
- name: "(DEPRECATED) Upload NGINX SSL Keys"
|
||||
- name: (DEPRECATED) Upload NGINX SSL Keys
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ nginx_ssl_key_upload_dest | default('/etc/ssl/private/') }}"
|
||||
|
@ -1,29 +1,29 @@
|
||||
---
|
||||
- name: "(Alpine Linux) Set up signing key"
|
||||
- name: (Alpine Linux) Set up signing key
|
||||
block:
|
||||
- name: "(Alpine Linux) Set up NGINX signing key URL"
|
||||
- name: (Alpine Linux) Set up NGINX signing key URL
|
||||
set_fact:
|
||||
keysite: "{{ nginx_signing_key | default(nginx_default_signing_key['rsa_pub']) }}"
|
||||
|
||||
- name: "(Alpine Linux) Download NGINX signing key"
|
||||
- name: (Alpine Linux) Download NGINX signing key
|
||||
get_url:
|
||||
url: "{{ keysite }}"
|
||||
dest: /etc/apk/keys/nginx_signing.rsa.pub
|
||||
mode: 0400
|
||||
when: ansible_facts['os_family'] == "Alpine"
|
||||
|
||||
- name: "(Debian/Red Hat/SLES OSs) Set up NGINX signing key URL"
|
||||
- name: (Debian/Red Hat/SLES OSs) Set up NGINX signing key URL
|
||||
set_fact:
|
||||
keysite: "{{ nginx_signing_key | default(nginx_default_signing_key['pgp']) }}"
|
||||
when: ansible_facts['os_family'] != "Alpine"
|
||||
|
||||
- name: "(Debian/Ubuntu) Add NGINX signing key"
|
||||
- name: (Debian/Ubuntu) Add NGINX signing key
|
||||
apt_key:
|
||||
id: 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
|
||||
url: "{{ keysite }}"
|
||||
when: ansible_facts['os_family'] == "Debian"
|
||||
|
||||
- name: "(Amazon Linux/CentOS/Oracle Linux/RHEL/SLES) Add NGINX signing key"
|
||||
- name: (Amazon Linux/CentOS/Oracle Linux/RHEL/SLES) Add NGINX signing key
|
||||
rpm_key:
|
||||
fingerprint: 573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
|
||||
key: "{{ keysite }}"
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- name: "Check whether you are using a supported NGINX distribution"
|
||||
- name: Check whether you are using a supported NGINX distribution
|
||||
assert:
|
||||
that: (nginx_type == "opensource" and ansible_facts['distribution'] in nginx_distributions)
|
||||
or (nginx_type == "plus" and ansible_facts['distribution'] in nginx_plus_distributions)
|
||||
@ -10,52 +10,52 @@
|
||||
- (nginx_install_from == "nginx_repository" or nginx_type == "plus")
|
||||
tags: nginx_check_support
|
||||
|
||||
- name: "Set up prerequisites"
|
||||
- name: Set up prerequisites
|
||||
include_tasks: "{{ role_path }}/tasks/prerequisites/prerequisites.yml"
|
||||
tags: nginx_prerequisites
|
||||
|
||||
- name: "Set up signing keys"
|
||||
- name: Set up signing keys
|
||||
include_tasks: "{{ role_path }}/tasks/keys/setup-keys.yml"
|
||||
when: (nginx_install | bool and nginx_install_from == "nginx_repository")
|
||||
or nginx_amplify_enable | bool or nginx_unit_enable | bool
|
||||
tags: nginx_key
|
||||
|
||||
- name: "Install and Configure NGINX"
|
||||
- name: Install and Configure NGINX
|
||||
block:
|
||||
- name: "Install NGINX"
|
||||
- name: Install NGINX
|
||||
block:
|
||||
- name: "Install NGINX Open Source"
|
||||
- name: Install NGINX Open Source
|
||||
include_tasks: "{{ role_path }}/tasks/opensource/install-oss.yml"
|
||||
when: nginx_type == "opensource"
|
||||
tags: nginx_install_oss
|
||||
|
||||
- name: "Set up NGINX Plus license"
|
||||
- name: Set up NGINX Plus license
|
||||
include_tasks: "{{ role_path }}/tasks/plus/setup-license.yml"
|
||||
when:
|
||||
- nginx_type == "plus"
|
||||
- nginx_setup_license | bool
|
||||
tags: nginx_setup_license
|
||||
|
||||
- name: "Install NGINX Plus"
|
||||
- name: Install NGINX Plus
|
||||
include_tasks: "{{ role_path }}/tasks/plus/install-plus.yml"
|
||||
when: nginx_type == "plus"
|
||||
tags: nginx_install_plus
|
||||
|
||||
- name: "Install NGINX modules"
|
||||
- name: Install NGINX modules
|
||||
include_tasks: "{{ role_path }}/tasks/modules/install-modules.yml"
|
||||
when:
|
||||
- nginx_modules is defined
|
||||
- nginx_modules | length > 0
|
||||
tags: nginx_install_modules
|
||||
|
||||
- name: "Remove NGINX Plus license"
|
||||
- name: Remove NGINX Plus license
|
||||
include_tasks: "{{ role_path }}/tasks/plus/remove-license.yml"
|
||||
when:
|
||||
- nginx_type == "plus"
|
||||
- nginx_remove_license | bool
|
||||
tags: nginx_remove_license
|
||||
|
||||
- name: "Modify Service For Systemd"
|
||||
- name: Modify systemd parameters
|
||||
include_tasks: "{{ role_path }}/tasks/config/modify-systemd.yml"
|
||||
when:
|
||||
- ansible_facts['service_mgr'] == "systemd"
|
||||
@ -64,14 +64,14 @@
|
||||
when: nginx_install | bool
|
||||
tags: nginx_install
|
||||
|
||||
- name: "(DEPRECATED) Configure NGINX"
|
||||
- name: (DEPRECATED) Configure NGINX
|
||||
block:
|
||||
- name: "(DEPRECATED) Cleanup NGINX Config"
|
||||
- name: (DEPRECATED) Cleanup NGINX Config
|
||||
include_tasks: "{{ role_path }}/tasks/config/cleanup-config.yml"
|
||||
when: nginx_cleanup_config | bool
|
||||
tags: nginx_cleanup_config
|
||||
|
||||
- name: "(DEPRECATED) Upload NGINX Config"
|
||||
- name: (DEPRECATED) Upload NGINX Config
|
||||
include_tasks: "{{ role_path }}/tasks/config/upload-config.yml"
|
||||
when: nginx_main_upload_enable | bool
|
||||
or nginx_http_upload_enable | bool
|
||||
@ -80,7 +80,7 @@
|
||||
or nginx_ssl_upload_enable | bool
|
||||
tags: nginx_upload_config
|
||||
|
||||
- name: "(DEPRECATED) Create NGINX Config"
|
||||
- name: (DEPRECATED) Create NGINX Config
|
||||
include_tasks: "{{ role_path }}/tasks/config/template-config.yml"
|
||||
when: nginx_main_template_enable | bool
|
||||
or nginx_http_template_enable | bool
|
||||
@ -89,21 +89,21 @@
|
||||
tags: nginx_template_config
|
||||
when: nginx_configure | bool
|
||||
|
||||
- name: "Ensure NGINX is running"
|
||||
- name: Ensure NGINX is running
|
||||
meta: flush_handlers
|
||||
|
||||
- name: "Debug NGINX output"
|
||||
- name: Debug NGINX output
|
||||
include_tasks: "{{ role_path }}/tasks/config/debug-output.yml"
|
||||
when: nginx_debug_output | bool
|
||||
tags: nginx_debug_output
|
||||
|
||||
- name: "Configure logrotate for NGINX"
|
||||
- name: Configure logrotate for NGINX
|
||||
include_tasks: "{{ role_path }}/tasks/config/setup-logrotate.yml"
|
||||
when: nginx_logrotate_conf_enable | bool
|
||||
tags: nginx_logrotate_config
|
||||
when: nginx_enable | bool
|
||||
|
||||
- name: "Install NGINX Amplify"
|
||||
- name: Install NGINX Amplify
|
||||
include_tasks: "{{ role_path }}/tasks/amplify/install-amplify.yml"
|
||||
when:
|
||||
- nginx_amplify_enable | bool
|
||||
@ -111,7 +111,7 @@
|
||||
- nginx_amplify_api_key | length > 0
|
||||
tags: nginx_install_amplify
|
||||
|
||||
- name: "(DEPRECATED) Install NGINX Unit"
|
||||
- name: (DEPRECATED) Install NGINX Unit
|
||||
include_tasks: "{{ role_path }}/tasks/unit/install-unit.yml"
|
||||
when: nginx_unit_enable | bool
|
||||
tags: nginx_install_unit
|
||||
|
@ -1,12 +1,12 @@
|
||||
---
|
||||
- name: "(CentOS) Install GeoIP dependencies"
|
||||
- name: (CentOS) Install GeoIP dependencies
|
||||
yum:
|
||||
name: epel-release
|
||||
when:
|
||||
- ansible_facts['distribution'] == "CentOS"
|
||||
- '"geoip" in nginx_modules'
|
||||
|
||||
- name: "Install NGINX Modules"
|
||||
- name: Install NGINX Modules
|
||||
package:
|
||||
name: "nginx-{{ (nginx_type == 'plus') | ternary('plus-', '') }}module-{{ item }}{{ nginx_version | default('') }}"
|
||||
state: present
|
||||
|
@ -1,14 +1,14 @@
|
||||
---
|
||||
- name: "(Alpine Linux) Configure NGINX repository"
|
||||
- name: (Alpine Linux) Configure NGINX repository
|
||||
lineinfile:
|
||||
path: /etc/apk/repositories
|
||||
insertafter: EOF
|
||||
line: "{{ repository }}"
|
||||
|
||||
- name: "(Alpine Linux) Install NGINX"
|
||||
- name: (Alpine Linux) Install NGINX
|
||||
apk:
|
||||
name: "nginx{{ nginx_version | default('') }}"
|
||||
repository: "{{ repository }}"
|
||||
state: "{{ nginx_state }}"
|
||||
update_cache: yes
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
@ -1,12 +1,12 @@
|
||||
---
|
||||
- name: "(FreeBSD) Update ports"
|
||||
- name: (FreeBSD) Update ports
|
||||
block:
|
||||
- name: "(FreeBSD) Fetch ports"
|
||||
- name: (FreeBSD) Fetch ports
|
||||
command: portsnap fetch --interactive
|
||||
args:
|
||||
creates: /var/db/portsnap/INDEX
|
||||
|
||||
- name: "(FreeBSD) Extract ports"
|
||||
- name: (FreeBSD) Extract ports
|
||||
command: portsnap extract
|
||||
args:
|
||||
creates: /usr/ports
|
||||
@ -14,64 +14,64 @@
|
||||
- ansible_facts['system'] == "FreeBSD"
|
||||
- nginx_bsd_update_ports | bool
|
||||
|
||||
- name: "(FreeBSD) Install NGINX"
|
||||
- name: (FreeBSD) Install NGINX
|
||||
block:
|
||||
- name: "(FreeBSD) Install NGINX package"
|
||||
- name: (FreeBSD) Install NGINX package
|
||||
pkgng:
|
||||
name: "www/nginx{{ nginx_version | default('') }}"
|
||||
state: "{{ nginx_state }}"
|
||||
when: nginx_bsd_install_packages | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
||||
- name: "(FreeBSD) Install NGINX port"
|
||||
- name: (FreeBSD) Install NGINX port
|
||||
portinstall:
|
||||
name: "www/nginx{{ nginx_version | default('') }}"
|
||||
use_packages: "{{ nginx_bsd_portinstall_use_packages | default(omit) }}"
|
||||
state: "{{ nginx_state }}"
|
||||
when: not nginx_bsd_install_packages | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
when: ansible_facts['system'] == "FreeBSD"
|
||||
|
||||
- name: "(OpenBSD) Install NGINX"
|
||||
- name: (OpenBSD) Install NGINX
|
||||
block:
|
||||
- name: "(OpenBSD) Install NGINX package"
|
||||
- name: (OpenBSD) Install NGINX package
|
||||
openbsd_pkg:
|
||||
name: "nginx{{ nginx_version | default('') }}"
|
||||
build: no
|
||||
state: "{{ nginx_state }}"
|
||||
when: nginx_bsd_install_packages | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
||||
- name: "(OpenBSD) Install NGINX port"
|
||||
- name: (OpenBSD) Install NGINX port
|
||||
openbsd_pkg:
|
||||
name: "nginx{{ nginx_version | default('') }}"
|
||||
build: yes
|
||||
state: "{{ nginx_state }}"
|
||||
when: not nginx_bsd_install_packages | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
when: ansible_facts['system'] == "OpenBSD"
|
||||
|
||||
- name: "(NetBSD) Install NGINX"
|
||||
- name: (NetBSD) Install NGINX
|
||||
block:
|
||||
- name: "NetBSD) Install NGINX package"
|
||||
- name: (NetBSD) Install NGINX package
|
||||
command: "pkg_add www/nginx{{ nginx_version | default('') }}"
|
||||
when: nginx_bsd_install_packages | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
||||
- name: "(NetBSD) Install NGINX port"
|
||||
- name: (NetBSD) Install NGINX port
|
||||
fail:
|
||||
msg: "{{ ansible_facts['system'] }} Install NGINX port not implemented."
|
||||
when: not nginx_bsd_install_packages | bool
|
||||
when: ansible_facts['system'] == "NetBSD"
|
||||
|
||||
- name: "(DragonFlyBSD/HardenedBSD) Install NGINX"
|
||||
- name: (DragonFlyBSD/HardenedBSD) Install NGINX
|
||||
block:
|
||||
- name: "Install NGINX package"
|
||||
- name: Install NGINX package
|
||||
command: "pkg install www/nginx{{ nginx_version | default('') }}"
|
||||
when: nginx_bsd_install_packages | bool
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
||||
- name: "Install NGINX port"
|
||||
- name: Install NGINX port
|
||||
fail:
|
||||
msg: "{{ ansible_facts['system'] }} Install NGINX port not implemented."
|
||||
when: not nginx_bsd_install_packages | bool
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- name: "(Debian/Ubuntu) Configure NGINX repository"
|
||||
- name: (Debian/Ubuntu) Configure NGINX repository
|
||||
apt_repository:
|
||||
filename: nginx
|
||||
repo: "{{ item }}"
|
||||
@ -7,8 +7,8 @@
|
||||
mode: 0644
|
||||
loop: "{{ repository }}"
|
||||
|
||||
- name: "(Debian/Ubuntu) Install NGINX"
|
||||
- name: (Debian/Ubuntu) Install NGINX
|
||||
apt:
|
||||
name: "nginx{{ nginx_version | default('') }}"
|
||||
state: "{{ nginx_state }}"
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
@ -1,28 +1,28 @@
|
||||
---
|
||||
- name: "Install NGINX in Linux systems"
|
||||
- name: Install NGINX in Linux systems
|
||||
block:
|
||||
- name: "Install NGINX from repository"
|
||||
- name: Install NGINX from repository
|
||||
block:
|
||||
- name: "Set NGINX repository"
|
||||
- name: Set NGINX repository
|
||||
set_fact:
|
||||
repository: "{{ nginx_repository | default(nginx_default_repository[ansible_facts['os_family'] | lower]) }}"
|
||||
|
||||
- name: "Install NGINX from repository"
|
||||
- name: Install NGINX from repository
|
||||
include_tasks: "{{ role_path }}/tasks/opensource/install-{{ ansible_facts['os_family'] | lower }}.yml"
|
||||
when: nginx_install_from == "nginx_repository"
|
||||
|
||||
- name: "Install NGINX from source"
|
||||
- name: Install NGINX from source
|
||||
include_tasks: "{{ role_path }}/tasks/opensource/install-source.yml"
|
||||
when: nginx_install_from == "source"
|
||||
|
||||
- name: "Install NGINX from package"
|
||||
- name: Install NGINX from package
|
||||
package:
|
||||
name: "nginx{{ nginx_version | default('') }}"
|
||||
state: "{{ nginx_state }}"
|
||||
when: nginx_install_from == "os_repository"
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
when: ansible_facts['system'] | lower is not search('bsd')
|
||||
|
||||
- name: "Install NGINX in Unix systems"
|
||||
- name: Install NGINX in Unix systems
|
||||
include_tasks: "{{ role_path }}/tasks/opensource/install-bsd.yml"
|
||||
when: ansible_facts['system'] | lower is search('bsd')
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- name: "(CentOS/RHEL 6/7) Configure NGINX repository"
|
||||
- name: (CentOS/RHEL 6/7) Configure NGINX repository
|
||||
yum_repository:
|
||||
name: nginx
|
||||
baseurl: "{{ repository }}"
|
||||
@ -9,7 +9,7 @@
|
||||
mode: 0644
|
||||
when: ansible_facts['distribution_major_version'] is version('8', '<')
|
||||
|
||||
- name: "(CentOS/RHEL 8) Configure NGINX repository"
|
||||
- name: (CentOS/RHEL 8) Configure NGINX repository
|
||||
blockinfile:
|
||||
path: /etc/yum.repos.d/nginx.repo
|
||||
create: yes
|
||||
@ -23,11 +23,11 @@
|
||||
mode: 0644
|
||||
when: ansible_facts['distribution_major_version'] is version('8', '==')
|
||||
|
||||
- name: "(CentOS/RHEL) Install NGINX"
|
||||
- name: (CentOS/RHEL) Install NGINX
|
||||
yum:
|
||||
name: "nginx{{ nginx_version | default('') }}"
|
||||
state: "{{ nginx_state }}"
|
||||
disablerepo: "*"
|
||||
enablerepo: "nginx"
|
||||
enablerepo: nginx
|
||||
update_cache: yes
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
@ -1,9 +1,9 @@
|
||||
---
|
||||
- name: "Check for build tools"
|
||||
- name: Check for build tools
|
||||
block:
|
||||
- name: "(CentOS/RHEL 8) Setup Python 3"
|
||||
- name: (CentOS/RHEL 8) Setup Python 3
|
||||
block:
|
||||
- name: "(CentOS/RHEL 8) Install Python 3"
|
||||
- name: (CentOS/RHEL 8) Install Python 3
|
||||
yum:
|
||||
name:
|
||||
- python3
|
||||
@ -11,7 +11,7 @@
|
||||
- python3-devel
|
||||
update_cache: yes
|
||||
|
||||
- name: "(Centos/RHEL 8) Set Python 3 as default"
|
||||
- name: (Centos/RHEL 8) Set Python 3 as default
|
||||
alternatives:
|
||||
name: python
|
||||
path: /usr/bin/python3
|
||||
@ -20,7 +20,7 @@
|
||||
- ansible_facts['os_family'] == "RedHat"
|
||||
- ansible_facts['distribution_major_version'] is version('8', '==')
|
||||
|
||||
- name: "(Centos/RHEL) Install build tools"
|
||||
- name: (Centos/RHEL) Install build tools
|
||||
yum:
|
||||
name:
|
||||
- "@Development tools"
|
||||
@ -36,7 +36,7 @@
|
||||
update_cache: yes
|
||||
when: ansible_facts['os_family'] == "RedHat"
|
||||
|
||||
- name: "(Debian) Install backports repo for 'buster'"
|
||||
- name: (Debian) Install backports repo for 'buster'
|
||||
apt_repository:
|
||||
filename: buster-backports
|
||||
repo: deb http://ftp.us.debian.org/debian buster-backports main
|
||||
@ -44,7 +44,7 @@
|
||||
mode: 0644
|
||||
when: ansible_facts['distribution_release'] == "buster"
|
||||
|
||||
- name: "(Debian/Ubuntu) Install build tools"
|
||||
- name: (Debian/Ubuntu) Install build tools
|
||||
apt:
|
||||
name:
|
||||
- build-essential
|
||||
@ -57,7 +57,7 @@
|
||||
update_cache: yes
|
||||
when: ansible_facts['os_family'] == "Debian"
|
||||
|
||||
- name: "(Alpine Linux) Install build tools"
|
||||
- name: (Alpine Linux) Install build tools
|
||||
apk:
|
||||
name:
|
||||
- alpine-sdk
|
||||
@ -72,7 +72,7 @@
|
||||
update_cache: yes
|
||||
when: ansible_facts['os_family'] == "Alpine"
|
||||
|
||||
- name: "(Alpine Linux) Enable OpenRC"
|
||||
- name: (Alpine Linux) Enable OpenRC
|
||||
copy:
|
||||
content: ""
|
||||
dest: /run/openrc/softlevel
|
||||
@ -82,24 +82,24 @@
|
||||
when: ansible_facts['os_family'] == "Alpine"
|
||||
when: nginx_install_source_build_tools | bool
|
||||
|
||||
- name: "Check for source installs"
|
||||
- name: Check for source installs
|
||||
block:
|
||||
- name: "Check for PCRE install"
|
||||
- name: Check for PCRE install
|
||||
stat:
|
||||
path: /tmp/{{ pcre_version }}
|
||||
register: pcre_result
|
||||
|
||||
- name: "Check for ZLib install"
|
||||
- name: Check for ZLib install
|
||||
stat:
|
||||
path: /tmp/{{ zlib_version }}
|
||||
register: zlib_result
|
||||
|
||||
- name: "Check for OpenSSL install"
|
||||
- name: Check for OpenSSL install
|
||||
stat:
|
||||
path: /tmp/{{ openssl_version }}
|
||||
register: openssl_result
|
||||
|
||||
- name: "(CentOS/RHEL) Install PCRE dependency from package"
|
||||
- name: (CentOS/RHEL) Install PCRE dependency from package
|
||||
yum:
|
||||
name: pcre-devel
|
||||
update_cache: yes
|
||||
@ -107,7 +107,7 @@
|
||||
- nginx_install_source_pcre | bool
|
||||
- ansible_facts['os_family'] == "RedHat"
|
||||
|
||||
- name: "(Debian/Ubuntu) Install PCRE dependency from package"
|
||||
- name: (Debian/Ubuntu) Install PCRE dependency from package
|
||||
apt:
|
||||
name: libpcre3-dev
|
||||
update_cache: yes
|
||||
@ -115,7 +115,7 @@
|
||||
- nginx_install_source_pcre | bool
|
||||
- ansible_facts['os_family'] == "Debian"
|
||||
|
||||
- name: "(Alpine Linux) Install PCRE dependency from package"
|
||||
- name: (Alpine Linux) Install PCRE dependency from package
|
||||
apk:
|
||||
name: pcre-dev
|
||||
update_cache: yes
|
||||
@ -123,9 +123,9 @@
|
||||
- nginx_install_source_pcre | bool
|
||||
- ansible_facts['os_family'] == "Alpine"
|
||||
|
||||
- name: "Install PCRE dependence from source"
|
||||
- name: Install PCRE dependence from source
|
||||
block:
|
||||
- name: "Download PCRE dependency"
|
||||
- name: Download PCRE dependency
|
||||
get_url:
|
||||
url: "https://ftp.pcre.org/pub/pcre/{{ pcre_version }}.tar.gz"
|
||||
dest: "/tmp/{{ pcre_version }}.tar.gz"
|
||||
@ -134,23 +134,23 @@
|
||||
| ternary('no', 'yes') }}"
|
||||
register: pcre_source
|
||||
|
||||
- name: "Unpack PCRE dependency"
|
||||
- name: Unpack PCRE dependency
|
||||
unarchive:
|
||||
copy: no
|
||||
dest: /tmp/
|
||||
src: "{{ pcre_source.dest }}"
|
||||
mode: 0700
|
||||
|
||||
- name: "Configure PCRE dependency"
|
||||
command: "./configure"
|
||||
- name: Configure PCRE dependency
|
||||
command: ./configure
|
||||
args:
|
||||
chdir: "/tmp/{{ pcre_version }}"
|
||||
|
||||
- name: "Make PCRE dependency"
|
||||
- name: Make PCRE dependency
|
||||
make:
|
||||
chdir: "/tmp/{{ pcre_version }}"
|
||||
|
||||
- name: "Install PCRE dependency"
|
||||
- name: Install PCRE dependency
|
||||
make:
|
||||
chdir: "/tmp/{{ pcre_version }}"
|
||||
target: install
|
||||
@ -158,7 +158,7 @@
|
||||
- not pcre_result.stat.exists | bool
|
||||
- not nginx_install_source_pcre | bool
|
||||
|
||||
- name: "(Centos/RHEL) Install ZLib dependency from package"
|
||||
- name: (Centos/RHEL) Install ZLib dependency from package
|
||||
yum:
|
||||
name: zlib-devel
|
||||
update_cache: yes
|
||||
@ -166,7 +166,7 @@
|
||||
- nginx_install_source_zlib | bool
|
||||
- ansible_facts['os_family'] == "RedHat"
|
||||
|
||||
- name: "(Debian/Ubuntu) Install ZLib dependency from package"
|
||||
- name: (Debian/Ubuntu) Install ZLib dependency from package
|
||||
apt:
|
||||
name: zlib1g-dev
|
||||
update_cache: true
|
||||
@ -174,7 +174,7 @@
|
||||
- nginx_install_source_zlib | bool
|
||||
- ansible_facts['os_family'] == "Debian"
|
||||
|
||||
- name: "(Alpine Linux) Install ZLib dependency from package"
|
||||
- name: (Alpine Linux) Install ZLib dependency from package
|
||||
apk:
|
||||
name: zlib-dev
|
||||
update_cache: yes
|
||||
@ -182,9 +182,9 @@
|
||||
- nginx_install_source_zlib | bool
|
||||
- ansible_facts['os_family'] == "Alpine"
|
||||
|
||||
- name: "Install ZLib dependency from source"
|
||||
- name: Install ZLib dependency from source
|
||||
block:
|
||||
- name: "Download ZLib dependency"
|
||||
- name: Download ZLib dependency
|
||||
get_url:
|
||||
url: "https://zlib.net/{{ zlib_version }}.tar.gz"
|
||||
dest: "/tmp/{{ zlib_version }}.tar.gz"
|
||||
@ -193,23 +193,23 @@
|
||||
| ternary('no', 'yes') }}"
|
||||
register: zlib_source
|
||||
|
||||
- name: "Unpack ZLib dependency"
|
||||
- name: Unpack ZLib dependency
|
||||
unarchive:
|
||||
copy: no
|
||||
dest: /tmp/
|
||||
src: "{{ zlib_source.dest }}"
|
||||
mode: 0700
|
||||
|
||||
- name: "Configure ZLib dependency"
|
||||
command: "./configure"
|
||||
- name: Configure ZLib dependency
|
||||
command: ./configure
|
||||
args:
|
||||
chdir: "/tmp/{{ zlib_version }}"
|
||||
|
||||
- name: "Make ZLib dependency"
|
||||
- name: Make ZLib dependency
|
||||
make:
|
||||
chdir: "/tmp/{{ zlib_version }}"
|
||||
|
||||
- name: "Install ZLib dependency"
|
||||
- name: Install ZLib dependency
|
||||
make:
|
||||
chdir: "/tmp/{{ zlib_version }}"
|
||||
target: install
|
||||
@ -217,7 +217,7 @@
|
||||
- not zlib_result.stat.exists | bool
|
||||
- not nginx_install_source_zlib | bool
|
||||
|
||||
- name: "(CentOS/RHEL) Install OpenSSL dependency from package"
|
||||
- name: (CentOS/RHEL) Install OpenSSL dependency from package
|
||||
yum:
|
||||
name: openssl-devel
|
||||
update_cache: yes
|
||||
@ -225,7 +225,7 @@
|
||||
- nginx_install_source_openssl | bool
|
||||
- ansible_facts['os_family'] == "RedHat"
|
||||
|
||||
- name: "(Debian/Ubuntu) Install OpenSSL dependency from package"
|
||||
- name: (Debian/Ubuntu) Install OpenSSL dependency from package
|
||||
apt:
|
||||
name: libssl-dev
|
||||
update_cache: yes
|
||||
@ -233,7 +233,7 @@
|
||||
- nginx_install_source_openssl | bool
|
||||
- ansible_facts['os_family'] == "Debian"
|
||||
|
||||
- name: "(Alpine Linux) Install OpenSSL dependency from package"
|
||||
- name: (Alpine Linux) Install OpenSSL dependency from package
|
||||
apk:
|
||||
name: openssl-dev
|
||||
update_cache: yes
|
||||
@ -241,9 +241,9 @@
|
||||
- nginx_install_source_openssl | bool
|
||||
- ansible_facts['os_family'] == "Alpine"
|
||||
|
||||
- name: "Install OpenSSL dependency from source"
|
||||
- name: Install OpenSSL dependency from source
|
||||
block:
|
||||
- name: "Download OpenSSL dependency"
|
||||
- name: Download OpenSSL dependency
|
||||
get_url:
|
||||
url: "https://www.openssl.org/source/{{ openssl_version }}.tar.gz"
|
||||
dest: "/tmp/{{ openssl_version }}.tar.gz"
|
||||
@ -252,23 +252,23 @@
|
||||
| ternary('no', 'yes') }}"
|
||||
register: openssl_source
|
||||
|
||||
- name: "Unpack OpenSSL dependency"
|
||||
- name: Unpack OpenSSL dependency
|
||||
unarchive:
|
||||
copy: no
|
||||
dest: /tmp/
|
||||
src: "{{ openssl_source.dest }}"
|
||||
mode: 0700
|
||||
|
||||
- name: "Configure OpenSSL dependency"
|
||||
command: "./config --prefix=/usr/local/openssl --openssldir=/usr/local/openssl shared zlib"
|
||||
- name: Configure OpenSSL dependency
|
||||
command: ./config --prefix=/usr/local/openssl --openssldir=/usr/local/openssl shared zlib
|
||||
args:
|
||||
chdir: "/tmp/{{ openssl_version }}"
|
||||
|
||||
- name: "Make OpenSSL dependency"
|
||||
- name: Make OpenSSL dependency
|
||||
make:
|
||||
chdir: "/tmp/{{ openssl_version }}"
|
||||
|
||||
- name: "Install OpenSSL dependency"
|
||||
- name: Install OpenSSL dependency
|
||||
make:
|
||||
chdir: "/tmp/{{ openssl_version }}"
|
||||
target: install
|
||||
@ -276,9 +276,9 @@
|
||||
- not openssl_result.stat.exists | bool
|
||||
- not nginx_install_source_openssl | bool
|
||||
|
||||
- name: "Get NGINX version"
|
||||
- name: Get NGINX version
|
||||
block:
|
||||
- name: "Fetch NGINX version"
|
||||
- name: Fetch NGINX version
|
||||
uri:
|
||||
url: https://trac.nginx.org/nginx/browser
|
||||
return_content: yes
|
||||
@ -286,38 +286,38 @@
|
||||
| ternary('no', 'yes') }}"
|
||||
register: nginx_versions
|
||||
|
||||
- name: "Set NGINX mainline version"
|
||||
- name: Set NGINX mainline version
|
||||
set_fact:
|
||||
nginx_version: "{{ nginx_versions.content | regex_search('release[^<]*') | regex_replace('release', 'nginx') }}"
|
||||
when: nginx_branch == "mainline"
|
||||
|
||||
- name: "Set NGINX stable version 1/2"
|
||||
- name: Set NGINX stable version 1/2
|
||||
set_fact:
|
||||
nginx_version: "{{ nginx_versions.content | regex_search('stable[^<]*') | regex_replace('stable', 'release') }}"
|
||||
when: nginx_branch == "stable"
|
||||
|
||||
- name: "Set NGINX stable version 2/2"
|
||||
- name: Set NGINX stable version 2/2
|
||||
set_fact:
|
||||
nginx_version: "{{ nginx_versions.content | regex_search(nginx_version + '[^<]*') | regex_replace('release', 'nginx') }}"
|
||||
when: nginx_branch == "stable"
|
||||
|
||||
- name: "Set NGINX download filename"
|
||||
- name: Set NGINX download filename
|
||||
set_fact:
|
||||
nginx_download_name: "{{ nginx_version }}"
|
||||
|
||||
- name: "Check for NGINX install"
|
||||
- name: Check for NGINX install
|
||||
stat:
|
||||
path: /usr/sbin/nginx
|
||||
follow: yes
|
||||
register: nginx_result
|
||||
|
||||
- name: "Add NGINX user"
|
||||
- name: Add NGINX user
|
||||
user:
|
||||
name: nginx
|
||||
|
||||
- name: "Install NGINX"
|
||||
- name: Install NGINX
|
||||
block:
|
||||
- name: "Download NGINX"
|
||||
- name: Download NGINX
|
||||
get_url:
|
||||
url: "https://nginx.org/download/{{ nginx_download_name }}.tar.gz"
|
||||
dest: "/tmp/{{ nginx_download_name }}.tar.gz"
|
||||
@ -326,14 +326,14 @@
|
||||
| ternary('no', 'yes') }}"
|
||||
register: nginx_source
|
||||
|
||||
- name: "Unpack NGINX"
|
||||
- name: Unpack NGINX
|
||||
unarchive:
|
||||
copy: no
|
||||
dest: /tmp/
|
||||
src: "{{ nginx_source.dest }}"
|
||||
mode: 0755
|
||||
|
||||
- name: "Configure NGINX"
|
||||
- name: Configure NGINX
|
||||
command: >-
|
||||
./configure
|
||||
--conf-path=/etc/nginx/nginx.conf
|
||||
@ -353,16 +353,16 @@
|
||||
chdir: "/tmp/{{ nginx_version }}"
|
||||
register: nginx_configure
|
||||
|
||||
- name: "Make NGINX"
|
||||
- name: Make NGINX
|
||||
make:
|
||||
chdir: "/tmp/{{ nginx_version }}"
|
||||
|
||||
- name: "Install NGINX"
|
||||
- name: Install NGINX
|
||||
make:
|
||||
chdir: "/tmp/{{ nginx_version }}"
|
||||
target: install
|
||||
|
||||
- name: "Upload systemd NGINX service file"
|
||||
- name: Upload systemd NGINX service file
|
||||
copy:
|
||||
src: services/nginx.systemd
|
||||
dest: /lib/systemd/system/nginx.service
|
||||
@ -371,7 +371,7 @@
|
||||
mode: 0644
|
||||
when: ansible_facts['service_mgr'] == "systemd"
|
||||
|
||||
- name: "Enable systemd NGINX service file"
|
||||
- name: Enable systemd NGINX service file
|
||||
systemd:
|
||||
daemon_reload: yes
|
||||
name: nginx
|
||||
@ -380,7 +380,7 @@
|
||||
when: ansible_facts['service_mgr'] == "systemd"
|
||||
notify: "(Handler) Run NGINX"
|
||||
|
||||
- name: "Upload upstart NGINX service file"
|
||||
- name: Upload upstart NGINX service file
|
||||
copy:
|
||||
src: services/nginx.upstart
|
||||
dest: /etc/init.d/nginx
|
||||
@ -389,7 +389,7 @@
|
||||
mode: 0755
|
||||
when: ansible_facts['service_mgr'] == "upstart"
|
||||
|
||||
- name: "Upload Upstart NGINX service conf file"
|
||||
- name: Upload Upstart NGINX service conf file
|
||||
copy:
|
||||
src: services/nginx.conf.upstart
|
||||
dest: /etc/init/nginx.conf
|
||||
@ -398,16 +398,16 @@
|
||||
mode: 0644
|
||||
when: ansible_facts['service_mgr'] == "upstart"
|
||||
|
||||
- name: "Enable Upstart NGINX service reload"
|
||||
command: "initctl reload-configuration"
|
||||
- name: Enable Upstart NGINX service reload
|
||||
command: initctl reload-configuration
|
||||
when: ansible_facts['service_mgr'] == "upstart"
|
||||
|
||||
- name: "Start Upstart NGINX service reload"
|
||||
command: "nginx"
|
||||
- name: Start Upstart NGINX service reload
|
||||
command: nginx
|
||||
when: ansible_facts['service_mgr'] == "upstart"
|
||||
notify: "(Handler) Run NGINX"
|
||||
|
||||
- name: "Upload SysVinit NGINX service file"
|
||||
- name: Upload SysVinit NGINX service file
|
||||
copy:
|
||||
src: services/nginx.sysvinit
|
||||
dest: /etc/init.d/nginx
|
||||
@ -417,7 +417,7 @@
|
||||
when: ansible_facts['service_mgr'] == "sysvinit"
|
||||
notify: "(Handler) Run NGINX"
|
||||
|
||||
- name: "Upload OpenRC NGINX service file"
|
||||
- name: Upload OpenRC NGINX service file
|
||||
copy:
|
||||
src: services/nginx.openrc
|
||||
dest: /etc/init.d/nginx
|
||||
@ -426,13 +426,13 @@
|
||||
mode: 0755
|
||||
when: ansible_facts['service_mgr'] == "openrc"
|
||||
|
||||
- name: "Enable OpenRC NGINX service"
|
||||
- name: Enable OpenRC NGINX service
|
||||
command: rc-update add nginx default
|
||||
when: ansible_facts['service_mgr'] == "openrc"
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
when: not nginx_result.stat.exists
|
||||
|
||||
- name: "Cleanup downloads"
|
||||
- name: Cleanup downloads
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: absent
|
||||
|
@ -1,13 +1,13 @@
|
||||
---
|
||||
- name: "(SLES) Configure NGINX repository"
|
||||
- name: (SLES) Configure NGINX repository
|
||||
zypper_repository:
|
||||
name: "nginx-{{ nginx_branch }}"
|
||||
repo: "{{ repository }}"
|
||||
|
||||
- name: "(SLES) Install NGINX"
|
||||
- name: (SLES) Install NGINX
|
||||
zypper:
|
||||
name: "nginx{{ nginx_version | default('') }}"
|
||||
state: "{{ nginx_state }}"
|
||||
disable_recommends: no
|
||||
update_cache: yes
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
@ -1,14 +1,14 @@
|
||||
---
|
||||
- name: "(Alpine Linux) Configure NGINX Plus repository"
|
||||
- name: (Alpine Linux) Configure NGINX Plus repository
|
||||
lineinfile:
|
||||
path: /etc/apk/repositories
|
||||
insertafter: EOF
|
||||
line: "{{ repository }}"
|
||||
state: "{{ nginx_license_status | default ('present') }}"
|
||||
|
||||
- name: "(Alpine Linux) Install NGINX Plus"
|
||||
- name: (Alpine Linux) Install NGINX Plus
|
||||
apk:
|
||||
name: "nginx-plus{{ nginx_version | default('') }}"
|
||||
repository: "{{ repository }}"
|
||||
state: "{{ nginx_state }}"
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- name: "(Debian/Ubuntu) Set up NGINX Plus license verification"
|
||||
- name: (Debian/Ubuntu) Set up NGINX Plus license verification
|
||||
blockinfile:
|
||||
path: /etc/apt/apt.conf.d/90nginx
|
||||
create: yes
|
||||
@ -11,7 +11,7 @@
|
||||
state: "{{ nginx_license_status | default ('present') }}"
|
||||
mode: 0444
|
||||
|
||||
- name: "(Debian/Ubuntu) Configure NGINX Plus repository"
|
||||
- name: (Debian/Ubuntu) Configure NGINX Plus repository
|
||||
apt_repository:
|
||||
filename: nginx-plus
|
||||
repo: "{{ repository }}"
|
||||
@ -19,8 +19,8 @@
|
||||
state: "{{ nginx_license_status | default ('present') }}"
|
||||
mode: 0644
|
||||
|
||||
- name: "(Debian/Ubuntu) Install NGINX Plus"
|
||||
- name: (Debian/Ubuntu) Install NGINX Plus
|
||||
apt:
|
||||
name: "nginx-plus{{ nginx_version | default('') }}"
|
||||
state: "{{ nginx_state }}"
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- name: "(FreeBSD) Set up NGINX Plus license verification"
|
||||
- name: (FreeBSD) Set up NGINX Plus license verification
|
||||
blockinfile:
|
||||
path: /usr/local/etc/pkg.conf
|
||||
block: |
|
||||
@ -8,7 +8,7 @@
|
||||
SSL_CLIENT_KEY_FILE: "/etc/ssl/nginx/nginx-repo.key" }
|
||||
state: "{{ nginx_license_status | default ('present') }}"
|
||||
|
||||
- name: "(FreeBSD) Configure NGINX Plus repository"
|
||||
- name: (FreeBSD) Configure NGINX Plus repository
|
||||
blockinfile:
|
||||
path: /etc/pkg/nginx-plus.conf
|
||||
create: yes
|
||||
@ -21,8 +21,8 @@
|
||||
state: "{{ nginx_license_status | default ('present') }}"
|
||||
mode: 0644
|
||||
|
||||
- name: "(FreeBSD) Install NGINX Plus"
|
||||
- name: (FreeBSD) Install NGINX Plus
|
||||
pkgng:
|
||||
name: "nginx-plus{{ nginx_version | default('') }}"
|
||||
state: "{{ nginx_state }}"
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
@ -1,8 +1,8 @@
|
||||
---
|
||||
- name: "Set NGINX Plus repository"
|
||||
- name: Set NGINX Plus repository
|
||||
set_fact:
|
||||
repository: "{{ nginx_repository |
|
||||
default(nginx_plus_default_repository[(ansible_facts['distribution'] == 'Amazon') | ternary('amazon', ansible_facts['os_family'] | lower)]) }}"
|
||||
|
||||
- name: "Install NGINX from repository"
|
||||
- name: Install NGINX from repository
|
||||
include_tasks: "{{ role_path }}/tasks/plus/install-{{ ansible_facts['os_family'] | lower }}.yml"
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- name: "(Amazon Linux/CentOS/Oracle Linux/RHEL) Configure NGINX Plus repository"
|
||||
- name: (Amazon Linux/CentOS/Oracle Linux/RHEL) Configure NGINX Plus repository
|
||||
yum_repository:
|
||||
name: nginx-plus
|
||||
baseurl: "{{ repository }}"
|
||||
@ -11,11 +11,11 @@
|
||||
state: "{{ nginx_license_status | default ('present') }}"
|
||||
mode: 0644
|
||||
|
||||
- name: "(Amazon Linux/CentOS/Oracle Linux/RHEL) Install NGINX Plus"
|
||||
- name: (Amazon Linux/CentOS/Oracle Linux/RHEL) Install NGINX Plus
|
||||
yum:
|
||||
name: "nginx-plus{{ nginx_version | default('') }}"
|
||||
state: "{{ nginx_state }}"
|
||||
disablerepo: "*"
|
||||
enablerepo: "nginx-plus"
|
||||
update_cache: yes
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
@ -1,19 +1,19 @@
|
||||
---
|
||||
- name: "(SLES) Combine NGINX Plus certificate and license key"
|
||||
- name: (SLES) Combine NGINX Plus certificate and license key
|
||||
assemble:
|
||||
src: /etc/ssl/nginx
|
||||
dest: /etc/ssl/nginx/nginx-repo-bundle.crt
|
||||
mode: 0444
|
||||
|
||||
- name: "(SLES) Configure NGINX Plus repository"
|
||||
- name: (SLES) Configure NGINX Plus repository
|
||||
zypper_repository:
|
||||
name: nginx-plus
|
||||
repo: "{{ repository }}"
|
||||
state: "{{ nginx_license_status | default ('present') }}"
|
||||
|
||||
- name: "(SLES) Install NGINX Plus"
|
||||
- name: (SLES) Install NGINX Plus
|
||||
zypper:
|
||||
name: "nginx-plus{{ nginx_version | default('') }}"
|
||||
state: "{{ nginx_state }}"
|
||||
update_cache: yes
|
||||
notify: "(Handler) Run NGINX"
|
||||
notify: (Handler) Run NGINX
|
||||
|
@ -1,15 +1,15 @@
|
||||
---
|
||||
- name: "Set NGINX Plus license state"
|
||||
- name: Set NGINX Plus license state
|
||||
set_fact:
|
||||
nginx_license_status: absent
|
||||
|
||||
- name: "(Debian/Red Hat/SLES OSs) Delete NGINX Plus license"
|
||||
- name: (Debian/Red Hat/SLES OSs) Delete NGINX Plus license
|
||||
file:
|
||||
path: /etc/ssl/nginx
|
||||
state: absent
|
||||
when: ansible_facts['distribution'] != "Alpine"
|
||||
|
||||
- name: "(Alpine Linux) Delete NGINX Plus license"
|
||||
- name: (Alpine Linux) Delete NGINX Plus license
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: absent
|
||||
@ -18,5 +18,5 @@
|
||||
- /etc/apk/cert.pem
|
||||
when: ansible_facts['distribution'] == "Alpine"
|
||||
|
||||
- name: "Delete NGINX Plus repository data"
|
||||
- name: Delete NGINX Plus repository data
|
||||
include_tasks: "{{ role_path }}/tasks/plus/install-plus.yml"
|
||||
|
@ -1,13 +1,13 @@
|
||||
---
|
||||
- name: "(Debian/Red Hat/SLES OSs) Set up NGINX Plus license"
|
||||
- name: (Debian/Red Hat/SLES OSs) Set up NGINX Plus license
|
||||
block:
|
||||
- name: "(Debian/Red Hat/SLES OSs) Create SSL directory"
|
||||
- name: (Debian/Red Hat/SLES OSs) Create SSL directory
|
||||
file:
|
||||
path: /etc/ssl/nginx
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
||||
- name: "(Debian/Red Hat/SLES OSs) Copy NGINX Plus certificate and license key"
|
||||
- name: (Debian/Red Hat/SLES OSs) Copy NGINX Plus certificate and license key
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: /etc/ssl/nginx
|
||||
@ -18,22 +18,22 @@
|
||||
- "{{ nginx_license['key'] }}"
|
||||
when: ansible_facts['os_family'] != "Alpine"
|
||||
|
||||
- name: "(Alpine Linux) Set up NGINX Plus license"
|
||||
- name: (Alpine Linux) Set up NGINX Plus license
|
||||
block:
|
||||
- name: "(Alpine Linux) Create APK directory"
|
||||
- name: (Alpine Linux) Create APK directory
|
||||
file:
|
||||
path: /etc/apk
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
||||
- name: "(Alpine Linux) Copy NGINX Plus key"
|
||||
- name: (Alpine Linux) Copy NGINX Plus key
|
||||
copy:
|
||||
src: "{{ nginx_license['key'] }}"
|
||||
dest: /etc/apk/cert.key
|
||||
decrypt: yes
|
||||
mode: 0444
|
||||
|
||||
- name: "(Alpine Linux) Copy NGINX Plus certificate"
|
||||
- name: (Alpine Linux) Copy NGINX Plus certificate
|
||||
copy:
|
||||
src: "{{ nginx_license['certificate'] }}"
|
||||
dest: /etc/apk/cert.pem
|
||||
|
@ -1,34 +1,34 @@
|
||||
---
|
||||
- name: "(Alpine Linux) Install dependencies"
|
||||
- name: (Alpine Linux) Install dependencies
|
||||
apk:
|
||||
name: "{{ nginx_alpine_dependencies }}"
|
||||
update_cache: yes
|
||||
when: ansible_facts['os_family'] == "Alpine"
|
||||
|
||||
- name: "(Debian/Ubuntu) Install dependencies"
|
||||
- name: (Debian/Ubuntu) Install dependencies
|
||||
apt:
|
||||
name: "{{ nginx_debian_dependencies }}"
|
||||
update_cache: yes
|
||||
when: ansible_facts['os_family'] == "Debian"
|
||||
|
||||
- name: "(Amazon Linux/CentOS/Oracle Linux/RHEL) Install dependencies"
|
||||
- name: (Amazon Linux/CentOS/Oracle Linux/RHEL) Install dependencies
|
||||
yum:
|
||||
name: "{{ nginx_redhat_dependencies }}"
|
||||
when: ansible_facts['os_family'] == "RedHat"
|
||||
|
||||
- name: "(SLES) Install dependencies"
|
||||
- name: (SLES) Install dependencies
|
||||
zypper:
|
||||
name: "{{ nginx_sles_dependencies }}"
|
||||
when: ansible_facts['os_family'] == "Suse"
|
||||
|
||||
- name: "(FreeBSD) Install dependencies"
|
||||
- name: (FreeBSD) Install dependencies
|
||||
block:
|
||||
- name: "(FreeBSD) Install dependencies using package(s)"
|
||||
- name: (FreeBSD) Install dependencies using package(s)
|
||||
pkgng:
|
||||
name: "{{ nginx_freebsd_dependencies }}"
|
||||
when: nginx_bsd_install_packages | bool
|
||||
|
||||
- name: "(FreeBSD) Install dependencies using port(s)"
|
||||
- name: (FreeBSD) Install dependencies using port(s)
|
||||
portinstall:
|
||||
name: "{{ item }}"
|
||||
use_packages: "{{ nginx_bsd_portinstall_use_packages | default(omit) }}"
|
||||
|
@ -1,15 +1,15 @@
|
||||
---
|
||||
- name: "Install dependencies"
|
||||
- name: Install dependencies
|
||||
include_tasks: "{{ role_path }}/tasks/prerequisites/install-dependencies.yml"
|
||||
|
||||
- name: "Set up SELinux"
|
||||
- name: Set up SELinux
|
||||
block:
|
||||
- name: "Check if SELinux is enabled"
|
||||
- name: Check if SELinux is enabled
|
||||
debug:
|
||||
msg: "You need to enable SELinux, if it was disabled you need to reboot"
|
||||
msg: You need to enable SELinux, if it was disabled you need to reboot
|
||||
when: ansible_facts['selinux'] is undefined
|
||||
|
||||
- name: "Configure SELinux"
|
||||
- name: Configure SELinux
|
||||
include_tasks: "{{ role_path }}/tasks/prerequisites/setup-selinux.yml"
|
||||
when: ansible_facts['selinux.mode'] is defined
|
||||
when:
|
||||
|
@ -1,14 +1,14 @@
|
||||
---
|
||||
- name: "(CentOS/RHEL) Install dependencies"
|
||||
- name: (CentOS/RHEL) Install dependencies
|
||||
block:
|
||||
- name: "(CentOS/RHEL 6/7) Install dependencies"
|
||||
- name: (CentOS/RHEL 6/7) Install dependencies
|
||||
yum:
|
||||
name:
|
||||
- policycoreutils-python
|
||||
- setools
|
||||
when: ansible_facts['distribution_major_version'] is version('8', '!=')
|
||||
|
||||
- name: "(CentOS/RHEL 8) Install dependencies"
|
||||
- name: (CentOS/RHEL 8) Install dependencies
|
||||
yum:
|
||||
name:
|
||||
- libselinux-utils
|
||||
@ -17,26 +17,26 @@
|
||||
when: ansible_facts['distribution_major_version'] is version('8', '==')
|
||||
when: ansible_facts['os_family'] == "RedHat"
|
||||
|
||||
- name: "Set SELinux mode to permissive"
|
||||
- name: Set SELinux mode to permissive
|
||||
selinux:
|
||||
state: permissive
|
||||
policy: targeted
|
||||
changed_when: false
|
||||
when: ansible_facts['selinux.mode'] == "enforcing"
|
||||
|
||||
- name: "Allow SELinux HTTP network connections"
|
||||
- name: Allow SELinux HTTP network connections
|
||||
seboolean:
|
||||
name: httpd_can_network_connect
|
||||
state: yes
|
||||
persistent: yes
|
||||
|
||||
- name: "Allow SELinux HTTP network connections"
|
||||
- name: Allow SELinux HTTP network connections
|
||||
seboolean:
|
||||
name: httpd_can_network_relay
|
||||
state: yes
|
||||
persistent: yes
|
||||
|
||||
- name: "Allow SELinux TCP connections on status ports"
|
||||
- name: (DEPRECATED) Allow SELinux TCP connections on status ports
|
||||
seport:
|
||||
ports: "{{ nginx_status_port }}"
|
||||
proto: tcp
|
||||
@ -44,7 +44,7 @@
|
||||
state: present
|
||||
when: nginx_status_port is defined
|
||||
|
||||
- name: "Allow SELinux TCP connections on Rest API ports"
|
||||
- name: (DEPRECATED) Allow SELinux TCP connections on Rest API ports
|
||||
seport:
|
||||
ports: "{{ nginx_rest_api_port }}"
|
||||
proto: tcp
|
||||
@ -52,7 +52,7 @@
|
||||
state: present
|
||||
when: nginx_rest_api_port is defined
|
||||
|
||||
- name: "Allow SELinux TCP connections on specific ports"
|
||||
- name: Allow SELinux TCP connections on specific ports
|
||||
seport:
|
||||
ports: "{{ nginx_selinux_tcp_ports }}"
|
||||
proto: tcp
|
||||
@ -60,7 +60,7 @@
|
||||
state: present
|
||||
when: nginx_selinux_tcp_ports is defined
|
||||
|
||||
- name: "Allow SELinux UDP connections on specific ports"
|
||||
- name: Allow SELinux UDP connections on specific ports
|
||||
seport:
|
||||
ports: "{{ nginx_selinux_udp_ports }}"
|
||||
proto: udp
|
||||
@ -68,31 +68,31 @@
|
||||
state: present
|
||||
when: nginx_selinux_udp_ports is defined
|
||||
|
||||
- name: "Create SELinux NGINX Plus Module"
|
||||
- name: Create SELinux NGINX Plus module
|
||||
template:
|
||||
src: "{{ role_path }}/templates/selinux/nginx-plus-module.te.j2"
|
||||
dest: "{{ nginx_selinux_tempdir }}/nginx-plus-module.te"
|
||||
mode: 0644
|
||||
register: nginx_selinux_module
|
||||
|
||||
- name: "Check SELinux NGINX Plus Module"
|
||||
- name: Check SELinux NGINX Plus module
|
||||
command: "checkmodule -M -m -o {{ nginx_selinux_tempdir }}/nginx-plus-module.mod {{ nginx_selinux_tempdir }}/nginx-plus-module.te"
|
||||
args:
|
||||
creates: "{{ nginx_selinux_tempdir }}/nginx-plus-module.mod"
|
||||
changed_when: false
|
||||
|
||||
- name: "Compile SELinux NGINX Plus Module"
|
||||
- name: Compile SELinux NGINX Plus module
|
||||
command: "semodule_package -o {{ nginx_selinux_tempdir }}/nginx-plus-module.pp -m {{ nginx_selinux_tempdir }}/nginx-plus-module.mod"
|
||||
args:
|
||||
creates: "{{ nginx_selinux_tempdir }}/nginx-plus-module.pp"
|
||||
changed_when: false
|
||||
|
||||
- name: "Import SELinux NGINX Plus Module"
|
||||
- name: Import SELinux NGINX Plus module
|
||||
command: "semodule -i {{ nginx_selinux_tempdir }}/nginx-plus-module.pp" # noqa 503
|
||||
changed_when: false
|
||||
when: nginx_selinux_module.changed | bool
|
||||
|
||||
- name: "Set SELinux mode to enforcing"
|
||||
- name: Set SELinux mode to enforcing
|
||||
selinux:
|
||||
state: enforcing
|
||||
policy: targeted
|
||||
|
@ -1,17 +1,17 @@
|
||||
## DEPRECATED -- Use nginxinc.nginx_unit role instead (https://github.com/nginxinc/ansible-role-nginx-unit)
|
||||
---
|
||||
- name: "(Debian/Ubuntu/CentOS/RedHat) Install NGINX Unit Modules"
|
||||
- name: (Debian/Ubuntu/CentOS/RedHat) Install NGINX Unit Modules
|
||||
package:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
loop: "{{ nginx_unit_modules }}"
|
||||
when: ansible_facts['os_family'] != "FreeBSD"
|
||||
notify: "(DEPRECATED Handler: Debian/Ubuntu/CentOS/RedHat) Start NGINX Unit"
|
||||
notify: (DEPRECATED Handler - Debian/Ubuntu/CentOS/RedHat) Start NGINX Unit
|
||||
|
||||
- name: "(FreeBSD) Install NGINX Unit Modules"
|
||||
- name: (FreeBSD) Install NGINX Unit Modules
|
||||
portinstall:
|
||||
name: "{{ item }}"
|
||||
state: present
|
||||
loop: "{{ nginx_unit_modules }}"
|
||||
when: ansible_facts['os_family'] == "FreeBSD"
|
||||
notify: "(DEPRECATED Handler: FreeBSD) Start NGINX Unit"
|
||||
notify: (DEPRECATED Handler - FreeBSD) Start NGINX Unit
|
||||
|
@ -1,29 +1,29 @@
|
||||
## DEPRECATED -- Use nginxinc.nginx_unit role instead (https://github.com/nginxinc/ansible-role-nginx-unit)
|
||||
---
|
||||
- name: "Deprecation warning"
|
||||
- name: Deprecation warning
|
||||
debug:
|
||||
msg: "DEPRECATED TASKS -- Use nginxinc.nginx_unit role instead (https://github.com/nginxinc/ansible-role-nginx-unit)"
|
||||
msg: DEPRECATED TASKS -- Use nginxinc.nginx_unit role instead (https://github.com/nginxinc/ansible-role-nginx-unit)
|
||||
|
||||
- name: "(DEPRECATED) Configure NGINX Unit Repository"
|
||||
- name: (DEPRECATED) Configure NGINX Unit Repository
|
||||
include_tasks: "{{ role_path }}/tasks/unit/setup-{{ ansible_facts['os_family'] | lower }}.yml"
|
||||
when: ansible_facts['os_family'] == "Debian"
|
||||
or ansible_facts['os_family'] == "RedHat"
|
||||
or ansible_facts['os_family'] == "FreeBSD"
|
||||
|
||||
- name: "(DEPRECATED) Install NGINX Unit"
|
||||
- name: (DEPRECATED) Install NGINX Unit
|
||||
package:
|
||||
name: unit
|
||||
state: present
|
||||
when: ansible_facts['os_family'] != "FreeBSD"
|
||||
notify: "(DEPRECATED Handler: Debian/Ubuntu/CentOS/RedHat) Start NGINX Unit"
|
||||
notify: (DEPRECATED Handler - Debian/Ubuntu/CentOS/RedHat) Start NGINX Unit
|
||||
|
||||
- name: "(DEPRECATED) Install NGINX Unit"
|
||||
- name: (DEPRECATED) Install NGINX Unit
|
||||
portinstall:
|
||||
name: unit
|
||||
state: present
|
||||
when: ansible_facts['os_family'] == "FreeBSD"
|
||||
notify: "(DEPRECATED Handler: FreeBSD) Start NGINX Unit"
|
||||
notify: (DEPRECATED Handler - FreeBSD) Start NGINX Unit
|
||||
|
||||
- name: "(DEPRECATED) Install NGINX Unit modules"
|
||||
- name: (DEPRECATED) Install NGINX Unit modules
|
||||
include_tasks: "{{ role_path }}/tasks/unit/install-modules.yml"
|
||||
when: nginx_unit_modules is defined
|
||||
|
@ -1,6 +1,6 @@
|
||||
## DEPRECATED -- Use nginxinc.nginx_unit role instead (https://github.com/nginxinc/ansible-role-nginx-unit)
|
||||
---
|
||||
- name: "(DEPRECATED) Add NGINX Unit Repository"
|
||||
- name: (DEPRECATED) Add NGINX Unit Repository
|
||||
apt_repository:
|
||||
repo: "{{ item }}"
|
||||
mode: 0644
|
||||
|
@ -1,11 +1,11 @@
|
||||
## DEPRECATED -- Use nginxinc.nginx_unit role instead (https://github.com/nginxinc/ansible-role-nginx-unit)
|
||||
---
|
||||
- name: "(DEPRECATED) Fetch Ports"
|
||||
- name: (DEPRECATED) Fetch Ports
|
||||
command: portsnap fetch --interactive
|
||||
args:
|
||||
creates: /var/db/portsnap/INDEX
|
||||
|
||||
- name: "(DEPRECATED) Extract Ports"
|
||||
- name: (DEPRECATED) Extract Ports
|
||||
command: portsnap extract
|
||||
args:
|
||||
creates: /usr/ports
|
||||
|
@ -1,6 +1,6 @@
|
||||
## DEPRECATED -- Use nginxinc.nginx_unit role instead (https://github.com/nginxinc/ansible-role-nginx-unit)
|
||||
---
|
||||
- name: "(DEPRECATED) Add NGINX Unit Repository"
|
||||
- name: (DEPRECATED) Add NGINX Unit Repository
|
||||
yum_repository:
|
||||
name: unit
|
||||
baseurl: https://packages.nginx.org/unit/{{ (ansible_facts['distribution'] == "RedHat") | ternary('rhel/', 'centos/') }}$releasever/$basearch/
|
||||
@ -10,7 +10,7 @@
|
||||
mode: 0644
|
||||
when: ansible_facts['distribution'] != "Amazon"
|
||||
|
||||
- name: "(DEPRECATED) Add NGINX Unit Repository"
|
||||
- name: (DEPRECATED) Add NGINX Unit Repository
|
||||
yum_repository:
|
||||
name: unit
|
||||
baseurl: https://packages.nginx.org/unit/amzn{{ (ansible_facts['distribution_version'] == "2") | ternary('2', '') }}/$releasever/$basearch/
|
||||
|
Loading…
Reference in New Issue
Block a user