From 31beec2e7bddc4551bad68f4e23ebf971489212c Mon Sep 17 00:00:00 2001
From: Vladimir Botka <vbotka@gmail.com>
Date: Tue, 26 Nov 2019 14:15:55 +0100
Subject: [PATCH] NGINX Plus separate installation of Linux and FreeBSD (#193)

* Added variable nginx_plus_linux_families: ['Alpine', 'Debian', 'RedHat', 'Suse']
* Added variable nginx_plus_bsd_systems: ['FreeBSD']
* Added variable nginx_freebsd_extra_packages: ['security/ca_root_nss']
* Installation of Linux moved to install-plus-linux.yml
* Installation of FreeBSD moved to install-plus-bsd.yml
* Installation of nginx_freebsd_extra_packages moved to tasks/prerequisites/setup-freebsd.yml
* Installation of NGINX Plus tested with FreeBSD 12.0; Lint passed
---
 defaults/main.yml                             | 10 ++++++-
 tasks/plus/install-plus-bsd.yml               | 30 +++++++++++++++++++
 tasks/plus/install-plus-linux.yml             | 18 +++++++++++
 tasks/plus/install-plus.yml                   | 28 +++++------------
 tasks/plus/setup-freebsd.yml                  | 19 ------------
 tasks/prerequisites/install-prerequisites.yml |  7 ++++-
 tasks/prerequisites/setup-freebsd.yml         | 17 +++++++++++
 7 files changed, 88 insertions(+), 41 deletions(-)
 create mode 100644 tasks/plus/install-plus-bsd.yml
 create mode 100644 tasks/plus/install-plus-linux.yml
 delete mode 100644 tasks/plus/setup-freebsd.yml
 create mode 100644 tasks/prerequisites/setup-freebsd.yml

diff --git a/defaults/main.yml b/defaults/main.yml
index 263e499..34b85ad 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -10,9 +10,14 @@ nginx_start: true
 # Print NGINX configuration file to terminal after executing playbook.
 nginx_debug_output: false
 
-# Supported systems
+# Supported distributions
 nginx_linux_families: ['Alpine', 'Debian', 'RedHat', 'Suse']
 nginx_bsd_systems: ['FreeBSD', 'NetBSD', 'OpenBSD', 'DragonFlyBSD', 'HardenedBSD']
+# Supported distributions NGINX Plus
+# https://docs.nginx.com/nginx/technical-specs/
+# RedHat={Amazon,CentOS,OracleLinux,RHEL} Debian={Ubuntu,Debian}
+nginx_plus_linux_families: ['Alpine', 'Debian', 'RedHat', 'Suse']
+nginx_plus_bsd_systems: ['FreeBSD']
 
 # Specify which type of NGINX you want to install.
 # Options are 'opensource' or 'plus'.
@@ -80,6 +85,9 @@ nginx_modules:
   rtmp: false
   xslt: false
 
+# FreeBSD extra packages
+nginx_freebsd_extra_packages: ['security/ca_root_nss']
+
 # Install NGINX Amplify.
 # Use your NGINX Amplify API key.
 # Requires access to either the NGINX stub status or the NGINX Plus REST API.
diff --git a/tasks/plus/install-plus-bsd.yml b/tasks/plus/install-plus-bsd.yml
new file mode 100644
index 0000000..42ae2aa
--- /dev/null
+++ b/tasks/plus/install-plus-bsd.yml
@@ -0,0 +1,30 @@
+---
+- name: "(Install: FreeBSD)"
+  block:
+
+    - name: "(Install: FreeBSD) Add NGINX Plus Repository"
+      blockinfile:
+        path: /etc/pkg/nginx-plus.conf
+        create: yes
+        block: |
+          nginx-plus: {
+          URL: pkg+https://plus-pkgs.nginx.com/freebsd/${ABI}/latest
+          ENABLED: yes
+          MIRROR_TYPE: SRV
+          }
+
+    - name: "(Install: FreeBSD) Verify NGINX Plus License"
+      blockinfile:
+        path: /usr/local/etc/pkg.conf
+        block: |
+          PKG_ENV: { SSL_NO_VERIFY_PEER: "1",
+          SSL_CLIENT_CERT_FILE: "/etc/ssl/nginx/nginx-repo.crt",
+          SSL_CLIENT_KEY_FILE: "/etc/ssl/nginx/nginx-repo.key" }
+
+    - name: "(Install: FreeBSD) Install nginx-plus{{ nginx_version | default('') }}"
+      pkgng:
+        name: "nginx-plus{{ nginx_version | default('') }}"
+        state: present
+      notify: "(Handler: All OSs) Start NGINX"
+
+  when: ansible_system == "FreeBSD"
diff --git a/tasks/plus/install-plus-linux.yml b/tasks/plus/install-plus-linux.yml
new file mode 100644
index 0000000..2bca587
--- /dev/null
+++ b/tasks/plus/install-plus-linux.yml
@@ -0,0 +1,18 @@
+---
+- import_tasks: setup-debian.yml
+  when: ansible_os_family == "Debian"
+
+- import_tasks: setup-redhat.yml
+  when: ansible_os_family == "RedHat"
+
+- import_tasks: setup-suse.yml
+  when: ansible_os_family == "Suse"
+
+- import_tasks: setup-alpine.yml
+  when: ansible_os_family == "Alpine"
+
+- name: "(Install: Linux) Install NGINX Plus"
+  package:
+    name: "nginx-plus{{ nginx_version | default('') }}"
+    state: present
+  notify: "(Handler: All OSs) Start NGINX"
diff --git a/tasks/plus/install-plus.yml b/tasks/plus/install-plus.yml
index be74eb9..94152bd 100644
--- a/tasks/plus/install-plus.yml
+++ b/tasks/plus/install-plus.yml
@@ -1,23 +1,11 @@
 ---
-- import_tasks: setup-license.yml
+- name: "(Install: All OSs) Setup license"
+  import_tasks: setup-license.yml
 
-- import_tasks: setup-alpine.yml
-  when: ansible_os_family == "Alpine"
+- name: "(Install: Linux) Install NGINX Plus"
+  import_tasks: install-plus-linux.yml
+  when: ansible_os_family in nginx_plus_linux_families
 
-- import_tasks: setup-debian.yml
-  when: ansible_os_family == "Debian"
-
-- import_tasks: setup-freebsd.yml
-  when: ansible_os_family == "FreeBSD"
-
-- import_tasks: setup-redhat.yml
-  when: ansible_os_family == "RedHat"
-
-- import_tasks: setup-suse.yml
-  when: ansible_os_family == "Suse"
-
-- name: "(Install: All OSs) Install NGINX Plus"
-  package:
-    name: "nginx-plus{{ nginx_version | default('') }}"
-    state: present
-  notify: "(Handler: All OSs) Start NGINX"
+- name: "(Install: FreeBSD) Install NGINX Plus"
+  import_tasks: install-plus-bsd.yml
+  when: ansible_system in nginx_plus_bsd_systems
diff --git a/tasks/plus/setup-freebsd.yml b/tasks/plus/setup-freebsd.yml
deleted file mode 100644
index 6da3600..0000000
--- a/tasks/plus/setup-freebsd.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-- name: "(Install: FreeBSD) Add NGINX Plus Repository"
-  blockinfile:
-    path: /etc/pkg/nginx-plus.conf
-    create: yes
-    block: |
-      nginx-plus: {
-      URL: pkg+https://plus-pkgs.nginx.com/freebsd/${ABI}/latest
-      ENABLED: yes
-      MIRROR_TYPE: SRV
-      }
-
-- name: "(Install: FreeBSD) Verify NGINX Plus License"
-  blockinfile:
-    path: /usr/local/etc/pkg.conf
-    block: |
-      PKG_ENV: { SSL_NO_VERIFY_PEER: "1",
-      SSL_CLIENT_CERT_FILE: "/etc/ssl/nginx/nginx-repo.crt",
-      SSL_CLIENT_KEY_FILE: "/etc/ssl/nginx/nginx-repo.key" }
diff --git a/tasks/prerequisites/install-prerequisites.yml b/tasks/prerequisites/install-prerequisites.yml
index 82c8e49..90041c8 100644
--- a/tasks/prerequisites/install-prerequisites.yml
+++ b/tasks/prerequisites/install-prerequisites.yml
@@ -1,3 +1,8 @@
 ---
-- import_tasks: setup-debian.yml
+- name: "(Setup: Debian/Ubuntu) Install Prerequisites"
+  import_tasks: setup-debian.yml
   when: ansible_os_family == "Debian"
+
+- name: "(Setup: FreeBSD) Install Prerequisites"
+  import_tasks: setup-freebsd.yml
+  when: ansible_system == "FreeBSD"
diff --git a/tasks/prerequisites/setup-freebsd.yml b/tasks/prerequisites/setup-freebsd.yml
new file mode 100644
index 0000000..75918bc
--- /dev/null
+++ b/tasks/prerequisites/setup-freebsd.yml
@@ -0,0 +1,17 @@
+---
+- name: "(Install: FreeBSD) Install Required Dependencies"
+  block:
+
+    - name: "(Install: FreeBSD) Install Extra Package(s)"
+      pkgng:
+        name: "{{ nginx_freebsd_extra_packages }}"
+        state: present
+      when: nginx_bsd_install_packages|bool
+
+    - name: "(Install: FreeBSD) Install Extra Port(s)"
+      portinstall:
+        name: "{{ item }}"
+        use_packages: "{{ nginx_bsd_portinstall_use_packages | default(omit) }}"
+        state: present
+      loop: "{{ nginx_freebsd_extra_packages }}"
+      when: not nginx_bsd_install_packages|bool