Switch dictionaries to individual variables (#349)

This commit is contained in:
Alessandro Fael Garcia 2020-11-17 16:40:53 +01:00
parent a11e457816
commit 6645e0856a
No known key found for this signature in database
GPG Key ID: 7E5B134EEDC42A56
9 changed files with 33 additions and 35 deletions

View File

@ -1,5 +1,11 @@
# Changelog # Changelog
## 0.18.1 (November 17, 2020)
ENHANCEMENTS:
Switch NGINX keysites and OSS default repository data from a dictionary to individual variables to prevent potential issues arisen from Jinja2 dictionary run-time evaluations.
## 0.18.0 (November 13, 2020) ## 0.18.0 (November 13, 2020)
BREAKING CHANGES: BREAKING CHANGES:

View File

@ -3,7 +3,7 @@
block: block:
- name: (Alpine Linux) Set up NGINX signing key URL - name: (Alpine Linux) Set up NGINX signing key URL
set_fact: set_fact:
keysite: "{{ nginx_signing_key | default(nginx_default_signing_key['rsa_pub']) }}" keysite: "{{ nginx_signing_key | default(nginx_default_signing_key_rsa_pub) }}"
- name: (Alpine Linux) Download NGINX signing key - name: (Alpine Linux) Download NGINX signing key
get_url: get_url:
@ -14,7 +14,7 @@
- name: (Debian/Red Hat/SLES OSs) Set up NGINX signing key URL - name: (Debian/Red Hat/SLES OSs) Set up NGINX signing key URL
set_fact: set_fact:
keysite: "{{ nginx_signing_key | default(nginx_default_signing_key['pgp']) }}" keysite: "{{ nginx_signing_key | default(nginx_default_signing_key_pgp) }}"
when: ansible_facts['os_family'] != "Alpine" when: ansible_facts['os_family'] != "Alpine"
- name: (Debian/Ubuntu) Add NGINX signing key - name: (Debian/Ubuntu) Add NGINX signing key

View File

@ -3,12 +3,12 @@
lineinfile: lineinfile:
path: /etc/apk/repositories path: /etc/apk/repositories
insertafter: EOF insertafter: EOF
line: "{{ repository }}" line: "{{ nginx_repository | default(nginx_default_repository_alpine) }}"
- name: (Alpine Linux) Install NGINX - name: (Alpine Linux) Install NGINX
apk: apk:
name: "nginx{{ nginx_version | default('') }}" name: "nginx{{ nginx_version | default('') }}"
repository: "{{ repository }}" repository: "{{ nginx_repository | default(nginx_default_repository_alpine) }}"
state: "{{ nginx_state }}" state: "{{ nginx_state }}"
update_cache: yes update_cache: yes
ignore_errors: "{{ ansible_check_mode }}" ignore_errors: "{{ ansible_check_mode }}"

View File

@ -5,7 +5,7 @@
repo: "{{ item }}" repo: "{{ item }}"
update_cache: yes update_cache: yes
mode: 0644 mode: 0644
loop: "{{ repository }}" loop: "{{ nginx_repository | default(nginx_default_repository_debian) }}"
- name: (Debian/Ubuntu) Install NGINX - name: (Debian/Ubuntu) Install NGINX
apt: apt:

View File

@ -1,12 +1,6 @@
--- ---
- name: Install NGINX in Linux systems - name: Install NGINX in Linux systems
block: block:
- name: Install NGINX from repository
block:
- name: Set NGINX repository
set_fact:
repository: "{{ nginx_repository | default(nginx_default_repository[ansible_facts['os_family'] | lower]) }}"
- name: Install NGINX from repository - name: Install NGINX from repository
include_tasks: "{{ role_path }}/tasks/opensource/install-{{ ansible_facts['os_family'] | lower }}.yml" include_tasks: "{{ role_path }}/tasks/opensource/install-{{ ansible_facts['os_family'] | lower }}.yml"
when: nginx_install_from == "nginx_repository" when: nginx_install_from == "nginx_repository"

View File

@ -2,7 +2,7 @@
- name: (CentOS/RHEL 6/7) Configure NGINX repository - name: (CentOS/RHEL 6/7) Configure NGINX repository
yum_repository: yum_repository:
name: nginx name: nginx
baseurl: "{{ repository }}" baseurl: "{{ nginx_repository | default(nginx_default_repository_redhat) }}"
description: NGINX Repository description: NGINX Repository
enabled: yes enabled: yes
gpgcheck: yes gpgcheck: yes
@ -15,7 +15,7 @@
create: yes create: yes
block: | block: |
[nginx] [nginx]
baseurl = {{ repository }} baseurl = {{ nginx_repository | default(nginx_default_repository_redhat) }}
enabled = 1 enabled = 1
gpgcheck = 1 gpgcheck = 1
name = NGINX Repository name = NGINX Repository

View File

@ -2,7 +2,7 @@
- name: (SLES) Configure NGINX repository - name: (SLES) Configure NGINX repository
zypper_repository: zypper_repository:
name: "nginx-{{ nginx_branch }}" name: "nginx-{{ nginx_branch }}"
repo: "{{ repository }}" repo: "{{ nginx_repository | default(nginx_default_repository_suse) }}"
- name: (SLES) Install NGINX - name: (SLES) Install NGINX
zypper: zypper:

View File

@ -9,7 +9,7 @@
- name: (SLES) {{ nginx_license_status is defined | ternary('Remove', 'Configure') }} NGINX Plus repository - name: (SLES) {{ nginx_license_status is defined | ternary('Remove', 'Configure') }} NGINX Plus repository
zypper_repository: zypper_repository:
name: nginx-plus name: nginx-plus
repo: "{{ nginx_repository | default(nginx_plus_default_repository_sles) }}" repo: "{{ nginx_repository | default(nginx_plus_default_repository_suse) }}"
state: "{{ nginx_license_status | default ('present') }}" state: "{{ nginx_license_status | default ('present') }}"
- name: (SLES) Install NGINX Plus - name: (SLES) Install NGINX Plus

View File

@ -13,34 +13,32 @@ nginx_plus_distributions: [
] ]
# Default NGINX signing key # Default NGINX signing key
nginx_default_signing_key: nginx_default_signing_key_rsa_pub: https://nginx.org/keys/nginx_signing.rsa.pub
rsa_pub: https://nginx.org/keys/nginx_signing.rsa.pub nginx_default_signing_key_pgp: https://nginx.org/keys/nginx_signing.key
pgp: https://nginx.org/keys/nginx_signing.key
# Default NGINX Open Source repositories # Default NGINX Open Source repositories
nginx_default_repository: nginx_default_repository_alpine: "https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}\
alpine: "https://nginx.org/packages/{{ (nginx_branch == 'mainline') alpine/v{{ ansible_facts['distribution_version'] | regex_search('^[0-9]+\\.[0-9]+') }}/main"
| ternary('mainline/', '') }}alpine/v{{ ansible_facts['distribution_version'] | regex_search('^[0-9]+\\.[0-9]+') }}/main" nginx_default_repository_debian:
debian: - "deb [arch=amd64] https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}\
- "deb [arch=amd64] https://nginx.org/packages/{{ (nginx_branch == 'mainline') {{ ansible_facts['distribution'] | lower }}/ {{ ansible_facts['distribution_release'] }} nginx"
| ternary('mainline/', '') }}{{ ansible_facts['distribution'] | lower }}/ {{ ansible_facts['distribution_release'] }} nginx" - "deb-src https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}\
- "deb-src https://nginx.org/packages/{{ (nginx_branch == 'mainline') {{ ansible_facts['distribution'] | lower }}/ {{ ansible_facts['distribution_release'] }} nginx"
| ternary('mainline/', '') }}{{ ansible_facts['distribution'] | lower }}/ {{ ansible_facts['distribution_release'] }} nginx" nginx_default_repository_redhat: "https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}\
redhat: "https://nginx.org/packages/{{ (nginx_branch == 'mainline') {{ (ansible_facts['distribution'] == 'CentOS') | ternary('centos', 'rhel') }}/\
| ternary('mainline/', '') }}{{ (ansible_facts['distribution'] == 'CentOS') {{ ansible_facts['distribution_major_version'] }}/$basearch/"
| ternary('centos', 'rhel') }}/{{ ansible_facts['distribution_major_version'] }}/$basearch/" nginx_default_repository_suse: "https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}\
suse: "https://nginx.org/packages/{{ (nginx_branch == 'mainline') sles/{{ ansible_facts['distribution_major_version'] }}"
| ternary('mainline/', '') }}sles/{{ ansible_facts['distribution_major_version'] }}"
# Default NGINX Plus repositories # Default NGINX Plus repositories
nginx_plus_default_repository_alpine: "https://plus-pkgs.nginx.com/alpine/v{{ ansible_facts['distribution_version'] | regex_search('^[0-9]+\\.[0-9]+') }}/main" nginx_plus_default_repository_alpine: "https://plus-pkgs.nginx.com/alpine/v{{ ansible_facts['distribution_version'] | regex_search('^[0-9]+\\.[0-9]+') }}/main"
nginx_plus_default_repository_amazon: "https://plus-pkgs.nginx.com/amzn{{ (ansible_facts['distribution_major_version'] is version('2', '==')) | ternary('2', '') }}/$releasever/$basearch" nginx_plus_default_repository_amazon: "https://plus-pkgs.nginx.com/amzn{{ (ansible_facts['distribution_major_version'] is version('2', '==')) | ternary('2', '') }}/$releasever/$basearch"
nginx_plus_default_repository_debian: "deb [arch=amd64] https://plus-pkgs.nginx.com/{{ ansible_facts['distribution'] | lower }} {{ ansible_facts['distribution_release'] }} nginx-plus" nginx_plus_default_repository_debian: "deb [arch=amd64] https://plus-pkgs.nginx.com/{{ ansible_facts['distribution'] | lower }} {{ ansible_facts['distribution_release'] }} nginx-plus"
nginx_plus_default_repository_freebsd: "https://plus-pkgs.nginx.com/freebsd/${ABI}/latest" nginx_plus_default_repository_freebsd: "https://plus-pkgs.nginx.com/freebsd/${ABI}/latest"
nginx_plus_default_repository_redhat: "https://plus-pkgs.nginx.com/{{ (ansible_facts['distribution'] == 'CentOS') nginx_plus_default_repository_redhat: "https://plus-pkgs.nginx.com/{{ (ansible_facts['distribution'] == 'CentOS') | ternary('centos', 'rhel') }}/\
| ternary('centos', 'rhel') }}/{{ (ansible_facts['distribution_version'] is version('7.4', '>=') {{ (ansible_facts['distribution_version'] is version('7.4', '>=')
and ansible_facts['distribution_version'] is version('8', '<')) | ternary('7.4', ansible_facts['distribution_major_version']) }}/$basearch/" and ansible_facts['distribution_version'] is version('8', '<')) | ternary('7.4', ansible_facts['distribution_major_version']) }}/$basearch/"
nginx_plus_default_repository_sles: "https://plus-pkgs.nginx.com/sles/{{ ansible_facts['distribution_major_version'] }}\ nginx_plus_default_repository_suse: "https://plus-pkgs.nginx.com/sles/{{ ansible_facts['distribution_major_version'] }}\
?ssl_clientcert=/etc/ssl/nginx/nginx-repo-bundle.crt&ssl_verify=peer" ?ssl_clientcert=/etc/ssl/nginx/nginx-repo-bundle.crt&ssl_verify=peer"
# Alpine dependencies # Alpine dependencies