Switch dictionaries to individual variables (#349)

This commit is contained in:
Alessandro Fael Garcia 2020-11-17 16:40:53 +01:00
parent a11e457816
commit 6645e0856a
No known key found for this signature in database
GPG Key ID: 7E5B134EEDC42A56
9 changed files with 33 additions and 35 deletions

View File

@ -1,5 +1,11 @@
# Changelog
## 0.18.1 (November 17, 2020)
ENHANCEMENTS:
Switch NGINX keysites and OSS default repository data from a dictionary to individual variables to prevent potential issues arisen from Jinja2 dictionary run-time evaluations.
## 0.18.0 (November 13, 2020)
BREAKING CHANGES:

View File

@ -3,7 +3,7 @@
block:
- name: (Alpine Linux) Set up NGINX signing key URL
set_fact:
keysite: "{{ nginx_signing_key | default(nginx_default_signing_key['rsa_pub']) }}"
keysite: "{{ nginx_signing_key | default(nginx_default_signing_key_rsa_pub) }}"
- name: (Alpine Linux) Download NGINX signing key
get_url:
@ -14,7 +14,7 @@
- name: (Debian/Red Hat/SLES OSs) Set up NGINX signing key URL
set_fact:
keysite: "{{ nginx_signing_key | default(nginx_default_signing_key['pgp']) }}"
keysite: "{{ nginx_signing_key | default(nginx_default_signing_key_pgp) }}"
when: ansible_facts['os_family'] != "Alpine"
- name: (Debian/Ubuntu) Add NGINX signing key

View File

@ -3,12 +3,12 @@
lineinfile:
path: /etc/apk/repositories
insertafter: EOF
line: "{{ repository }}"
line: "{{ nginx_repository | default(nginx_default_repository_alpine) }}"
- name: (Alpine Linux) Install NGINX
apk:
name: "nginx{{ nginx_version | default('') }}"
repository: "{{ repository }}"
repository: "{{ nginx_repository | default(nginx_default_repository_alpine) }}"
state: "{{ nginx_state }}"
update_cache: yes
ignore_errors: "{{ ansible_check_mode }}"

View File

@ -5,7 +5,7 @@
repo: "{{ item }}"
update_cache: yes
mode: 0644
loop: "{{ repository }}"
loop: "{{ nginx_repository | default(nginx_default_repository_debian) }}"
- name: (Debian/Ubuntu) Install NGINX
apt:

View File

@ -1,12 +1,6 @@
---
- name: Install NGINX in Linux systems
block:
- name: Install NGINX from repository
block:
- name: Set NGINX repository
set_fact:
repository: "{{ nginx_repository | default(nginx_default_repository[ansible_facts['os_family'] | lower]) }}"
- name: Install NGINX from repository
include_tasks: "{{ role_path }}/tasks/opensource/install-{{ ansible_facts['os_family'] | lower }}.yml"
when: nginx_install_from == "nginx_repository"

View File

@ -2,7 +2,7 @@
- name: (CentOS/RHEL 6/7) Configure NGINX repository
yum_repository:
name: nginx
baseurl: "{{ repository }}"
baseurl: "{{ nginx_repository | default(nginx_default_repository_redhat) }}"
description: NGINX Repository
enabled: yes
gpgcheck: yes
@ -15,7 +15,7 @@
create: yes
block: |
[nginx]
baseurl = {{ repository }}
baseurl = {{ nginx_repository | default(nginx_default_repository_redhat) }}
enabled = 1
gpgcheck = 1
name = NGINX Repository

View File

@ -2,7 +2,7 @@
- name: (SLES) Configure NGINX repository
zypper_repository:
name: "nginx-{{ nginx_branch }}"
repo: "{{ repository }}"
repo: "{{ nginx_repository | default(nginx_default_repository_suse) }}"
- name: (SLES) Install NGINX
zypper:

View File

@ -9,7 +9,7 @@
- name: (SLES) {{ nginx_license_status is defined | ternary('Remove', 'Configure') }} NGINX Plus repository
zypper_repository:
name: nginx-plus
repo: "{{ nginx_repository | default(nginx_plus_default_repository_sles) }}"
repo: "{{ nginx_repository | default(nginx_plus_default_repository_suse) }}"
state: "{{ nginx_license_status | default ('present') }}"
- name: (SLES) Install NGINX Plus

View File

@ -13,34 +13,32 @@ nginx_plus_distributions: [
]
# Default NGINX signing key
nginx_default_signing_key:
rsa_pub: https://nginx.org/keys/nginx_signing.rsa.pub
pgp: https://nginx.org/keys/nginx_signing.key
nginx_default_signing_key_rsa_pub: https://nginx.org/keys/nginx_signing.rsa.pub
nginx_default_signing_key_pgp: https://nginx.org/keys/nginx_signing.key
# Default NGINX Open Source repositories
nginx_default_repository:
alpine: "https://nginx.org/packages/{{ (nginx_branch == 'mainline')
| ternary('mainline/', '') }}alpine/v{{ ansible_facts['distribution_version'] | regex_search('^[0-9]+\\.[0-9]+') }}/main"
debian:
- "deb [arch=amd64] https://nginx.org/packages/{{ (nginx_branch == 'mainline')
| ternary('mainline/', '') }}{{ ansible_facts['distribution'] | lower }}/ {{ ansible_facts['distribution_release'] }} nginx"
- "deb-src https://nginx.org/packages/{{ (nginx_branch == 'mainline')
| ternary('mainline/', '') }}{{ ansible_facts['distribution'] | lower }}/ {{ ansible_facts['distribution_release'] }} nginx"
redhat: "https://nginx.org/packages/{{ (nginx_branch == 'mainline')
| ternary('mainline/', '') }}{{ (ansible_facts['distribution'] == 'CentOS')
| ternary('centos', 'rhel') }}/{{ ansible_facts['distribution_major_version'] }}/$basearch/"
suse: "https://nginx.org/packages/{{ (nginx_branch == 'mainline')
| ternary('mainline/', '') }}sles/{{ ansible_facts['distribution_major_version'] }}"
nginx_default_repository_alpine: "https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}\
alpine/v{{ ansible_facts['distribution_version'] | regex_search('^[0-9]+\\.[0-9]+') }}/main"
nginx_default_repository_debian:
- "deb [arch=amd64] https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}\
{{ ansible_facts['distribution'] | lower }}/ {{ ansible_facts['distribution_release'] }} nginx"
- "deb-src https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}\
{{ ansible_facts['distribution'] | lower }}/ {{ ansible_facts['distribution_release'] }} nginx"
nginx_default_repository_redhat: "https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}\
{{ (ansible_facts['distribution'] == 'CentOS') | ternary('centos', 'rhel') }}/\
{{ ansible_facts['distribution_major_version'] }}/$basearch/"
nginx_default_repository_suse: "https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}\
sles/{{ ansible_facts['distribution_major_version'] }}"
# Default NGINX Plus repositories
nginx_plus_default_repository_alpine: "https://plus-pkgs.nginx.com/alpine/v{{ ansible_facts['distribution_version'] | regex_search('^[0-9]+\\.[0-9]+') }}/main"
nginx_plus_default_repository_amazon: "https://plus-pkgs.nginx.com/amzn{{ (ansible_facts['distribution_major_version'] is version('2', '==')) | ternary('2', '') }}/$releasever/$basearch"
nginx_plus_default_repository_debian: "deb [arch=amd64] https://plus-pkgs.nginx.com/{{ ansible_facts['distribution'] | lower }} {{ ansible_facts['distribution_release'] }} nginx-plus"
nginx_plus_default_repository_freebsd: "https://plus-pkgs.nginx.com/freebsd/${ABI}/latest"
nginx_plus_default_repository_redhat: "https://plus-pkgs.nginx.com/{{ (ansible_facts['distribution'] == 'CentOS')
| ternary('centos', 'rhel') }}/{{ (ansible_facts['distribution_version'] is version('7.4', '>=')
nginx_plus_default_repository_redhat: "https://plus-pkgs.nginx.com/{{ (ansible_facts['distribution'] == 'CentOS') | ternary('centos', 'rhel') }}/\
{{ (ansible_facts['distribution_version'] is version('7.4', '>=')
and ansible_facts['distribution_version'] is version('8', '<')) | ternary('7.4', ansible_facts['distribution_major_version']) }}/$basearch/"
nginx_plus_default_repository_sles: "https://plus-pkgs.nginx.com/sles/{{ ansible_facts['distribution_major_version'] }}\
nginx_plus_default_repository_suse: "https://plus-pkgs.nginx.com/sles/{{ ansible_facts['distribution_major_version'] }}\
?ssl_clientcert=/etc/ssl/nginx/nginx-repo-bundle.crt&ssl_verify=peer"
# Alpine dependencies