Multiple changes
* Add option to enable REST API * Add option to enable live dashboard * Add option to install WAF module * Load modules in nginx.conf * Improve version check for RedHat distros
This commit is contained in:
parent
0e40a9e00f
commit
78a7e3efeb
@ -7,12 +7,12 @@ type: opensource
|
||||
# Options are 'mainline' or 'stable'.
|
||||
# Default is stable.
|
||||
branch: mainline
|
||||
# Install nginscript module.
|
||||
# Install nginscript, perl and/or waf modules.
|
||||
# Default is false.
|
||||
njs: false
|
||||
# Install Perl module.
|
||||
# Default is false.
|
||||
perl: false
|
||||
modules:
|
||||
njs: false
|
||||
perl: false
|
||||
waf: false
|
||||
# Install NGINX Amplify.
|
||||
# Use your NGINX Amplify API key.
|
||||
# Default is null.
|
||||
@ -21,6 +21,12 @@ amplify: null
|
||||
# Will enable 'stub_status' in open source NGINX and 'status' in NGINX Plus.
|
||||
# Default is false.
|
||||
status: false
|
||||
# Enable NGINX Plus REST API and dashboard.
|
||||
# Default is false.
|
||||
api:
|
||||
enable: false
|
||||
write: false
|
||||
dashboard: false
|
||||
# Location of your NGINX Plus license in your local machine.
|
||||
# Default is the files folder within the NGINX Ansible role.
|
||||
license:
|
||||
|
@ -1,5 +1,5 @@
|
||||
---
|
||||
- import_tasks: ../conf/nginx-status.yml
|
||||
- import_tasks: ../conf/setup-status.yml
|
||||
|
||||
- name: "(All OSs) Download NGINX Amplify Script"
|
||||
get_url:
|
||||
|
6
tasks/conf/setup-api.yml
Normal file
6
tasks/conf/setup-api.yml
Normal file
@ -0,0 +1,6 @@
|
||||
---
|
||||
- name: "(All OSs) Setup NGINX Plus API"
|
||||
template:
|
||||
src: api.j2
|
||||
dest: /etc/nginx/conf.d/api.conf
|
||||
notify: "(All OSs) Reload NGINX"
|
@ -5,13 +5,12 @@
|
||||
create: yes
|
||||
block: |
|
||||
server {
|
||||
listen 127.0.0.1:80;
|
||||
server_name 127.0.0.1;
|
||||
location /nginx_status {
|
||||
stub_status on;
|
||||
allow 127.0.0.1;
|
||||
deny all;
|
||||
}
|
||||
listen 127.0.0.1:80;
|
||||
location /nginx_status {
|
||||
stub_status on;
|
||||
allow 127.0.0.1;
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
when: type == "opensource"
|
||||
notify: "(All OSs) Reload NGINX"
|
||||
@ -22,13 +21,12 @@
|
||||
create: yes
|
||||
block: |
|
||||
server {
|
||||
listen 127.0.0.1:80;
|
||||
server_name 127.0.0.1;
|
||||
location /status {
|
||||
status;
|
||||
allow 127.0.0.1;
|
||||
deny all;
|
||||
}
|
||||
listen 127.0.0.1:80;
|
||||
location /status {
|
||||
status;
|
||||
allow 127.0.0.1;
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
when: type == "plus"
|
||||
notify: "(All OSs) Reload NGINX"
|
@ -11,8 +11,20 @@
|
||||
- import_tasks: plus/install-plus.yml
|
||||
when: type == "plus"
|
||||
|
||||
- import_tasks: conf/nginx-status.yml
|
||||
- import_tasks: modules/install-njs.yml
|
||||
when: modules.njs
|
||||
|
||||
- import_tasks: modules/install-perl.yml
|
||||
when: modules.perl
|
||||
|
||||
- import_tasks: modules/install-waf.yml
|
||||
when: modules.waf and type == "plus"
|
||||
|
||||
- import_tasks: conf/setup-status.yml
|
||||
when: status
|
||||
|
||||
- import_tasks: conf/setup-api.yml
|
||||
when: api.enable and type == "plus"
|
||||
|
||||
- import_tasks: amplify/install-amplify.yml
|
||||
when: amplify is defined and amplify
|
||||
|
21
tasks/modules/install-njs.yml
Normal file
21
tasks/modules/install-njs.yml
Normal file
@ -0,0 +1,21 @@
|
||||
---
|
||||
- name: "(All OSs) Install NGINX NJS Module"
|
||||
package:
|
||||
name: nginx-module-njs
|
||||
state: present
|
||||
when: type == "opensource"
|
||||
|
||||
- name: "(All OSs) Install NGINX NJS Module"
|
||||
package:
|
||||
name: nginx-plus-module-njs
|
||||
state: present
|
||||
when: type == "plus"
|
||||
|
||||
- name: "(All OSs) Load NGINX NJS Module"
|
||||
blockinfile:
|
||||
path: /etc/nginx/nginx.conf
|
||||
insertbefore: BOF
|
||||
block: |
|
||||
load_module modules/ngx_http_js_module.so;
|
||||
load_module modules/ngx_stream_js_module.so;
|
||||
notify: "(All OSs) Reload NGINX"
|
19
tasks/modules/install-perl.yml
Normal file
19
tasks/modules/install-perl.yml
Normal file
@ -0,0 +1,19 @@
|
||||
---
|
||||
- name: "(All OSs) Install NGINX Perl Module"
|
||||
package:
|
||||
name: nginx-module-perl
|
||||
state: present
|
||||
when: type == "opensource"
|
||||
|
||||
- name: "(All OSs) Install NGINX Perl Module"
|
||||
package:
|
||||
name: nginx-plus-module-perl
|
||||
state: present
|
||||
when: type == "plus"
|
||||
|
||||
- name: "(All OSs) Load NGINX Perl Module"
|
||||
lineinfile:
|
||||
path: /etc/nginx/nginx.conf
|
||||
insertbefore: BOF
|
||||
line: load_module modules/ngx_http_perl.so;
|
||||
notify: "(All OSs) Reload NGINX"
|
13
tasks/modules/install-waf.yml
Normal file
13
tasks/modules/install-waf.yml
Normal file
@ -0,0 +1,13 @@
|
||||
---
|
||||
- name: "(All OSs) Install NGINX Plus WAF Module"
|
||||
package:
|
||||
name: nginx-plus-module-modsecurity
|
||||
state: present
|
||||
when: waf
|
||||
|
||||
- name: "(All OSs) Load NGINX Plus WAF Module"
|
||||
lineinfile:
|
||||
path: /etc/nginx/nginx.conf
|
||||
insertbefore: BOF
|
||||
line: load_module modules/ngx_http_modsecurity_module.so;
|
||||
notify: "(All OSs) Reload NGINX"
|
@ -13,15 +13,3 @@
|
||||
name: nginx
|
||||
state: present
|
||||
notify: "(All OSs) Start NGINX"
|
||||
|
||||
- name: "(All OSs) Install NGINX NJS Module"
|
||||
package:
|
||||
name: nginx-module-njs
|
||||
state: present
|
||||
when: njs
|
||||
|
||||
- name: "(All OSs) Install NGINX Perl Module"
|
||||
package:
|
||||
name: nginx-module-perl
|
||||
state: present
|
||||
when: perl
|
||||
|
@ -18,15 +18,3 @@
|
||||
name: nginx-plus
|
||||
state: present
|
||||
notify: "(All OSs) Start NGINX"
|
||||
|
||||
- name: "(All OSs) Install NGINX NJS Module"
|
||||
package:
|
||||
name: nginx-plus-module-njs
|
||||
state: present
|
||||
when: njs
|
||||
|
||||
- name: "(All OSs) Install NGINX Perl Module"
|
||||
package:
|
||||
name: nginx-plus-module-perl
|
||||
state: present
|
||||
when: perl
|
||||
|
@ -7,12 +7,12 @@
|
||||
- name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
|
||||
set_fact:
|
||||
version: "7"
|
||||
when: ansible_distribution_major_version|int >= 7 and ansible_distribution_major_version|int <= 7.3
|
||||
when: ansible_distribution_major_version|float >= 7.0 and ansible_distribution_major_version|float <= 7.3
|
||||
|
||||
- name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
|
||||
set_fact:
|
||||
version: "7.4"
|
||||
when: ansible_distribution_major_version|int == 7.4
|
||||
when: ansible_distribution_major_version|float == 7.4
|
||||
|
||||
- name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
|
||||
set_fact:
|
||||
|
15
templates/api.j2
Normal file
15
templates/api.j2
Normal file
@ -0,0 +1,15 @@
|
||||
server {
|
||||
listen 8080;
|
||||
location /api {
|
||||
{% if api.write %}
|
||||
api write=on;
|
||||
{% else %}
|
||||
api;
|
||||
{% endif %}
|
||||
}
|
||||
{% if api.dashboard %}
|
||||
location = /dashboard.html {
|
||||
root /usr/share/nginx/html;
|
||||
}
|
||||
{% endif %}
|
||||
}
|
Loading…
Reference in New Issue
Block a user