Multiple changes

* Add option to enable REST API
* Add option to enable live dashboard
* Add option to install WAF module
* Load modules in nginx.conf
* Improve version check for RedHat distros

defaults/main.yml

@@ -7,12 +7,12 @@ type: opensource
 # Options are 'mainline' or 'stable'.
 # Default is stable.
 branch: mainline
-# Install nginscript module.
+# Install nginscript, perl and/or waf modules.
 # Default is false.
+modules:
   njs: false
-# Install Perl module.
-# Default is false.
   perl: false
+  waf: false
 # Install NGINX Amplify.
 # Use your NGINX Amplify API key.
 # Default is null.
@@ -21,6 +21,12 @@ amplify: null
 # Will enable 'stub_status' in open source NGINX and 'status' in NGINX Plus.
 # Default is false.
 status: false
+# Enable NGINX Plus REST API and dashboard.
+# Default is false.
+api:
+  enable: false
+  write: false
+  dashboard: false
 # Location of your NGINX Plus license in your local machine.
 # Default is the files folder within the NGINX Ansible role.
 license:

tasks/amplify/install-amplify.yml

@@ -1,5 +1,5 @@
 ---
-- import_tasks: ../conf/nginx-status.yml
+- import_tasks: ../conf/setup-status.yml
 
 - name: "(All OSs) Download NGINX Amplify Script"
   get_url:

tasks/conf/setup-api.yml

@@ -0,0 +1,6 @@
+---
+- name: "(All OSs) Setup NGINX Plus API"
+  template:
+    src: api.j2
+    dest: /etc/nginx/conf.d/api.conf
+  notify: "(All OSs) Reload NGINX"

tasks/conf/setup-status.yml

@@ -6,7 +6,6 @@
     block: |
       server {
           listen 127.0.0.1:80;
-        server_name 127.0.0.1;
           location /nginx_status {
               stub_status on;
               allow 127.0.0.1;
@@ -23,7 +22,6 @@
     block: |
       server {
           listen 127.0.0.1:80;
-        server_name 127.0.0.1;
           location /status {
               status;
               allow 127.0.0.1;

tasks/main.yml

@@ -11,8 +11,20 @@
 - import_tasks: plus/install-plus.yml
   when: type == "plus"
 
-- import_tasks: conf/nginx-status.yml
+- import_tasks: modules/install-njs.yml
+  when: modules.njs
+
+- import_tasks: modules/install-perl.yml
+  when: modules.perl
+
+- import_tasks: modules/install-waf.yml
+  when: modules.waf and type == "plus"
+
+- import_tasks: conf/setup-status.yml
   when: status
 
+- import_tasks: conf/setup-api.yml
+  when: api.enable and type == "plus"
+
 - import_tasks: amplify/install-amplify.yml
   when: amplify is defined and amplify

tasks/modules/install-njs.yml

@@ -0,0 +1,21 @@
+---
+- name: "(All OSs) Install NGINX NJS Module"
+  package:
+    name: nginx-module-njs
+    state: present
+  when: type == "opensource"
+
+- name: "(All OSs) Install NGINX NJS Module"
+  package:
+    name: nginx-plus-module-njs
+    state: present
+  when: type == "plus"
+
+- name: "(All OSs) Load NGINX NJS Module"
+  blockinfile:
+    path: /etc/nginx/nginx.conf
+    insertbefore: BOF
+    block: |
+      load_module modules/ngx_http_js_module.so;
+      load_module modules/ngx_stream_js_module.so;
+  notify: "(All OSs) Reload NGINX"

tasks/modules/install-perl.yml

@@ -0,0 +1,19 @@
+---
+- name: "(All OSs) Install NGINX Perl Module"
+  package:
+    name: nginx-module-perl
+    state: present
+  when: type == "opensource"
+
+- name: "(All OSs) Install NGINX Perl Module"
+  package:
+    name: nginx-plus-module-perl
+    state: present
+  when: type == "plus"
+
+- name: "(All OSs) Load NGINX Perl Module"
+  lineinfile:
+    path: /etc/nginx/nginx.conf
+    insertbefore: BOF
+    line: load_module modules/ngx_http_perl.so;
+  notify: "(All OSs) Reload NGINX"

tasks/modules/install-waf.yml

@@ -0,0 +1,13 @@
+---
+- name: "(All OSs) Install NGINX Plus WAF Module"
+  package:
+    name: nginx-plus-module-modsecurity
+    state: present
+  when: waf
+
+- name: "(All OSs) Load NGINX Plus WAF Module"
+  lineinfile:
+    path: /etc/nginx/nginx.conf
+    insertbefore: BOF
+    line: load_module modules/ngx_http_modsecurity_module.so;
+  notify: "(All OSs) Reload NGINX"

tasks/opensource/install-oss.yml

@@ -13,15 +13,3 @@
     name: nginx
     state: present
   notify: "(All OSs) Start NGINX"
-
-- name: "(All OSs) Install NGINX NJS Module"
-  package:
-    name: nginx-module-njs
-    state: present
-  when: njs
-
-- name: "(All OSs) Install NGINX Perl Module"
-  package:
-    name: nginx-module-perl
-    state: present
-  when: perl

tasks/plus/install-plus.yml

@@ -18,15 +18,3 @@
     name: nginx-plus
     state: present
   notify: "(All OSs) Start NGINX"
-
-- name: "(All OSs) Install NGINX NJS Module"
-  package:
-    name: nginx-plus-module-njs
-    state: present
-  when: njs
-
-- name: "(All OSs) Install NGINX Perl Module"
-  package:
-    name: nginx-plus-module-perl
-    state: present
-  when: perl

tasks/plus/setup-redhat.yml

@@ -7,12 +7,12 @@
 - name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
   set_fact:
     version: "7"
-  when: ansible_distribution_major_version|int >= 7 and ansible_distribution_major_version|int <= 7.3
+  when: ansible_distribution_major_version|float >= 7.0 and ansible_distribution_major_version|float <= 7.3
 
 - name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
   set_fact:
     version: "7.4"
-  when: ansible_distribution_major_version|int == 7.4
+  when: ansible_distribution_major_version|float == 7.4
 
 - name: "(CentOS/RedHat/Amazon Linux/Oracle Linux) Gather Distribution Version"
   set_fact:

templates/api.j2

@@ -0,0 +1,15 @@
+server {
+    listen 8080;
+    location /api {
+{% if api.write %}
+        api write=on;
+{% else %}
+        api;
+{% endif %}
+    }
+{% if api.dashboard %}
+    location = /dashboard.html {
+        root /usr/share/nginx/html;
+    }
+{% endif %}
+}