Refactor status templating (#288)
This commit is contained in:
parent
838e756ab8
commit
b7e25961d6
@ -6,6 +6,7 @@ BREAKING CHANGES:
|
||||
|
||||
* The Debian and Ubuntu repositories have slightly changed. You may run into some duplication issues when running the role on a preexisting target that already has had NGINX installed using the role. To fix this, manually remove the old repository source.
|
||||
* If you use `custom_options` you will now need to manually end each directive with a semicolon.
|
||||
* The `status` directive is no longer supported in NGINX Plus, and the `stub_status` directive has been reworked into a template.
|
||||
* The listen directive structure in the `stream` template has been updated to the listen directive structure found in the `http` template. You can now specify multiple `listen` directives in the same `server` block as well as include any extra `listen` options you might need.
|
||||
|
||||
Old configuration example
|
||||
|
@ -317,9 +317,12 @@ nginx_http_template:
|
||||
# Note - 'status' has been deprecated since NGINX Plus R13.
|
||||
# Default is false.
|
||||
nginx_status_enable: false
|
||||
nginx_status_location: /etc/nginx/conf.d/stub_status.conf
|
||||
nginx_status_port: 80
|
||||
nginx_status_template_file: http/status.conf.j2
|
||||
nginx_status_file_location: /etc/nginx/conf.d/status.conf
|
||||
nginx_status_log: false
|
||||
nginx_status_port: 80
|
||||
nginx_status_allow: 127.0.0.1
|
||||
nginx_status_deny: all
|
||||
|
||||
# Enable NGINX Plus REST API, write access to the REST API, and NGINX Plus dashboard.
|
||||
# Requires NGINX Plus.
|
||||
@ -327,10 +330,14 @@ nginx_status_log: false
|
||||
nginx_rest_api_enable: false
|
||||
nginx_rest_api_template_file: http/api.conf.j2
|
||||
nginx_rest_api_file_location: /etc/nginx/conf.d/api.conf
|
||||
nginx_rest_api_port: 80
|
||||
nginx_rest_api_log: false
|
||||
nginx_rest_api_port: 80
|
||||
nginx_rest_api_write: false
|
||||
nginx_rest_api_dashboard: false
|
||||
nginx_status_rest_api_allow: 127.0.0.1
|
||||
nginx_status_rest_api_deny: all
|
||||
nginx_status_rest_api_dashboard_allow: 127.0.0.1
|
||||
nginx_status_rest_api_dashboard_deny: all
|
||||
|
||||
# Enable creating dynamic templated NGINX stream configuration files.
|
||||
# Defaults will not produce a valid configuration. Instead they are meant to showcase
|
||||
|
@ -58,7 +58,6 @@
|
||||
stream_enable: true
|
||||
|
||||
nginx_status_enable: true
|
||||
nginx_status_location: /etc/nginx/conf.d/stub_status.conf
|
||||
nginx_status_port: 8080
|
||||
nginx_status_log: true
|
||||
|
||||
|
@ -1,34 +0,0 @@
|
||||
---
|
||||
- name: "(Setup: NGINX Open Source) Enable NGINX Open Source Status"
|
||||
blockinfile:
|
||||
path: "{{ nginx_status_location }}"
|
||||
create: yes
|
||||
block: |
|
||||
server {
|
||||
listen 127.0.0.1:{{ nginx_status_port | default('80') }};
|
||||
location /nginx_status {
|
||||
stub_status on;
|
||||
access_log {{ nginx_status_log | ternary("on", "off") }};
|
||||
allow 127.0.0.1;
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
when: nginx_type == "opensource"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: NGINX Plus) Enable NGINX Plus Status"
|
||||
blockinfile:
|
||||
path: "{{ nginx_status_location }}"
|
||||
create: yes
|
||||
block: |
|
||||
server {
|
||||
listen 127.0.0.1:{{ nginx_status_port | default('80') }};
|
||||
location /status {
|
||||
status;
|
||||
access_log {{ nginx_status_log | ternary("on", "off") }};
|
||||
allow 127.0.0.1;
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
when: nginx_type == "plus"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
@ -55,6 +55,14 @@
|
||||
when: nginx_http_template_enable | bool
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: All NGINX) Dynamically Generate NGINX Stub Status Configuration File"
|
||||
template:
|
||||
src: "{{ nginx_status_template_file | default('http/status.conf.j2') }}"
|
||||
dest: "{{ nginx_status_file_location | default('/etc/nginx/conf.d/status.conf') }}"
|
||||
backup: yes
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
when: nginx_status_enable | bool
|
||||
|
||||
- name: "(Setup: All NGINX) Dynamically Generate NGINX API Configuration File"
|
||||
template:
|
||||
src: "{{ nginx_rest_api_template_file | default('http/api.conf.j2') }}"
|
||||
|
@ -1,9 +1,9 @@
|
||||
---
|
||||
- name: "(Setup: Prerequisites)"
|
||||
- name: "(Setup: All OSs) Setup Prerequisites"
|
||||
include_tasks: "{{ role_path }}/tasks/prerequisites/setup-{{ ansible_os_family | lower }}.yml"
|
||||
tags: nginx_prerequisites
|
||||
|
||||
- name: "(Setup: Keys)"
|
||||
- name: "(Setup: All OSs) Setup Keys"
|
||||
import_tasks: keys/setup-keys.yml
|
||||
when:
|
||||
- ansible_os_family == "Alpine"
|
||||
@ -15,35 +15,43 @@
|
||||
or nginx_unit_enable
|
||||
tags: nginx_key
|
||||
|
||||
- name: "(Install: Debian/Ubuntu/CentOS/RedHat/FreeBSD) Install NGINX"
|
||||
- name: "(Install/Config: All OSs) Install and Configure NGINX"
|
||||
block:
|
||||
|
||||
- block:
|
||||
- include_tasks: "{{ role_path }}/tasks/opensource/install-oss.yml"
|
||||
- name: "(Install: All OSs) Install NGINX"
|
||||
block:
|
||||
- name: "(Install: All OSs) Install NGINX Open Source"
|
||||
include_tasks: "{{ role_path }}/tasks/opensource/install-oss.yml"
|
||||
when: nginx_type == "opensource"
|
||||
tags: nginx_install_oss
|
||||
|
||||
- include_tasks: "{{ role_path }}/tasks/plus/install-plus.yml"
|
||||
- name: "(Install: All OSs) Install NGINX Plus"
|
||||
include_tasks: "{{ role_path }}/tasks/plus/install-plus.yml"
|
||||
when: nginx_type == "plus"
|
||||
tags: nginx_install_plus
|
||||
|
||||
- include_tasks: "{{ role_path }}/tasks/modules/install-modules.yml"
|
||||
- name: "(Install: All OSs) Install NGINX Modules"
|
||||
include_tasks: "{{ role_path }}/tasks/modules/install-modules.yml"
|
||||
when: true in nginx_modules.values()
|
||||
tags: nginx_install_modules
|
||||
|
||||
- include_tasks: "{{ role_path }}/tasks/plus/delete-license.yml"
|
||||
- name: "(Install: All OSs) Delete NGINX Plus License"
|
||||
include_tasks: "{{ role_path }}/tasks/plus/delete-license.yml"
|
||||
when:
|
||||
- nginx_type == "plus"
|
||||
- nginx_delete_license
|
||||
tags: nginx_delete_license
|
||||
when: nginx_install | bool
|
||||
|
||||
- block:
|
||||
- include_tasks: "{{ role_path }}/tasks/conf/cleanup-config.yml"
|
||||
- name: "(Config: All OSs) Configure NGINX"
|
||||
block:
|
||||
- name: "(Config: All OSs) Cleanup NGINX Config"
|
||||
include_tasks: "{{ role_path }}/tasks/conf/cleanup-config.yml"
|
||||
when: nginx_cleanup_config | bool
|
||||
tags: nginx_cleanup_config
|
||||
|
||||
- include_tasks: "{{ role_path }}/tasks/conf/upload-config.yml"
|
||||
- name: "(Config: All OSs) Upload NGINX Config"
|
||||
include_tasks: "{{ role_path }}/tasks/conf/upload-config.yml"
|
||||
when: nginx_main_upload_enable
|
||||
or nginx_http_upload_enable
|
||||
or nginx_stream_upload_enable
|
||||
@ -51,37 +59,38 @@
|
||||
or nginx_ssl_upload_enable
|
||||
tags: nginx_upload_config
|
||||
|
||||
- include_tasks: "{{ role_path }}/tasks/conf/template-config.yml"
|
||||
- name: "(Config: All OSs) Create NGINX Config"
|
||||
include_tasks: "{{ role_path }}/tasks/conf/template-config.yml"
|
||||
when: nginx_main_template_enable
|
||||
or nginx_http_template_enable
|
||||
or nginx_stream_template_enable
|
||||
or nginx_rest_api_enable
|
||||
tags: nginx_template_config
|
||||
|
||||
- include_tasks: "{{ role_path }}/tasks/conf/setup-status.yml"
|
||||
when: nginx_status_enable | bool
|
||||
tags: nginx_setup_status
|
||||
when: nginx_configure | bool
|
||||
|
||||
- name: "(Config: All OSs) Ensure NGINX is Running"
|
||||
meta: flush_handlers
|
||||
|
||||
- include_tasks: "{{ role_path }}/tasks/conf/debug-output.yml"
|
||||
- name: "(Config: All OSs) Debug Output"
|
||||
include_tasks: "{{ role_path }}/tasks/conf/debug-output.yml"
|
||||
when: nginx_debug_output | bool
|
||||
tags: nginx_debug_output
|
||||
|
||||
- include_tasks: "{{ role_path }}/tasks/conf/logrotate.yml"
|
||||
- name: "(Config: All OSs): Configure Logrotate"
|
||||
include_tasks: "{{ role_path }}/tasks/conf/logrotate.yml"
|
||||
when: nginx_logrotate_conf_enable | bool
|
||||
tags: nginx_logrotate_config
|
||||
when: nginx_enable | bool
|
||||
|
||||
- include_tasks: "{{ role_path }}/tasks/amplify/install-amplify.yml"
|
||||
- name: "(Install: All OSs) Install NGINX Amplify"
|
||||
include_tasks: "{{ role_path }}/tasks/amplify/install-amplify.yml"
|
||||
when:
|
||||
- nginx_amplify_enable | bool
|
||||
- nginx_amplify_api_key is defined
|
||||
- nginx_amplify_api_key | length > 0
|
||||
tags: nginx_install_amplify
|
||||
|
||||
- include_tasks: "{{ role_path }}/tasks/unit/install-unit.yml"
|
||||
- name: "(Install: All OSs) Install NGINX Unit"
|
||||
include_tasks: "{{ role_path }}/tasks/unit/install-unit.yml"
|
||||
when: nginx_unit_enable | bool
|
||||
tags: nginx_install_unit
|
||||
|
@ -2,17 +2,29 @@
|
||||
|
||||
server {
|
||||
listen {{ nginx_rest_api_port | default('80') }};
|
||||
access_log {{ nginx_rest_api_log | ternary("on", "off") }};
|
||||
access_log {{ nginx_rest_api_log | ternary('on', 'off') }};
|
||||
location /api {
|
||||
{% if nginx_rest_api_write %}
|
||||
api write=on;
|
||||
{% else %}
|
||||
api;
|
||||
{% endif %}
|
||||
{% if nginx_status_rest_api_allow is defined %}
|
||||
allow {{ nginx_status_rest_api_allow }};
|
||||
{% endif %}
|
||||
{% if nginx_status_rest_api_deny is defined %}
|
||||
deny {{ nginx_status_rest_api_deny }};
|
||||
{% endif %}
|
||||
}
|
||||
{% if nginx_rest_api_dashboard %}
|
||||
location = /dashboard.html {
|
||||
root /usr/share/nginx/html;
|
||||
{% if nginx_status_rest_api_dashboard_allow is defined %}
|
||||
allow {{ nginx_status_rest_api_dashboard_allow }};
|
||||
{% endif %}
|
||||
{% if nginx_status_rest_api_dashboard_deny is defined %}
|
||||
deny {{ nginx_status_rest_api_dashboard_deny }};
|
||||
{% endif %}
|
||||
}
|
||||
{% endif %}
|
||||
}
|
||||
|
15
templates/http/status.conf.j2
Normal file
15
templates/http/status.conf.j2
Normal file
@ -0,0 +1,15 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
server {
|
||||
listen {{ nginx_status_port | default('80') }};
|
||||
access_log {{ nginx_status_log | ternary('on', 'off') }};
|
||||
location /nginx_status {
|
||||
stub_status on;
|
||||
{% if nginx_status_allow is defined %}
|
||||
allow {{ nginx_status_allow }};
|
||||
{% endif %}
|
||||
{% if nginx_status_deny is defined %}
|
||||
deny {{ nginx_status_deny }};
|
||||
{% endif %}
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user