diff --git a/README.md b/README.md index 442a456..f0c4d3a 100644 --- a/README.md +++ b/README.md @@ -321,7 +321,7 @@ nginx_main_template: # Enable creating dynamic templated NGINX HTTP configuration files. # Defaults will not produce a valid configuration. Instead they are meant to showcase # the options available for templating. Each key represents a new configuration file. -# Comment out load_balancer or web_server depending on whether you wish to create a web server +# Comment out reverse_proxy or web_server depending on whether you wish to create a web server # or load balancer configuration file. nginx_http_template_enable: false nginx_http_template: @@ -332,7 +332,7 @@ nginx_http_template: port: 8081 server_name: localhost error_page: /usr/share/nginx/html - redirect: false + https_redirect: false autoindex: false ssl: cert: ssl/default.crt @@ -345,11 +345,11 @@ nginx_http_template: html_file_name: index.html autoindex: false http_demo_conf: false - load_balancer: + reverse_proxy: locations: backend: location: / - proxy_pass: backend + proxy_pass: http://backend health_check_plus: false upstreams: upstream1: @@ -410,9 +410,6 @@ This is a sample playbook file for deploying the Ansible Galaxy NGINX role in a nginx_http_template_enable: true nginx_http_template: default: - template_file: http/default.conf.j2 - conf_file_name: default.conf - conf_file_location: /etc/nginx/conf.d/ port: 80 server_name: localhost error_page: /usr/share/nginx/html @@ -423,7 +420,6 @@ This is a sample playbook file for deploying the Ansible Galaxy NGINX role in a location: / html_file_location: /usr/share/nginx/html html_file_name: index.html - autoindex: false ``` This is a sample playbook file for deploying the Ansible Galaxy NGINX role in a localhost and installing the open source version of NGINX as a reverse proxy. @@ -437,39 +433,40 @@ This is a sample playbook file for deploying the Ansible Galaxy NGINX role in a vars: nginx_http_template_enable: true nginx_http_template: - load_balancer: - locations: - frontend: - location: / - proxy_pass: frontend_servers - backend: - location: /backend - proxy_pass: backend_servers - upstreams: - upstream_1: - name: frontend_servers - lb_method: least_conn - zone_name: frontend - zone_size: 64k - sticky_cookie: false - servers: - frontend_server_1: - address: localhost - port: 80 - weight: 1 - health_check: max_fails=3 fail_timeout=5s - upstream_2: - name: backend_servers - lb_method: least_conn - zone_name: backend - zone_size: 64k - sticky_cookie: false - servers: - backend_server_1: - address: localhost - port: 8080 - weight: 1 - health_check: max_fails=3 fail_timeout=5s + default: + reverse_proxy: + locations: + frontend: + location: / + proxy_pass: http://frontend_servers + backend: + location: /backend + proxy_pass: http://backend_servers + upstreams: + upstream_1: + name: frontend_servers + lb_method: least_conn + zone_name: frontend + zone_size: 64k + sticky_cookie: false + servers: + frontend_server_1: + address: localhost + port: 80 + weight: 1 + health_check: max_fails=3 fail_timeout=5s + upstream_2: + name: backend_servers + lb_method: least_conn + zone_name: backend + zone_size: 64k + sticky_cookie: false + servers: + backend_server_1: + address: localhost + port: 8080 + weight: 1 + health_check: max_fails=3 fail_timeout=5s ``` diff --git a/defaults/main.yml b/defaults/main.yml index 122adf0..2655aad 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -102,15 +102,15 @@ nginx_rest_api_dashboard: false # Upload the main NGINX configuration file. nginx_main_upload_enable: false nginx_main_upload_src: conf/nginx.conf -nginx_main_upload_dest: /etc/nginx +nginx_main_upload_dest: /etc/nginx/nginx.conf # Upload HTTP NGINX configuration files. nginx_http_upload_enable: false nginx_http_upload_src: conf/http/*.conf -nginx_http_upload_dest: /etc/nginx/conf.d +nginx_http_upload_dest: /etc/nginx/conf.d/*.conf # Upload Stream NGINX configuration files. nginx_stream_upload_enable: false nginx_stream_upload_src: conf/stream/*.conf -nginx_stream_upload_dest: /etc/nginx/conf.d +nginx_stream_upload_dest: /etc/nginx/conf.d/*.conf # Upload HTML files. nginx_html_upload_enable: false nginx_html_upload_src: www/* @@ -118,9 +118,9 @@ nginx_html_upload_dest: /usr/share/nginx/html # Upload SSL certificates and keys. nginx_ssl_upload_enable: false nginx_ssl_crt_upload_src: ssl/*.crt -nginx_ssl_crt_upload_dest: /etc/ssl/certs/ +nginx_ssl_crt_upload_dest: /etc/ssl/certs/*.crt nginx_ssl_key_upload_src: ssl/*.key -nginx_ssl_key_upload_dest: /etc/ssl/private/ +nginx_ssl_key_upload_dest: /etc/ssl/private/*.key # Enable creating dynamic templated NGINX HTML demo websites. nginx_html_demo_template_enable: false @@ -165,11 +165,11 @@ nginx_http_template: port: 8081 server_name: localhost error_page: /usr/share/nginx/html - redirect: false + https_redirect: false autoindex: false ssl: - cert: ssl/default.crt - key: ssl/default.key + cert: /etc/ssl/certs/default.crt + key: /etc/ssl/private/default.key web_server: locations: default: @@ -178,11 +178,11 @@ nginx_http_template: html_file_name: index.html autoindex: false http_demo_conf: false - load_balancer: + reverse_proxy: locations: backend: location: / - proxy_pass: backend + proxy_pass: http://backend health_check_plus: false upstreams: upstream1: diff --git a/templates/http/default.conf.j2 b/templates/http/default.conf.j2 index b40a328..84cb4f5 100644 --- a/templates/http/default.conf.j2 +++ b/templates/http/default.conf.j2 @@ -18,9 +18,9 @@ upstream {{ item.value.upstreams[upstream].name }} { server { {% if item.value.ssl is defined %} - listen 443 ssl; - ssl_certificate {{ nginx_ssl_crt_upload_dest }}/{{ item.value.ssl.cert }}; - ssl_certificate_key {{ nginx_ssl_key_upload_dest }}/{{ item.value.ssl.key }}; + listen {{ item.value.port }} ssl; + ssl_certificate {{ item.value.ssl.cert }}; + ssl_certificate_key {{ item.value.ssl.key }}; {% else %} listen {{ item.value.port }}; {% endif %} @@ -28,14 +28,14 @@ server { {% if item.value.autoindex is defined and item.value.autoindex %} autoindex on; {% endif %} -{% if item.value.redirect is defined and item.value.redirect %} +{% if item.value.https_redirect is defined and item.value.https_redirect %} return 301 https://{{ item.value.server_name }}$request_uri; {% endif%} -{% if item.value.load_balancer is defined %} -{% for location in item.value.load_balancer.locations %} - location {{ item.value.load_balancer.locations[location].location }} { - proxy_pass http://{{ item.value.load_balancer.locations[location].proxy_pass }}; -{% if item.value.load_balancer.health_check_plus is defined and item.value.load_balancer.health_check_plus %} +{% if item.value.reverse_proxy is defined %} +{% for location in item.value.reverse_proxy.locations %} + location {{ item.value.reverse_proxy.locations[location].location }} { + proxy_pass {{ item.value.reverse_proxy.locations[location].proxy_pass }}; +{% if item.value.reverse_proxy.health_check_plus is defined and item.value.reverse_proxy.health_check_plus %} health_check; {% endif %} proxy_set_header Host $host;