Update Ansible to 2.9.12 and explicitly set mode on relevant tasks (#309)

*   Explicitly define `mode` in relevant tasks.
*   Explicitly define the `nginx` `apt_repository` filename in Debian based distros.
*   Building OpenSSL from source should now work properly in CentOS 8.
This commit is contained in:
Alessandro Fael Garcia 2020-08-28 10:30:23 +02:00 committed by GitHub
parent 79ddc30a3a
commit bf2916fc55
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
30 changed files with 172 additions and 93 deletions

View File

@ -57,15 +57,17 @@ jobs:
- name: "(CentOS) Install from Source" - name: "(CentOS) Install from Source"
env: env:
scenario: source_centos scenario: source_centos
before_install: sudo apt-get -qq update before_install:
- curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
- sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
- sudo apt-get update
- sudo apt-get -y -o Dpkg::Options::="--force-confnew" install docker-ce
install: install:
- pip install ansible==2.9.11 - pip install ansible==2.9.12
- pip install molecule==3.0.6 - pip install ansible-lint==4.3.2
- pip install docker==4.2.2 - pip install molecule==3.0.8
- pip install ansible-lint==4.2.0 - pip install docker==4.3.1
script: script:
- molecule --version
- ansible --version
- travis_wait 50 molecule test -s $scenario - travis_wait 50 molecule test -s $scenario
notifications: notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/ webhooks: https://galaxy.ansible.com/api/v1/notifications/

View File

@ -1,5 +1,25 @@
# Changelog # Changelog
## 0.16.0 (August 28, 2020)
BREAKING CHANGES:
* The Debian and Ubuntu repositories have slightly changed. You may run into some duplication issues when running the role on a preexisting target that already has had NGINX installed using the role. To fix this, manually remove the old repository source.
ENHANCEMENTS:
* Update Ansible to `2.9.12` and Ansible Lint to `4.3.2`.
* Explicitly define `mode` in relevant tasks.
* Explicitly define the `nginx` `apt_repository` filename in Debian based distros.
FEATURES:
* TravisCI now always uses the latest version of Docker.
BUG FIXES:
* Building OpenSSL from source should now work properly in CentOS 8.
## 0.15.0 (August 20, 2020) ## 0.15.0 (August 20, 2020)
DEPRECATION WARNING: DEPRECATION WARNING:

View File

@ -9,8 +9,9 @@ This role installs NGINX Open Source, NGINX Plus, the NGINX Amplify agent, or NG
**Note:** This role is still in active development. There may be unidentified issues and the role variables may change as development continues. **Note:** This role is still in active development. There may be unidentified issues and the role variables may change as development continues.
**Deprecation Warnings:** **Deprecation Warnings:**
* There now is a separate role to manage and create NGINX configurations available [here](https://github.com/nginxinc/ansible-role-nginx-config). Any new issues or PRs related to configuring NGINX should be submitted in the new NGINX Config repository. New issues or PRs related to configuring NGINX submitted in this repository will not be worked on. The NGINX configuration functionalities included in this role will be removed in an upcoming release.
* NGINX Unit now has a separate role available [here](https://github.com/nginxinc/ansible-role-nginx-unit). Any new issues or PRs related to NGINX Unit should be submitted in the new NGINX Unit repository. New issues or PRs related to NGINX Unit submitted in this repository will not be worked on. The NGINX Unit functionalities included in this role will be removed in an upcoming release. * There now is a separate role to manage and create NGINX configurations available [here](https://github.com/nginxinc/ansible-role-nginx-config). Any new issues or PRs related to configuring NGINX should be submitted in the new NGINX Config repository. New issues or PRs related to configuring NGINX submitted in this repository will not be worked on (with the exception of major bugfixes). The NGINX configuration functionalities included in this role will be removed in an upcoming release.
* NGINX Unit now has a separate role available [here](https://github.com/nginxinc/ansible-role-nginx-unit). Any new issues or PRs related to NGINX Unit should be submitted in the new NGINX Unit repository. New issues or PRs related to NGINX Unit submitted in this repository will not be worked on (with the exception of major bugfixes). The NGINX Unit functionalities included in this role will be removed in an upcoming release.
Requirements Requirements
------------ ------------

View File

@ -8,6 +8,6 @@ nginx_linux_families: ['Alpine', 'Debian', 'RedHat', 'Suse']
nginx_plus_linux_families: ['Alpine', 'Debian', 'RedHat', 'Suse'] nginx_plus_linux_families: ['Alpine', 'Debian', 'RedHat', 'Suse']
# Default locations and versions when 'nginx_install_from; is set to 'source' # Default locations and versions when 'nginx_install_from; is set to 'source'
pcre_version: pcre-8.43 pcre_version: pcre-8.44
zlib_version: zlib-1.2.11 zlib_version: zlib-1.2.11
openssl_version: openssl-1.1.1c openssl_version: openssl-1.1.1g

View File

@ -22,7 +22,7 @@
changed_when: false changed_when: false
when: when:
- nginx_start | bool - nginx_start | bool
- not ansible_check_mode - not ansible_check_mode | bool
- name: "(Handler: All OSs) Start NGINX Amplify Agent" - name: "(Handler: All OSs) Start NGINX Amplify Agent"
service: service:

View File

@ -21,5 +21,6 @@
- name: Check default.conf does not exist - name: Check default.conf does not exist
stat: stat:
path: /etc/nginx/conf.d/default.conf path: /etc/nginx/conf.d/default.conf
check_mode: yes
register: stat_result register: stat_result
failed_when: stat_result.stat.exists failed_when: stat_result.stat.exists

View File

@ -26,6 +26,7 @@
- name: Check default.conf exists - name: Check default.conf exists
stat: stat:
path: /etc/nginx/conf.d/default.conf path: /etc/nginx/conf.d/default.conf
check_mode: yes
register: stat_result register: stat_result
failed_when: not stat_result.stat.exists failed_when: not stat_result.stat.exists

View File

@ -6,7 +6,7 @@
include_role: include_role:
name: ansible-role-nginx name: ansible-role-nginx
vars: vars:
nginx_debug_output: true # nginx_debug_output: true
nginx_service_modify: true nginx_service_modify: true
nginx_service_timeout: 95 nginx_service_timeout: 95

View File

@ -26,18 +26,21 @@
- name: Check default.conf exists - name: Check default.conf exists
stat: stat:
path: /etc/nginx/conf.d/default.conf path: /etc/nginx/conf.d/default.conf
check_mode: yes
register: stat_result register: stat_result
failed_when: not stat_result.stat.exists failed_when: not stat_result.stat.exists
- name: Check frontend_default.conf exists - name: Check frontend_default.conf exists
stat: stat:
path: /etc/nginx/conf.d/frontend_default.conf path: /etc/nginx/conf.d/frontend_default.conf
check_mode: yes
register: stat_result register: stat_result
failed_when: not stat_result.stat.exists failed_when: not stat_result.stat.exists
- name: Check backend_default.conf exists - name: Check backend_default.conf exists
stat: stat:
path: /etc/nginx/conf.d/backend_default.conf path: /etc/nginx/conf.d/backend_default.conf
check_mode: yes
register: stat_result register: stat_result
failed_when: not stat_result.stat.exists failed_when: not stat_result.stat.exists

View File

@ -14,6 +14,7 @@
remote_src: yes remote_src: yes
src: /etc/amplify-agent/agent.conf.default src: /etc/amplify-agent/agent.conf.default
dest: /etc/amplify-agent/agent.conf dest: /etc/amplify-agent/agent.conf
mode: 0644
- name: "(Setup: All OSs) Configure NGINX Amplify Agent API Key" - name: "(Setup: All OSs) Configure NGINX Amplify Agent API Key"
lineinfile: lineinfile:

View File

@ -3,10 +3,14 @@
apt_repository: apt_repository:
filename: nginx-amplify filename: nginx-amplify
repo: deb [arch=amd64] http://packages.amplify.nginx.com/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release|lower }} amplify-agent repo: deb [arch=amd64] http://packages.amplify.nginx.com/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release|lower }} amplify-agent
update_cache: yes
mode: 0644
when: ansible_distribution_release != "focal" when: ansible_distribution_release != "focal"
- name: "(Install: Debian/Ubuntu) Add NGINX Amplify Agent Repository" - name: "(Install: Debian/Ubuntu) Add NGINX Amplify Agent Repository"
apt_repository: apt_repository:
filename: nginx-amplify filename: nginx-amplify
repo: deb [arch=amd64] https://packages.amplify.nginx.com/py3/ubuntu focal amplify-agent repo: deb [arch=amd64] https://packages.amplify.nginx.com/py3/ubuntu focal amplify-agent
update_cache: yes
mode: 0644
when: ansible_distribution_release == "focal" when: ansible_distribution_release == "focal"

View File

@ -6,3 +6,4 @@
description: NGINX Amplify Agent description: NGINX Amplify Agent
enabled: yes enabled: yes
gpgcheck: yes gpgcheck: yes
mode: 0644

View File

@ -31,4 +31,5 @@
template: template:
src: "logrotate/nginx.j2" src: "logrotate/nginx.j2"
dest: "/etc/logrotate.d/nginx" dest: "/etc/logrotate.d/nginx"
mode: 0644
notify: "(Config: All OSs) Run Logrotate" notify: "(Config: All OSs) Run Logrotate"

View File

@ -3,6 +3,7 @@
file: file:
path: "{{ item.value.html_file_location | default('/usr/share/nginx/html') }}" path: "{{ item.value.html_file_location | default('/usr/share/nginx/html') }}"
state: directory state: directory
mode: 0755
with_dict: "{{ nginx_html_demo_template }}" with_dict: "{{ nginx_html_demo_template }}"
when: nginx_html_demo_template_enable | bool when: nginx_html_demo_template_enable | bool
@ -11,6 +12,7 @@
src: "{{ item.value.template_file | default('www/index.html.j2') }}" src: "{{ item.value.template_file | default('www/index.html.j2') }}"
dest: "{{ item.value.html_file_location | default('/usr/share/nginx/html') }}/{{ item.value.html_file_name | default('index.html') }}" dest: "{{ item.value.html_file_location | default('/usr/share/nginx/html') }}/{{ item.value.html_file_name | default('index.html') }}"
backup: yes backup: yes
mode: 0644
with_dict: "{{ nginx_html_demo_template }}" with_dict: "{{ nginx_html_demo_template }}"
when: nginx_html_demo_template_enable | bool when: nginx_html_demo_template_enable | bool
@ -18,6 +20,7 @@
file: file:
path: "{{ nginx_main_template.conf_file_location | default('/etc/nginx') }}" path: "{{ nginx_main_template.conf_file_location | default('/etc/nginx') }}"
state: directory state: directory
mode: 0755
when: nginx_main_template_enable | bool when: nginx_main_template_enable | bool
- name: "(Setup: All NGINX) Dynamically Generate NGINX Main Configuration File" - name: "(Setup: All NGINX) Dynamically Generate NGINX Main Configuration File"
@ -25,6 +28,7 @@
src: "{{ nginx_main_template.template_file | default('nginx.conf.j2') }}" src: "{{ nginx_main_template.template_file | default('nginx.conf.j2') }}"
dest: "{{ nginx_main_template.conf_file_location | default('/etc/nginx') }}/{{ nginx_main_template.conf_file_name | default('nginx.conf') }}" dest: "{{ nginx_main_template.conf_file_location | default('/etc/nginx') }}/{{ nginx_main_template.conf_file_name | default('nginx.conf') }}"
backup: yes backup: yes
mode: 0644
when: nginx_main_template_enable | bool when: nginx_main_template_enable | bool
notify: "(Handler: All OSs) Reload NGINX" notify: "(Handler: All OSs) Reload NGINX"
@ -32,6 +36,7 @@
file: file:
path: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/') }}" path: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/') }}"
state: directory state: directory
mode: 0755
with_dict: "{{ nginx_http_template }}" with_dict: "{{ nginx_http_template }}"
when: nginx_http_template_enable | bool when: nginx_http_template_enable | bool
@ -40,6 +45,7 @@
path: "{{ item.1.path }}" path: "{{ item.1.path }}"
state: directory state: directory
owner: "{{ nginx_main_template.user | default('nginx') }}" owner: "{{ nginx_main_template.user | default('nginx') }}"
mode: 0755
with_subelements: with_subelements:
- "{{ nginx_http_template }}" - "{{ nginx_http_template }}"
- proxy_cache.proxy_cache_path - proxy_cache.proxy_cache_path
@ -51,6 +57,7 @@
src: "{{ item.value.template_file | default('http/default.conf.j2') }}" src: "{{ item.value.template_file | default('http/default.conf.j2') }}"
dest: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/') }}/{{ item.value.conf_file_name | default('default.conf') }}" dest: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/') }}/{{ item.value.conf_file_name | default('default.conf') }}"
backup: yes backup: yes
mode: 0644
with_dict: "{{ nginx_http_template }}" with_dict: "{{ nginx_http_template }}"
when: nginx_http_template_enable | bool when: nginx_http_template_enable | bool
notify: "(Handler: All OSs) Reload NGINX" notify: "(Handler: All OSs) Reload NGINX"
@ -60,21 +67,24 @@
src: "{{ nginx_status_template_file | default('http/status.conf.j2') }}" src: "{{ nginx_status_template_file | default('http/status.conf.j2') }}"
dest: "{{ nginx_status_file_location | default('/etc/nginx/conf.d/status.conf') }}" dest: "{{ nginx_status_file_location | default('/etc/nginx/conf.d/status.conf') }}"
backup: yes backup: yes
notify: "(Handler: All OSs) Reload NGINX" mode: 0644
when: nginx_status_enable | bool when: nginx_status_enable | bool
notify: "(Handler: All OSs) Reload NGINX"
- name: "(Setup: All NGINX) Dynamically Generate NGINX API Configuration File" - name: "(Setup: All NGINX) Dynamically Generate NGINX API Configuration File"
template: template:
src: "{{ nginx_rest_api_template_file | default('http/api.conf.j2') }}" src: "{{ nginx_rest_api_template_file | default('http/api.conf.j2') }}"
dest: "{{ nginx_rest_api_file_location | default('/etc/nginx/conf.d/api.conf') }}" dest: "{{ nginx_rest_api_file_location | default('/etc/nginx/conf.d/api.conf') }}"
backup: yes backup: yes
notify: "(Handler: All OSs) Reload NGINX" mode: 0644
when: nginx_rest_api_enable | bool when: nginx_rest_api_enable | bool
notify: "(Handler: All OSs) Reload NGINX"
- name: "(Setup: All NGINX) Ensure NGINX Stream Directory Exists" - name: "(Setup: All NGINX) Ensure NGINX Stream Directory Exists"
file: file:
path: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/stream/') }}" path: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/stream/') }}"
state: directory state: directory
mode: 0755
with_dict: "{{ nginx_stream_template }}" with_dict: "{{ nginx_stream_template }}"
when: nginx_stream_template_enable | bool when: nginx_stream_template_enable | bool
@ -83,6 +93,7 @@
src: "{{ item.value.template_file | default('stream/default.conf.j2') }}" src: "{{ item.value.template_file | default('stream/default.conf.j2') }}"
dest: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/stream/') }}/{{ item.value.conf_file_name | default('default.conf') }}" dest: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/stream/') }}/{{ item.value.conf_file_name | default('default.conf') }}"
backup: yes backup: yes
mode: 0644
with_dict: "{{ nginx_stream_template }}" with_dict: "{{ nginx_stream_template }}"
notify: "(Handler: All OSs) Reload NGINX"
when: nginx_stream_template_enable | bool when: nginx_stream_template_enable | bool
notify: "(Handler: All OSs) Reload NGINX"

View File

@ -1,8 +1,26 @@
--- ---
- name: "(Setup: All NGINX) Ensure NGINX HTML Directory Exists"
file:
path: "{{ nginx_html_upload_dest | default('/usr/share/nginx/html') }}"
state: directory
mode: 0755
when: nginx_html_upload_enable | bool
- name: "(Setup: All NGINX) Upload NGINX HTML Files"
copy:
src: "{{ item }}"
dest: "{{ nginx_html_upload_dest | default('/usr/share/nginx/html') }}"
backup: yes
mode: 0644
with_fileglob: "{{ nginx_html_upload_src }}"
when: nginx_html_upload_enable | bool
notify: "(Handler: All OSs) Reload NGINX"
- name: "(Setup: All NGINX) Ensure NGINX Main Directory Exists" - name: "(Setup: All NGINX) Ensure NGINX Main Directory Exists"
file: file:
path: "{{ nginx_main_upload_dest | default('/etc/nginx/') }}" path: "{{ nginx_main_upload_dest | default('/etc/nginx/') }}"
state: directory state: directory
mode: 0755
when: nginx_main_upload_enable | bool when: nginx_main_upload_enable | bool
- name: "(Setup: All NGINX) Upload NGINX Main Configuration File" - name: "(Setup: All NGINX) Upload NGINX Main Configuration File"
@ -10,6 +28,7 @@
src: "{{ nginx_main_upload_src | default('conf/nginx.conf') }}" src: "{{ nginx_main_upload_src | default('conf/nginx.conf') }}"
dest: "{{ nginx_main_upload_dest | default('/etc/nginx/') }}" dest: "{{ nginx_main_upload_dest | default('/etc/nginx/') }}"
backup: yes backup: yes
mode: 0644
when: nginx_main_upload_enable | bool when: nginx_main_upload_enable | bool
notify: "(Handler: All OSs) Reload NGINX" notify: "(Handler: All OSs) Reload NGINX"
@ -17,6 +36,7 @@
file: file:
path: "{{ nginx_http_upload_dest | default('/etc/nginx/conf.d/') }}" path: "{{ nginx_http_upload_dest | default('/etc/nginx/conf.d/') }}"
state: directory state: directory
mode: 0755
when: nginx_http_upload_enable | bool when: nginx_http_upload_enable | bool
- name: "(Setup: All NGINX) Upload NGINX HTTP Configuration Files" - name: "(Setup: All NGINX) Upload NGINX HTTP Configuration Files"
@ -24,6 +44,7 @@
src: "{{ item }}" src: "{{ item }}"
dest: "{{ nginx_http_upload_dest | default('/etc/nginx/conf.d/') }}" dest: "{{ nginx_http_upload_dest | default('/etc/nginx/conf.d/') }}"
backup: yes backup: yes
mode: 0644
with_fileglob: "{{ nginx_http_upload_src }}" with_fileglob: "{{ nginx_http_upload_src }}"
when: nginx_http_upload_enable | bool when: nginx_http_upload_enable | bool
notify: "(Handler: All OSs) Reload NGINX" notify: "(Handler: All OSs) Reload NGINX"
@ -32,6 +53,7 @@
file: file:
path: "{{ nginx_stream_upload_dest | default('/etc/nginx/conf.d/') }}" path: "{{ nginx_stream_upload_dest | default('/etc/nginx/conf.d/') }}"
state: directory state: directory
mode: 0755
when: nginx_stream_upload_enable | bool when: nginx_stream_upload_enable | bool
- name: "(Setup: All NGINX) Upload NGINX Stream Configuration Files" - name: "(Setup: All NGINX) Upload NGINX Stream Configuration Files"
@ -39,44 +61,32 @@
src: "{{ item }}" src: "{{ item }}"
dest: "{{ nginx_stream_upload_dest | default('/etc/nginx/conf.d/') }}" dest: "{{ nginx_stream_upload_dest | default('/etc/nginx/conf.d/') }}"
backup: yes backup: yes
mode: 0644
with_fileglob: "{{ nginx_stream_upload_src }}" with_fileglob: "{{ nginx_stream_upload_src }}"
when: nginx_stream_upload_enable | bool when: nginx_stream_upload_enable | bool
notify: "(Handler: All OSs) Reload NGINX" notify: "(Handler: All OSs) Reload NGINX"
- name: "(Setup: All NGINX) Ensure NGINX HTML Directory Exists"
file:
path: "{{ nginx_html_upload_dest | default('/usr/share/nginx/html') }}"
state: directory
when: nginx_html_upload_enable | bool
- name: "(Setup: All NGINX) Upload NGINX HTML Files"
copy:
src: "{{ item }}"
dest: "{{ nginx_html_upload_dest | default('/usr/share/nginx/html') }}"
backup: yes
with_fileglob: "{{ nginx_html_upload_src }}"
when: nginx_html_upload_enable | bool
notify: "(Handler: All OSs) Reload NGINX"
- name: "(Setup: All NGINX) Ensure SSL Certificate Directory Exists" - name: "(Setup: All NGINX) Ensure SSL Certificate Directory Exists"
file: file:
path: "{{ nginx_ssl_crt_upload_dest | default('/etc/ssl/certs/') }}" path: "{{ nginx_ssl_crt_upload_dest | default('/etc/ssl/certs/') }}"
state: directory state: directory
mode: 0755
when: nginx_ssl_upload_enable | bool when: nginx_ssl_upload_enable | bool
- name: "(Setup: All NGINX) Ensure SSL Key Directory Exists" - name: "(Setup: All NGINX) Ensure SSL Key Directory Exists"
file: file:
path: "{{ nginx_ssl_key_upload_dest | default('/etc/ssl/private/') }}" path: "{{ nginx_ssl_key_upload_dest | default('/etc/ssl/private/') }}"
state: directory state: directory
mode: 0755
when: nginx_ssl_upload_enable | bool when: nginx_ssl_upload_enable | bool
- name: "(Setup: All NGINX) Upload NGINX SSL Certificates" - name: "(Setup: All NGINX) Upload NGINX SSL Certificates"
copy: copy:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ nginx_ssl_crt_upload_dest | default('/etc/ssl/certs/') }}" dest: "{{ nginx_ssl_crt_upload_dest | default('/etc/ssl/certs/') }}"
mode: 0640
decrypt: yes decrypt: yes
backup: yes backup: yes
mode: 0640
with_fileglob: "{{ nginx_ssl_crt_upload_src }}" with_fileglob: "{{ nginx_ssl_crt_upload_src }}"
when: nginx_ssl_upload_enable | bool when: nginx_ssl_upload_enable | bool
@ -84,9 +94,9 @@
copy: copy:
src: "{{ item }}" src: "{{ item }}"
dest: "{{ nginx_ssl_key_upload_dest | default('/etc/ssl/private/') }}" dest: "{{ nginx_ssl_key_upload_dest | default('/etc/ssl/private/') }}"
mode: 0640
decrypt: yes decrypt: yes
backup: yes backup: yes
mode: 0640
with_fileglob: "{{ nginx_ssl_key_upload_src }}" with_fileglob: "{{ nginx_ssl_key_upload_src }}"
no_log: yes no_log: yes
when: nginx_ssl_upload_enable | bool when: nginx_ssl_upload_enable | bool

View File

@ -11,3 +11,4 @@
get_url: get_url:
url: "{{ keysite }}" url: "{{ keysite }}"
dest: /etc/apk/keys/nginx_signing.rsa.pub dest: /etc/apk/keys/nginx_signing.rsa.pub
mode: 0400

View File

@ -12,7 +12,7 @@
include_tasks: "{{ role_path }}/tasks/prerequisites/setup-systemd.yml" include_tasks: "{{ role_path }}/tasks/prerequisites/setup-systemd.yml"
when: when:
- ansible_service_mgr == "systemd" - ansible_service_mgr == "systemd"
- nginx_service_modify - nginx_service_modify | bool
- name: "(Install: Linux) Install NGINX From Source" - name: "(Install: Linux) Install NGINX From Source"
include_tasks: "{{ role_path }}/tasks/opensource/setup-source.yml" include_tasks: "{{ role_path }}/tasks/opensource/setup-source.yml"

View File

@ -15,7 +15,10 @@
- name: "(Install: Debian/Ubuntu) Add NGINX Repository" - name: "(Install: Debian/Ubuntu) Add NGINX Repository"
apt_repository: apt_repository:
filename: nginx
repo: "{{ item }}" repo: "{{ item }}"
update_cache: yes
mode: 0644
loop: "{{ repository }}" loop: "{{ repository }}"
- name: "(Install: Debian/Ubuntu) Install NGINX" - name: "(Install: Debian/Ubuntu) Install NGINX"

View File

@ -17,6 +17,7 @@
description: NGINX Repository description: NGINX Repository
enabled: yes enabled: yes
gpgcheck: yes gpgcheck: yes
mode: 0644
when: ansible_distribution_major_version < "8" when: ansible_distribution_major_version < "8"
- name: "(Install: CentOS/RedHat) Add NGINX Repository for CentOS/RHEL 8" - name: "(Install: CentOS/RedHat) Add NGINX Repository for CentOS/RHEL 8"
@ -30,6 +31,7 @@
gpgcheck = 1 gpgcheck = 1
name = NGINX Repository name = NGINX Repository
module_hotfixes = true module_hotfixes = true
mode: 0644
when: ansible_distribution_major_version == "8" when: ansible_distribution_major_version == "8"
- name: "(Install: CentOS/RedHat) Install Required CentOS/RedHat Dependencies" - name: "(Install: CentOS/RedHat) Install Required CentOS/RedHat Dependencies"

View File

@ -1,14 +1,15 @@
--- ---
- name: "(Install: Linux) Check For Build Tools" - name: "(Install: Linux) Check For Build Tools"
block: block:
- name: "(Install: Centos/RHEL) Install Python" - name: "(Install: Centos/RHEL) Setup Python 3"
block:
- name: "(Install: Centos/RHEL) Install Python 3"
yum: yum:
name: name:
- python3 - python3
- python3-pip - python3-pip
- python3-devel - python3-devel
update_cache: yes update_cache: yes
when: ansible_os_family == "RedHat"
- name: "(Install: Centos/RHEL) Set Python 3 Default" - name: "(Install: Centos/RHEL) Set Python 3 Default"
alternatives: alternatives:
@ -37,7 +38,10 @@
- name: "(Install: Debian) Install Backports Repo For Buster" - name: "(Install: Debian) Install Backports Repo For Buster"
apt_repository: apt_repository:
filename: buster-backports
repo: deb http://ftp.us.debian.org/debian buster-backports main repo: deb http://ftp.us.debian.org/debian buster-backports main
update_cache: yes
mode: 0644
when: ansible_distribution_release == "buster" when: ansible_distribution_release == "buster"
- name: "(Install: Debian/Ubuntu) Install Build Tools" - name: "(Install: Debian/Ubuntu) Install Build Tools"
@ -76,7 +80,7 @@
owner: root owner: root
mode: 0644 mode: 0644
when: ansible_os_family == "Alpine" when: ansible_os_family == "Alpine"
when: nginx_install_source_build_tools when: nginx_install_source_build_tools | bool
- name: "(Install: Linux) Check For Source Installs" - name: "(Install: Linux) Check For Source Installs"
block: block:
@ -100,7 +104,7 @@
name: pcre-devel name: pcre-devel
update_cache: yes update_cache: yes
when: when:
- nginx_install_source_pcre - nginx_install_source_pcre | bool
- ansible_os_family == "RedHat" - ansible_os_family == "RedHat"
- name: "(Install: Debian/Ubuntu) Install PCRE Dependency From Package" - name: "(Install: Debian/Ubuntu) Install PCRE Dependency From Package"
@ -108,7 +112,7 @@
name: libpcre3-dev name: libpcre3-dev
update_cache: yes update_cache: yes
when: when:
- nginx_install_source_pcre - nginx_install_source_pcre | bool
- ansible_os_family == "Debian" - ansible_os_family == "Debian"
- name: "(Install: Alpine) Install PCRE Dependency From Package" - name: "(Install: Alpine) Install PCRE Dependency From Package"
@ -116,7 +120,7 @@
name: pcre-dev name: pcre-dev
update_cache: yes update_cache: yes
when: when:
- nginx_install_source_pcre - nginx_install_source_pcre | bool
- ansible_os_family == "Alpine" - ansible_os_family == "Alpine"
- name: "(Install: Linux) Install PCRE Dependence From Source" - name: "(Install: Linux) Install PCRE Dependence From Source"
@ -125,6 +129,7 @@
get_url: get_url:
url: "http://ftp.pcre.org/pub/pcre/{{ pcre_version }}.tar.gz" url: "http://ftp.pcre.org/pub/pcre/{{ pcre_version }}.tar.gz"
dest: "/tmp/{{ pcre_version }}.tar.gz" dest: "/tmp/{{ pcre_version }}.tar.gz"
mode: 0600
register: pcre_source register: pcre_source
- name: "(Install: Linux) Unpack PCRE Dependency" - name: "(Install: Linux) Unpack PCRE Dependency"
@ -132,13 +137,12 @@
copy: no copy: no
dest: /tmp/ dest: /tmp/
src: "{{ pcre_source.dest }}" src: "{{ pcre_source.dest }}"
register: pcre_source_unpack mode: 0700
- name: "(Install: Linux) Configure PCRE Dependency" - name: "(Install: Linux) Configure PCRE Dependency"
command: "./configure" command: "./configure"
args: args:
chdir: "/tmp/{{ pcre_version }}" chdir: "/tmp/{{ pcre_version }}"
register: pcre_configure
- name: "(Install: Linux) Make PCRE Dependency" - name: "(Install: Linux) Make PCRE Dependency"
make: make:
@ -149,15 +153,15 @@
chdir: "/tmp/{{ pcre_version }}" chdir: "/tmp/{{ pcre_version }}"
target: install target: install
when: when:
- not pcre_result.stat.exists - not pcre_result.stat.exists | bool
- not nginx_install_source_pcre - not nginx_install_source_pcre | bool
- name: "(Install: Centos/RHEL) Install ZLib Dependency From Package" - name: "(Install: Centos/RHEL) Install ZLib Dependency From Package"
yum: yum:
name: zlib-devel name: zlib-devel
update_cache: yes update_cache: yes
when: when:
- nginx_install_source_zlib - nginx_install_source_zlib | bool
- ansible_os_family == "RedHat" - ansible_os_family == "RedHat"
- name: "(Install: Debian/Ubuntu) Install ZLib Dependency From Package" - name: "(Install: Debian/Ubuntu) Install ZLib Dependency From Package"
@ -165,7 +169,7 @@
name: zlib1g-dev name: zlib1g-dev
update_cache: true update_cache: true
when: when:
- nginx_install_source_zlib - nginx_install_source_zlib | bool
- ansible_os_family == "Debian" - ansible_os_family == "Debian"
- name: "(Install: Alpine) Install ZLib Dependency From Package" - name: "(Install: Alpine) Install ZLib Dependency From Package"
@ -173,7 +177,7 @@
name: zlib-dev name: zlib-dev
update_cache: yes update_cache: yes
when: when:
- nginx_install_source_zlib - nginx_install_source_zlib | bool
- ansible_os_family == "Alpine" - ansible_os_family == "Alpine"
- name: "(Install: Linux) Install ZLib Dependency From Source" - name: "(Install: Linux) Install ZLib Dependency From Source"
@ -182,6 +186,7 @@
get_url: get_url:
url: "http://zlib.net/{{ zlib_version }}.tar.gz" url: "http://zlib.net/{{ zlib_version }}.tar.gz"
dest: "/tmp/{{ zlib_version }}.tar.gz" dest: "/tmp/{{ zlib_version }}.tar.gz"
mode: 0600
register: zlib_source register: zlib_source
- name: "(Install: Linux) Unpack ZLib Dependency" - name: "(Install: Linux) Unpack ZLib Dependency"
@ -189,13 +194,12 @@
copy: no copy: no
dest: /tmp/ dest: /tmp/
src: "{{ zlib_source.dest }}" src: "{{ zlib_source.dest }}"
register: zlib_source_unpack mode: 0700
- name: "(Install: Linux) Configure zlib Dependency" - name: "(Install: Linux) Configure zlib Dependency"
command: "./configure" command: "./configure"
args: args:
chdir: "/tmp/{{ zlib_version }}" chdir: "/tmp/{{ zlib_version }}"
register: zlib_configure
- name: "(Install: Linux) Make ZLib Dependency" - name: "(Install: Linux) Make ZLib Dependency"
make: make:
@ -206,15 +210,15 @@
chdir: "/tmp/{{ zlib_version }}" chdir: "/tmp/{{ zlib_version }}"
target: install target: install
when: when:
- not zlib_result.stat.exists - not zlib_result.stat.exists | bool
- not nginx_install_source_zlib - not nginx_install_source_zlib | bool
- name: "(Install: Centos/RHEL) Install OpenSSL Dependency From Package" - name: "(Install: Centos/RHEL) Install OpenSSL Dependency From Package"
yum: yum:
name: openssl-devel name: openssl-devel
update_cache: yes update_cache: yes
when: when:
- nginx_install_source_openssl - nginx_install_source_openssl | bool
- ansible_os_family == "RedHat" - ansible_os_family == "RedHat"
- name: "(Install: Debian/Ubuntu) Install OpenSSL Dependency From Package" - name: "(Install: Debian/Ubuntu) Install OpenSSL Dependency From Package"
@ -222,7 +226,7 @@
name: libssl-dev name: libssl-dev
update_cache: yes update_cache: yes
when: when:
- nginx_install_source_openssl - nginx_install_source_openssl | bool
- ansible_os_family == "Debian" - ansible_os_family == "Debian"
- name: "(Install: Alpine) Install OpenSSL Dependency From Package" - name: "(Install: Alpine) Install OpenSSL Dependency From Package"
@ -230,7 +234,7 @@
name: openssl-dev name: openssl-dev
update_cache: yes update_cache: yes
when: when:
- nginx_install_source_openssl - nginx_install_source_openssl | bool
- ansible_os_family == "Alpine" - ansible_os_family == "Alpine"
- name: "(Install: Linux) Install OpenSSL Dependency From Source" - name: "(Install: Linux) Install OpenSSL Dependency From Source"
@ -239,6 +243,7 @@
get_url: get_url:
url: "http://www.openssl.org/source/{{ openssl_version }}.tar.gz" url: "http://www.openssl.org/source/{{ openssl_version }}.tar.gz"
dest: "/tmp/{{ openssl_version }}.tar.gz" dest: "/tmp/{{ openssl_version }}.tar.gz"
mode: 0600
register: openssl_source register: openssl_source
- name: "(Install: Linux) Unpack OpenSSL Dependency" - name: "(Install: Linux) Unpack OpenSSL Dependency"
@ -246,13 +251,12 @@
copy: no copy: no
dest: /tmp/ dest: /tmp/
src: "{{ openssl_source.dest }}" src: "{{ openssl_source.dest }}"
register: openssl_source_unpack mode: 0700
- name: "(Install: Linux) Configure OpenSSL Dependency" - name: "(Install: Linux) Configure OpenSSL Dependency"
command: "./config --prefix=/usr" command: "./config --prefix=/usr/local/openssl --openssldir=/usr/local/openssl shared zlib"
args: args:
chdir: "/tmp/{{ openssl_version }}" chdir: "/tmp/{{ openssl_version }}"
register: openssl_configure
- name: "(Install: Linux) Make OpenSSL Dependency" - name: "(Install: Linux) Make OpenSSL Dependency"
make: make:
@ -263,8 +267,8 @@
chdir: "/tmp/{{ openssl_version }}" chdir: "/tmp/{{ openssl_version }}"
target: install target: install
when: when:
- not openssl_result.stat.exists - not openssl_result.stat.exists | bool
- not nginx_install_source_openssl - not nginx_install_source_openssl | bool
- name: "(Install: Linux) Get NGINX Version" - name: "(Install: Linux) Get NGINX Version"
block: block:
@ -309,6 +313,7 @@
get_url: get_url:
url: "http://nginx.org/download/{{ nginx_download_name }}.tar.gz" url: "http://nginx.org/download/{{ nginx_download_name }}.tar.gz"
dest: "/tmp/{{ nginx_download_name }}.tar.gz" dest: "/tmp/{{ nginx_download_name }}.tar.gz"
mode: 0600
register: nginx_source register: nginx_source
- name: "(Install: Linux) Unpack NGINX" - name: "(Install: Linux) Unpack NGINX"
@ -316,7 +321,7 @@
copy: no copy: no
dest: /tmp/ dest: /tmp/
src: "{{ nginx_source.dest }}" src: "{{ nginx_source.dest }}"
register: nginx_source_unpack mode: 0755
- name: "(Install: Linux) Configure NGINX" - name: "(Install: Linux) Configure NGINX"
command: >- command: >-
@ -353,7 +358,7 @@
dest: /lib/systemd/system/nginx.service dest: /lib/systemd/system/nginx.service
owner: root owner: root
group: root group: root
mode: '0644' mode: 0644
when: ansible_service_mgr == "systemd" when: ansible_service_mgr == "systemd"
- name: "(Install: Linux) Enable systemd NGINX Service File" - name: "(Install: Linux) Enable systemd NGINX Service File"
@ -362,8 +367,8 @@
name: nginx name: nginx
state: restarted state: restarted
enabled: yes enabled: yes
notify: "(Handler: All OSs) Start NGINX"
when: ansible_service_mgr == "systemd" when: ansible_service_mgr == "systemd"
notify: "(Handler: All OSs) Start NGINX"
- name: "(Install: Linux) Upload upstart NGINX Service File" - name: "(Install: Linux) Upload upstart NGINX Service File"
copy: copy:
@ -371,7 +376,7 @@
dest: /etc/init.d/nginx dest: /etc/init.d/nginx
owner: root owner: root
group: root group: root
mode: '0755' mode: 0755
when: ansible_service_mgr == "upstart" when: ansible_service_mgr == "upstart"
- name: "(Install: Linux) Upload upstart NGINX Service Conf File" - name: "(Install: Linux) Upload upstart NGINX Service Conf File"
@ -380,7 +385,7 @@
dest: /etc/init/nginx.conf dest: /etc/init/nginx.conf
owner: root owner: root
group: root group: root
mode: '0644' mode: 0644
when: ansible_service_mgr == "upstart" when: ansible_service_mgr == "upstart"
- name: "(Install: Linux) Enable upstart NGINX Service Reload" - name: "(Install: Linux) Enable upstart NGINX Service Reload"
@ -389,8 +394,8 @@
- name: "(Install: Linux) Start upstart NGINX Service Reload" - name: "(Install: Linux) Start upstart NGINX Service Reload"
command: "nginx" command: "nginx"
notify: "(Handler: All OSs) Start NGINX"
when: ansible_service_mgr == "upstart" when: ansible_service_mgr == "upstart"
notify: "(Handler: All OSs) Start NGINX"
- name: "(Install: Linux) Upload sysvinit NGINX Service File" - name: "(Install: Linux) Upload sysvinit NGINX Service File"
copy: copy:
@ -398,9 +403,9 @@
dest: /etc/init.d/nginx dest: /etc/init.d/nginx
owner: root owner: root
group: root group: root
mode: '0755' mode: 0755
notify: "(Handler: All OSs) Start NGINX"
when: ansible_service_mgr == "sysvinit" when: ansible_service_mgr == "sysvinit"
notify: "(Handler: All OSs) Start NGINX"
- name: "(Install: Linux) Upload openrc NGINX Service File" - name: "(Install: Linux) Upload openrc NGINX Service File"
copy: copy:
@ -408,7 +413,7 @@
dest: /etc/init.d/nginx dest: /etc/init.d/nginx
owner: root owner: root
group: root group: root
mode: '0755' mode: 0755
when: ansible_service_mgr == "openrc" when: ansible_service_mgr == "openrc"
- name: "(Install: Linux) Enable openrc NGINX Service" - name: "(Install: Linux) Enable openrc NGINX Service"

View File

@ -1,5 +1,6 @@
--- ---
- include_tasks: "{{ role_path }}/tasks/plus/setup-{{ ansible_os_family | lower }}.yml" - name: "(Setup: Linux) Setup NGINX Plus Repository"
include_tasks: "{{ role_path }}/tasks/plus/setup-{{ ansible_os_family | lower }}.yml"
when: ansible_os_family == "Alpine" when: ansible_os_family == "Alpine"
or ansible_os_family == "Debian" or ansible_os_family == "Debian"
or ansible_os_family == "RedHat" or ansible_os_family == "RedHat"
@ -9,7 +10,7 @@
include_tasks: "{{ role_path }}/tasks/prerequisites/setup-systemd.yml" include_tasks: "{{ role_path }}/tasks/prerequisites/setup-systemd.yml"
when: when:
- ansible_service_mgr == "systemd" - ansible_service_mgr == "systemd"
- nginx_service_modify - nginx_service_modify | bool
- name: "(Install: Linux) Install NGINX Plus" - name: "(Install: Linux) Install NGINX Plus"
package: package:

View File

@ -10,6 +10,7 @@
MIRROR_TYPE: SRV MIRROR_TYPE: SRV
} }
state: "{{ nginx_license_status | default ('present') }}" state: "{{ nginx_license_status | default ('present') }}"
mode: 0644
- name: "(Setup: FreeBSD) Setup NGINX Plus License" - name: "(Setup: FreeBSD) Setup NGINX Plus License"
blockinfile: blockinfile:

View File

@ -1,11 +1,4 @@
--- ---
- name: "(Setup: Debian/Ubuntu) Setup NGINX Plus Repository"
apt_repository:
repo: deb [arch=amd64] https://plus-pkgs.nginx.com/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} nginx-plus
filename: nginx-plus
update_cache: no
state: "{{ nginx_license_status | default ('present') }}"
- name: "(Setup: Debian/Ubuntu) Setup NGINX Plus License" - name: "(Setup: Debian/Ubuntu) Setup NGINX Plus License"
blockinfile: blockinfile:
path: /etc/apt/apt.conf.d/90nginx path: /etc/apt/apt.conf.d/90nginx
@ -16,7 +9,12 @@
Acquire::https::plus-pkgs.nginx.com::SslCert "/etc/ssl/nginx/nginx-repo.crt"; Acquire::https::plus-pkgs.nginx.com::SslCert "/etc/ssl/nginx/nginx-repo.crt";
Acquire::https::plus-pkgs.nginx.com::SslKey "/etc/ssl/nginx/nginx-repo.key"; Acquire::https::plus-pkgs.nginx.com::SslKey "/etc/ssl/nginx/nginx-repo.key";
state: "{{ nginx_license_status | default ('present') }}" state: "{{ nginx_license_status | default ('present') }}"
mode: 0444
- name: "(Setup: Debian/Ubuntu) Update APT Cache" - name: "(Setup: Debian/Ubuntu) Setup NGINX Plus Repository"
apt: apt_repository:
filename: nginx-plus
repo: deb [arch=amd64] https://plus-pkgs.nginx.com/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} nginx-plus
update_cache: yes update_cache: yes
state: "{{ nginx_license_status | default ('present') }}"
mode: 0644

View File

@ -5,12 +5,14 @@
file: file:
path: /etc/ssl/nginx path: /etc/ssl/nginx
state: directory state: directory
mode: 0755
- name: "(Setup: All OSs Besides Alpine Linux) Copy NGINX Plus Certificate and License Key" - name: "(Setup: All OSs Besides Alpine Linux) Copy NGINX Plus Certificate and License Key"
copy: copy:
src: "{{ item }}" src: "{{ item }}"
dest: /etc/ssl/nginx dest: /etc/ssl/nginx
decrypt: yes decrypt: yes
mode: 0444
loop: loop:
- "{{ nginx_license.certificate }}" - "{{ nginx_license.certificate }}"
- "{{ nginx_license.key }}" - "{{ nginx_license.key }}"
@ -22,16 +24,19 @@
file: file:
path: /etc/apk path: /etc/apk
state: directory state: directory
mode: 0755
- name: "(Setup: Alpine Linux) Copy NGINX Plus Key" - name: "(Setup: Alpine Linux) Copy NGINX Plus Key"
copy: copy:
src: "{{ nginx_license.key }}" src: "{{ nginx_license.key }}"
dest: /etc/apk/cert.key dest: /etc/apk/cert.key
decrypt: yes decrypt: yes
mode: 0444
- name: "(Setup: Alpine Linux) Copy NGINX Plus Certificate" - name: "(Setup: Alpine Linux) Copy NGINX Plus Certificate"
copy: copy:
src: "{{ nginx_license.certificate }}" src: "{{ nginx_license.certificate }}"
dest: /etc/apk/cert.pem dest: /etc/apk/cert.pem
decrypt: yes decrypt: yes
mode: 0444
when: ansible_distribution == "Alpine" when: ansible_distribution == "Alpine"

View File

@ -11,6 +11,7 @@
enabled: yes enabled: yes
gpgcheck: yes gpgcheck: yes
state: "{{ nginx_license_status | default ('present') }}" state: "{{ nginx_license_status | default ('present') }}"
mode: 0644
when: ansible_distribution != "Amazon" when: ansible_distribution != "Amazon"
- name: "(Setup: Amazon Linux) Setup NGINX Plus Repository" - name: "(Setup: Amazon Linux) Setup NGINX Plus Repository"
@ -25,4 +26,5 @@
enabled: yes enabled: yes
gpgcheck: yes gpgcheck: yes
state: "{{ nginx_license_status | default ('present') }}" state: "{{ nginx_license_status | default ('present') }}"
mode: 0644
when: ansible_distribution == "Amazon" when: ansible_distribution == "Amazon"

View File

@ -3,6 +3,7 @@
assemble: assemble:
src: /etc/ssl/nginx src: /etc/ssl/nginx
dest: /etc/ssl/nginx/nginx-repo-bundle.crt dest: /etc/ssl/nginx/nginx-repo-bundle.crt
mode: 0444
- name: "(Setup: SUSE) Setup NGINX Plus Repository" - name: "(Setup: SUSE) Setup NGINX Plus Repository"
zypper_repository: zypper_repository:

View File

@ -80,6 +80,7 @@
template: template:
src: "{{ role_path }}/templates/selinux/nginx-plus-module.te.j2" src: "{{ role_path }}/templates/selinux/nginx-plus-module.te.j2"
dest: "{{ nginx_tempdir }}/nginx-plus-module.te" dest: "{{ nginx_tempdir }}/nginx-plus-module.te"
mode: 0644
register: nginx_selinux_module register: nginx_selinux_module
- name: "(Setup: SELinux) Check NGINX Plus Module" - name: "(Setup: SELinux) Check NGINX Plus Module"

View File

@ -12,10 +12,10 @@
owner: root owner: root
group: root group: root
mode: 0644 mode: 0644
notify: "(Handler: All OSs) Systemd Daemon-Reload"
when: when:
- not nginx_service_custom | bool - not nginx_service_custom | bool
- not nginx_service_clean | bool - not nginx_service_clean | bool
notify: "(Handler: All OSs) Systemd Daemon-Reload"
- name: "(Setup: Linux) Customize Override For NGINX Systemd Service" - name: "(Setup: Linux) Customize Override For NGINX Systemd Service"
copy: copy:
@ -24,14 +24,14 @@
owner: root owner: root
group: root group: root
mode: 0644 mode: 0644
notify: "(Handler: All OSs) Systemd Daemon-Reload"
when: when:
- nginx_service_custom | bool - nginx_service_custom | bool
- not nginx_service_clean | bool - not nginx_service_clean | bool
notify: "(Handler: All OSs) Systemd Daemon-Reload"
- name: "(Setup: Linux) Remove Override For NGINX Systemd Service" - name: "(Setup: Linux) Remove Override For NGINX Systemd Service"
file: file:
path: "{{ nginx_service_overridepath }}" path: "{{ nginx_service_overridepath }}"
state: absent state: absent
notify: "(Handler: All OSs) Systemd Daemon-Reload"
when: nginx_service_clean | bool when: nginx_service_clean | bool
notify: "(Handler: All OSs) Systemd Daemon-Reload"

View File

@ -2,6 +2,7 @@
- name: "(Install: Debian/Ubuntu) Add NGINX Unit Repository" - name: "(Install: Debian/Ubuntu) Add NGINX Unit Repository"
apt_repository: apt_repository:
repo: "{{ item }}" repo: "{{ item }}"
mode: 0644
loop: loop:
- deb [arch=amd64] https://packages.nginx.org/unit/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} unit - deb [arch=amd64] https://packages.nginx.org/unit/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} unit
- deb-src https://packages.nginx.org/unit/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} unit - deb-src https://packages.nginx.org/unit/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} unit

View File

@ -6,6 +6,7 @@
description: NGINX Unit Repository description: NGINX Unit Repository
enabled: yes enabled: yes
gpgcheck: yes gpgcheck: yes
mode: 0644
when: ansible_distribution != "Amazon" when: ansible_distribution != "Amazon"
- name: "(Install: Amazon Linux) Add NGINX Unit Repository" - name: "(Install: Amazon Linux) Add NGINX Unit Repository"
@ -15,4 +16,5 @@
description: NGINX Unit Repository description: NGINX Unit Repository
enabled: yes enabled: yes
gpgcheck: yes gpgcheck: yes
mode: 0644
when: ansible_distribution == "Amazon" when: ansible_distribution == "Amazon"