Add support to the role for RHEL 8 and Alpine Linux (#129)

* Add support to the role for RHEL 8 and Alpine Linux

* Add NGINX Open Source support for Alpine Linux

* Add NGINX Open Source support for SLES 15

* Update supported platforms matrix
This commit is contained in:
Alessandro Fael Garcia 2019-05-20 18:32:08 +02:00 committed by Grzegorz Dzien
parent df98f1a244
commit f3ec78e7ae
13 changed files with 203 additions and 127 deletions

View File

@ -20,14 +20,19 @@ It supports all platforms supported by [NGINX Open Source](https://nginx.org/en/
**NGINX Open Source**
```yaml
Alpine:
versions:
- 3.8
- 3.9
CentOS:
versions:
- 6
- 7
- 7.4+
RedHat:
versions:
- 6
- 7
- 7.4+
- 8
Debian:
versions:
- jessie
@ -36,62 +41,69 @@ Ubuntu:
versions:
- trusty
- xenial
- artful
- bionic
SUSE/SLES:
versions:
- 12
- 15
FreeBSD:
versions:
- 10
- 11
- 11.2+
- 12
```
**NGINX Plus**
```yaml
Alpine:
versions:
- 3.8
- 3.9
Amazon Linux:
versions:
- 2018.03
Amazon Linux 2:
versions:
- LTS
CentOS:
versions:
- 6
- 7
RedHat:
versions:
- 6
- 7
- 6.5+
- 7.4+
Debian:
versions:
- jessie
- stretch
FreeBSD:
versions:
- 11.2+
- 12
Oracle Linux:
versions:
- 6.5+
- 7.4+
RedHat:
versions:
- 6.5+
- 7.4+
- 8
SUSE/SLES:
versions:
- 12
- 15
Ubuntu:
versions:
- trusty
- xenial
- artful
- bionic
Oracle Linux:
versions:
- 6.5
- 7
Amazon Linux:
versions:
- 2018.03
SUSE/SLES:
versions:
- 12
FreeBSD:
versions:
- 10
- 11
```
**NGINX Amplify**
```yaml
CentOS:
Amazon Linux:
versions:
- 6
- 7
RedHat:
- 2017.09
CentOS:
versions:
- 6
- 7
@ -103,21 +115,25 @@ Ubuntu:
versions:
- trusty
- xenial
- artful
- bionic
Amazon Linux:
RedHat:
versions:
- 2017.09
- 6
- 7
```
**NGINX Controller**
```yaml
Amazon Linux:
versions:
- 2017.09
Amazon Linux 2:
versions:
- LTS
CentOS:
versions:
- 7
RedHat:
versions:
- 6
- 7
Debian:
versions:
@ -126,7 +142,11 @@ Debian:
Ubuntu:
versions:
- xenial
- artful
- bionic
RedHat:
versions:
- 6
- 7
```
**NGINX Unit**
@ -147,11 +167,12 @@ Debian:
Ubuntu:
versions:
- xenial
- artful
- bionic
Amazon Linux:
versions:
- 2018.03
Amazon Linux 2:
versions:
- 2
FreeBSD:
versions:

View File

@ -29,22 +29,23 @@ nginx_install_from: nginx_repository
# Only works if 'install_from' is set to 'nginx_repository'.
# Defaults are the official NGINX repositories.
nginx_repository:
alpine: >-
https://nginx.org/packages/{{ (nginx_branch == 'mainline')
| ternary('mainline/', '') }}alpine/v{{ ansible_distribution_version | regex_search('^[0-9]+\\.[0-9]+') }}/main
debian:
- >-
deb https://nginx.org/packages/{{ (nginx_branch == 'mainline')
| ternary('mainline/', '') }}{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx
| ternary('mainline/', '') }}{{ ansible_distribution | lower }}/ {{ ansible_distribution_release }} nginx
- >-
deb-src https://nginx.org/packages/{{ (nginx_branch == 'mainline')
| ternary('mainline/', '') }}{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx
redhat:
- >-
| ternary('mainline/', '') }}{{ ansible_distribution | lower }}/ {{ ansible_distribution_release }} nginx
redhat: >-
https://nginx.org/packages/{{ (nginx_branch == 'mainline')
| ternary('mainline/', '') }}{{ (ansible_distribution == "RedHat")
| ternary('rhel/', 'centos/') }}{{ ansible_distribution_major_version|int }}/$basearch/
suse:
- >-
| ternary('rhel', 'centos') }}/{{ ansible_distribution_major_version }}/$basearch/
suse: >-
https://nginx.org/packages/{{ (nginx_branch == 'mainline')
| ternary('mainline/', '') }}sles/12
| ternary('mainline/', '') }}sles/{{ ansible_distribution_major_version }}
# Specify which branch of NGINX Open Source you want to install.
# Options are 'mainline' or 'stable'.

View File

@ -1,39 +1,38 @@
---
- name: "(Handler: All OSs) Start NGINX"
- name: "(Handler: All OSs) Run NGINX"
block:
- name: "(Handler: All OSs) Start NGINX"
service:
name: nginx
state: started
enabled: yes
when: nginx_start
- name: "(Handler: All OSs) Reload NGINX"
- name: "(Handler: All OSs) Reload NGINX"
service:
name: nginx
state: reloaded
when: nginx_start
- name: "(Handler: All OSs) Start NGINX Amplify Agent"
- name: "(Handler: All OSs) Start NGINX Amplify Agent"
service:
name: amplify-agent
state: started
when: nginx_start
- name: "(Handler: All OSs) Start NGINX Controller Agent"
- name: "(Handler: All OSs) Start NGINX Controller Agent"
service:
name: controller-agent
state: started
when: nginx_start
- name: "(Handler: Debian/Ubuntu/CentOS/RedHat) Start NGINX Unit"
- name: "(Handler: Debian/Ubuntu/CentOS/RedHat) Start NGINX Unit"
service:
name: unit
state: started
enabled: yes
when: nginx_start
- name: "(Handler: FreeBSD) Start NGINX Unit"
- name: "(Handler: FreeBSD) Start NGINX Unit"
service:
name: unitd
state: started
enabled: yes
when: nginx_start
when: nginx_start | bool

View File

@ -10,27 +10,32 @@ galaxy_info:
min_ansible_version: 2.4.0.0
platforms:
- name: Alpine
versions:
- all
- name: Amazon Linux
- candidate
- name: Debian
versions:
- jessie
- stretch
- name: Ubuntu
versions:
- trusty
- xenial
- artful
- bionic
- name: EL
versions:
- 6
- 7
- name: FreeBSD
versions:
- 11.2
- 12.0
- name: Ubuntu
versions:
- trusty
- xenial
- bionic
- name: SLES
versions:
- 12
- name: FreeBSD
versions:
- 10.4
- 11.2
- 15
galaxy_tags:
- nginx

5
tasks/keys/apk-key.yml Normal file
View File

@ -0,0 +1,5 @@
---
- name: "(Install: APK OSs) Download NGINX Signing Key"
get_url:
url: https://nginx.org/keys/nginx_signing.rsa.pub
dest: /etc/apk/keys/nginx_signing.rsa.pub

View File

@ -18,6 +18,9 @@
or nginx_controller_enable
or nginx_unit_enable
- import_tasks: keys/apk-key.yml
when: ansible_os_family == "Alpine"
- name: "(Install: Debian/Ubuntu/CentOS/RedHat/FreeBSD) Install NGINX"
block:
@ -28,7 +31,7 @@
when: nginx_type == "plus"
- import_tasks: conf/cleanup-config.yml
when: nginx_cleanup_config
when: nginx_cleanup_config | bool
- import_tasks: modules/install-modules.yml
when: true in nginx_modules.values()
@ -47,26 +50,26 @@
or nginx_rest_api_enable
- import_tasks: conf/setup-status.yml
when: nginx_status_enable
when: nginx_status_enable | bool
- import_tasks: conf/debug-output.yml
when: nginx_debug_output
when: nginx_debug_output | bool
when: nginx_enable
when: nginx_enable | bool
- import_tasks: amplify/install-amplify.yml
when:
- nginx_amplify_enable
- nginx_amplify_enable | bool
- nginx_amplify_api_key is defined
- nginx_amplify_api_key | length > 0
- import_tasks: controller/install-controller.yml
when:
- nginx_controller_enable
- nginx_controller_enable | bool
- nginx_controller_api_key is defined
- nginx_controller_api_key
- nginx_controller_api_key | length > 0
- nginx_controller_api_endpoint is defined
- nginx_controller_api_endpoint
- nginx_controller_api_endpoint | length > 0
- import_tasks: unit/install-unit.yml
when: nginx_unit_enable
when: nginx_unit_enable | bool

View File

@ -0,0 +1,6 @@
---
- name: "(Install: Alpine Linux) Add NGINX Plus Repository"
lineinfile:
path: /etc/apk/repositories
insertafter: EOF
line: "{{ nginx_repository.alpine }}"

View File

@ -1,5 +1,5 @@
---
- name: "(Install: SUSE) Add NGINX Repository"
zypper_repository:
name: nginx
name: "nginx-{{ nginx_branch }}"
repo: "{{ nginx_repository.suse }}"

View File

@ -13,6 +13,9 @@
- import_tasks: setup-freebsd.yml
when: ansible_os_family == "FreeBSD"
- import_tasks: setup-alpine.yml
when: ansible_os_family == "Alpine"
- name: "(Install: All OSs) Install NGINX Plus"
package:
name: nginx-plus
@ -20,4 +23,4 @@
notify: "(Handler: All OSs) Start NGINX"
- import_tasks: delete-license.yml
when: nginx_delete_license
when: nginx_delete_license | bool

View File

@ -0,0 +1,6 @@
---
- name: "(Install: Alpine Linux) Add NGINX Plus Repository"
lineinfile:
path: /etc/apk/repositories
insertafter: EOF
line: "https://plus-pkgs.nginx.com/alpine/v{{ ansible_distribution_version | regex_search('^[0-9]+\\.[0-9]+') }}/main"

View File

@ -1,10 +1,13 @@
---
- name: "(All OSs) Create SSL Directory"
- name: "(All OSs) Setup NGINX Plus License"
block:
- name: "(All OSs) Create SSL Directory"
file:
path: /etc/ssl/nginx
state: directory
- name: "(All OSs) Copy NGINX Plus Certificate and License Key"
- name: "(All OSs) Copy NGINX Plus Certificate and License Key"
copy:
src: "{{ item }}"
dest: /etc/ssl/nginx
@ -12,3 +15,27 @@
with_items:
- "{{ nginx_license.certificate }}"
- "{{ nginx_license.key }}"
when: ansible_distribution != "Alpine"
- name: "(Alpine Linux) Setup NGINX Plus License"
block:
- name: "(Alpine Linux) Create APK Directory"
file:
path: /etc/apk
state: directory
- name: "(Alpine Linux) Copy NGINX Plus Key"
copy:
src: "{{ nginx_license.key }}"
dest: /etc/apk/cert.key
decrypt: yes
- name: "(Alpine Linux) Copy NGINX Plus Certificate"
copy:
src: "{{ nginx_license.certificate }}"
dest: /etc/apk/cert.pem
decrypt: yes
when: ansible_distribution == "Alpine"

View File

@ -2,7 +2,7 @@
- name: "(Install: CentOS/RedHat/Oracle Linux) Add NGINX Plus Repository"
yum_repository:
name: nginx-plus
baseurl: https://plus-pkgs.nginx.com/{{ (ansible_distribution == "RedHat") | ternary('rhel/', 'centos/') }}/{{ (ansible_distribution_version|float < 7.4) | ternary(ansible_distribution_major_version|int, 7.4) }}/$basearch/
baseurl: https://plus-pkgs.nginx.com/centos/{{ (ansible_distribution_version | float >= 7.4 and ansible_distribution_version | float < 8.0) | ternary(ansible_distribution_major_version | int, 7.4) }}/$basearch/
description: NGINX Plus Repository
sslclientcert: /etc/ssl/nginx/nginx-repo.crt
sslclientkey: /etc/ssl/nginx/nginx-repo.key
@ -13,7 +13,7 @@
- name: "(Install: Amazon Linux) Add NGINX Plus Repository"
yum_repository:
name: nginx-plus
baseurl: https://plus-pkgs.nginx.com/amzn{{ (ansible_distribution_version == "2") | ternary('2', '') }}/$releasever/$basearch
baseurl: https://plus-pkgs.nginx.com/amzn{{ (ansible_distribution_major_version == "2") | ternary('2', '') }}/$releasever/$basearch
description: NGINX Plus Repository
sslclientcert: /etc/ssl/nginx/nginx-repo.crt
sslclientkey: /etc/ssl/nginx/nginx-repo.key

View File

@ -7,4 +7,4 @@
- name: "(Install: SUSE) Add NGINX Plus Repository"
zypper_repository:
name: nginx-plus
repo: https://plus-pkgs.nginx.com/sles/12?ssl_clientcert=/etc/ssl/nginx/nginx-repo-bundle.crt&ssl_verify=host
repo: "https://plus-pkgs.nginx.com/sles/{{ ansible_distribution_major_version }}?ssl_clientcert=/etc/ssl/nginx/nginx-repo-bundle.crt&ssl_verify=host"