Improve role handling (#128)
* Improve role handling * Add defaults to some tasks * Improve template conditionals
This commit is contained in:
parent
f3ec78e7ae
commit
feda384b94
58
README.md
58
README.md
@ -86,10 +86,10 @@ RedHat:
|
||||
- 6.5+
|
||||
- 7.4+
|
||||
- 8
|
||||
SUSE/SLES:
|
||||
versions:
|
||||
- 12
|
||||
- 15
|
||||
SUSE/SLES:
|
||||
versions:
|
||||
- 12
|
||||
- 15
|
||||
Ubuntu:
|
||||
versions:
|
||||
- trusty
|
||||
@ -115,7 +115,7 @@ Ubuntu:
|
||||
versions:
|
||||
- trusty
|
||||
- xenial
|
||||
- bionic
|
||||
- bionic
|
||||
RedHat:
|
||||
versions:
|
||||
- 6
|
||||
@ -211,23 +211,33 @@ nginx_install_from: nginx_repository
|
||||
|
||||
# Choose where to fetch the NGINX signing key from.
|
||||
# Default is the official NGINX signing key host.
|
||||
nginx_signing_key: http://nginx.org/keys/nginx_signing.key
|
||||
# nginx_signing_key: http://nginx.org/keys/nginx_signing.key
|
||||
|
||||
# Specify source repository for NGINX Open Source.
|
||||
# Only works if 'nginx_install_from' is set to 'nginx_repository'.
|
||||
# Only works if 'install_from' is set to 'nginx_repository'.
|
||||
# Defaults are the official NGINX repositories.
|
||||
nginx_repository:
|
||||
alpine: >-
|
||||
https://nginx.org/packages/{{ (nginx_branch == 'mainline')
|
||||
| ternary('mainline/', '') }}alpine/v{{ ansible_distribution_version | regex_search('^[0-9]+\\.[0-9]+') }}/main
|
||||
debian:
|
||||
- deb https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx
|
||||
- deb-src https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx
|
||||
redhat:
|
||||
- https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}{{ (ansible_distribution == "RedHat") | ternary('rhel/', 'centos/') }}{{ ansible_distribution_major_version|int }}/$basearch/
|
||||
suse:
|
||||
- https://nginx.org/packages/{{ (nginx_branch == 'mainline') | ternary('mainline/', '') }}sles/12
|
||||
- >-
|
||||
deb https://nginx.org/packages/{{ (nginx_branch == 'mainline')
|
||||
| ternary('mainline/', '') }}{{ ansible_distribution | lower }}/ {{ ansible_distribution_release }} nginx
|
||||
- >-
|
||||
deb-src https://nginx.org/packages/{{ (nginx_branch == 'mainline')
|
||||
| ternary('mainline/', '') }}{{ ansible_distribution | lower }}/ {{ ansible_distribution_release }} nginx
|
||||
redhat: >-
|
||||
https://nginx.org/packages/{{ (nginx_branch == 'mainline')
|
||||
| ternary('mainline/', '') }}{{ (ansible_distribution == "RedHat")
|
||||
| ternary('rhel', 'centos') }}/{{ ansible_distribution_major_version }}/$basearch/
|
||||
suse: >-
|
||||
https://nginx.org/packages/{{ (nginx_branch == 'mainline')
|
||||
| ternary('mainline/', '') }}sles/{{ ansible_distribution_major_version }}
|
||||
|
||||
# Specify which branch of NGINX Open Source you want to install.
|
||||
# Options are 'mainline' or 'stable'.
|
||||
# Only works if 'nginx_install_from' is set to 'nginx_repository'.
|
||||
# Only works if 'install_from' is set to 'nginx_repository'.
|
||||
# Default is mainline.
|
||||
nginx_branch: mainline
|
||||
|
||||
@ -353,10 +363,12 @@ nginx_http_template:
|
||||
autoindex: false
|
||||
auth_basic: null
|
||||
auth_basic_user_file: null
|
||||
try_files: $uri $uri/index.html $uri.html =404
|
||||
#auth_request: /auth
|
||||
ssl:
|
||||
cert: /etc/ssl/certs/default.crt
|
||||
key: /etc/ssl/private/default.key
|
||||
dhparam: /etc/ssl/private/dh_param.pem
|
||||
protocols: TLSv1 TLSv1.1 TLSv1.2
|
||||
ciphers: HIGH:!aNULL:!MD5
|
||||
session_cache: none
|
||||
@ -370,7 +382,8 @@ nginx_http_template:
|
||||
autoindex: false
|
||||
auth_basic: null
|
||||
auth_basic_user_file: null
|
||||
#auth_req: /auth
|
||||
try_files: $uri $uri/index.html $uri.html =404
|
||||
#auth_request: /auth
|
||||
#returns:
|
||||
#return302:
|
||||
#code: 302
|
||||
@ -432,9 +445,6 @@ nginx_http_template:
|
||||
cert: /etc/ssl/certs/proxy_default.crt
|
||||
key: /etc/ssl/private/proxy_default.key
|
||||
trusted_cert: /etc/ssl/certs/proxy_ca.crt
|
||||
dhparam: /etc/ssl/private/dh_param.pem
|
||||
server_name: false
|
||||
name: server_name
|
||||
protocols: TLSv1 TLSv1.1 TLSv1.2
|
||||
ciphers: HIGH:!aNULL:!MD5
|
||||
verify: false
|
||||
@ -452,10 +462,10 @@ nginx_http_template:
|
||||
proxy_ignore_headers:
|
||||
- Vary
|
||||
- Cache-Control
|
||||
proxy_redirect: false
|
||||
websocket: false
|
||||
auth_basic: null
|
||||
auth_basic_user_file: null
|
||||
try_files: $uri $uri/index.html $uri.html =404
|
||||
#auth_req: /auth
|
||||
#returns:
|
||||
#return302:
|
||||
@ -494,7 +504,7 @@ nginx_status_port: 8080
|
||||
# Requires NGINX Plus.
|
||||
# Default is false.
|
||||
nginx_rest_api_enable: false
|
||||
nginx_rest_api_src: api.conf.j2
|
||||
nginx_rest_api_src: http/api.conf.j2
|
||||
nginx_rest_api_location: /etc/nginx/conf.d/api.conf
|
||||
nginx_rest_api_port: 8080
|
||||
nginx_rest_api_write: false
|
||||
@ -522,8 +532,6 @@ nginx_stream_template:
|
||||
cert: /etc/ssl/certs/proxy_default.crt
|
||||
key: /etc/ssl/private/proxy_default.key
|
||||
trusted_cert: /etc/ssl/certs/proxy_ca.crt
|
||||
server_name: false
|
||||
name: server_name
|
||||
protocols: TLSv1 TLSv1.1 TLSv1.2
|
||||
ciphers: HIGH:!aNULL:!MD5
|
||||
verify: false
|
||||
@ -713,6 +721,8 @@ License
|
||||
Author Information
|
||||
------------------
|
||||
|
||||
Alessandro Fael Garcia
|
||||
[Alessandro Fael Garcia](https://github.com/alessfg)
|
||||
|
||||
[NGINX Inc](https://www.nginx.com/)
|
||||
[Grzegorz Dzien](https://github.com/gdzien)
|
||||
|
||||
© [NGINX, Inc.](https://www.nginx.com/) 2018 - 2019
|
||||
|
@ -4,7 +4,7 @@
|
||||
nginx_enable: true
|
||||
|
||||
# Start NGINX service.
|
||||
# Default is true
|
||||
# Default is true.
|
||||
nginx_start: true
|
||||
|
||||
# Print NGINX configuration file to terminal after executing playbook.
|
||||
@ -316,7 +316,7 @@ nginx_status_port: 8080
|
||||
# Requires NGINX Plus.
|
||||
# Default is false.
|
||||
nginx_rest_api_enable: false
|
||||
nginx_rest_api_src: api.conf.j2
|
||||
nginx_rest_api_src: http/api.conf.j2
|
||||
nginx_rest_api_location: /etc/nginx/conf.d/api.conf
|
||||
nginx_rest_api_port: 8080
|
||||
nginx_rest_api_write: false
|
||||
|
@ -6,4 +6,4 @@
|
||||
|
||||
- name: "(Setup: All OSs) Print NGINX configuration"
|
||||
debug:
|
||||
var: nginx_configuration.stdout_lines
|
||||
var: nginx_configuration.stdout_lines
|
||||
|
@ -5,7 +5,7 @@
|
||||
create: yes
|
||||
block: |
|
||||
server {
|
||||
listen 127.0.0.1:{{ nginx_status_port }};
|
||||
listen 127.0.0.1:{{ nginx_status_port | default('8080') }};
|
||||
location /nginx_status {
|
||||
stub_status on;
|
||||
allow 127.0.0.1;
|
||||
@ -21,7 +21,7 @@
|
||||
create: yes
|
||||
block: |
|
||||
server {
|
||||
listen 127.0.0.1:{{ nginx_status_port }};
|
||||
listen 127.0.0.1:{{ nginx_status_port | default('8080') }};
|
||||
location /status {
|
||||
status;
|
||||
allow 127.0.0.1;
|
||||
|
@ -1,39 +1,45 @@
|
||||
---
|
||||
- name: "(Setup: All NGINX) Ensure HTML Directory Exists"
|
||||
file:
|
||||
path: "{{ item.value.html_file_location }}"
|
||||
path: "{{ item.value.html_file_location | default('/usr/share/nginx/html') }}"
|
||||
state: directory
|
||||
with_dict: "{{ nginx_html_demo_template }}"
|
||||
when: nginx_html_demo_template_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Dynamically Generate HTML Files"
|
||||
template:
|
||||
src: "{{ item.value.template_file }}"
|
||||
dest: "{{ item.value.html_file_location }}/{{ item.value.html_file_name }}"
|
||||
src: "{{ item.value.template_file | default('www/index.html.j2') }}"
|
||||
dest: "{{ item.value.html_file_location | default('/usr/share/nginx/html') }}/{{ item.value.html_file_name | default('index.html') }}"
|
||||
backup: yes
|
||||
with_dict: "{{ nginx_html_demo_template }}"
|
||||
when: nginx_html_demo_template_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Ensure NGINX Main Directory Exists"
|
||||
file:
|
||||
path: "{{ nginx_main_template.conf_file_location | default('/etc/nginx') }}"
|
||||
state: directory
|
||||
when: nginx_main_template_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Dynamically Generate NGINX Main Configuration File"
|
||||
template:
|
||||
src: "{{ nginx_main_template.template_file }}"
|
||||
dest: "{{ nginx_main_template.conf_file_location }}/{{ nginx_main_template.conf_file_name }}"
|
||||
src: "{{ nginx_main_template.template_file | default('nginx.conf.j2') }}"
|
||||
dest: "{{ nginx_main_template.conf_file_location | default('/etc/nginx') }}/{{ nginx_main_template.conf_file_name | default('nginx.conf') }}"
|
||||
backup: yes
|
||||
when: nginx_main_template_enable
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: All NGINX) Ensure NGINX HTTP Directory Exists"
|
||||
file:
|
||||
path: "{{ item.value.conf_file_location }}"
|
||||
path: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/') }}"
|
||||
state: directory
|
||||
with_dict: "{{ nginx_http_template }}"
|
||||
when: nginx_http_template_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Ensure NGINX Proxy Cache Directories Exists"
|
||||
- name: "(Setup: All NGINX) Ensure NGINX Proxy Cache Directories Exist"
|
||||
file:
|
||||
path: "{{ item.1.path }}"
|
||||
state: directory
|
||||
owner: "{{ nginx_main_template.user }}"
|
||||
owner: "{{ nginx_main_template.user | default('nginx') }}"
|
||||
with_subelements:
|
||||
- "{{ nginx_http_template }}"
|
||||
- reverse_proxy.proxy_cache_path
|
||||
@ -42,33 +48,33 @@
|
||||
|
||||
- name: "(Setup: All NGINX) Dynamically Generate NGINX HTTP Configuration Files"
|
||||
template:
|
||||
src: "{{ item.value.template_file }}"
|
||||
dest: "{{ item.value.conf_file_location }}/{{ item.value.conf_file_name }}"
|
||||
src: "{{ item.value.template_file | default('http/default.conf.j2') }}"
|
||||
dest: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/') }}/{{ item.value.conf_file_name | default('default.conf') }}"
|
||||
backup: yes
|
||||
with_dict: "{{ nginx_http_template }}"
|
||||
when: nginx_http_template_enable
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: All NGINX) Dynamically Generate NGINX API Configuration File"
|
||||
template:
|
||||
src: "{{ nginx_rest_api_src | default('http/api.conf.j2') }}"
|
||||
dest: "{{ nginx_rest_api_location | default('/etc/nginx/conf.d/api.conf') }}"
|
||||
backup: yes
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
when: nginx_rest_api_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Ensure NGINX Stream Directory Exists"
|
||||
file:
|
||||
path: "{{ item.value.conf_file_location }}"
|
||||
path: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/stream/') }}"
|
||||
state: directory
|
||||
with_dict: "{{ nginx_stream_template }}"
|
||||
when: nginx_stream_template_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Dynamically Generate NGINX Stream Configuration Files"
|
||||
template:
|
||||
src: "{{ item.value.template_file }}"
|
||||
dest: "{{ item.value.conf_file_location }}/{{ item.value.conf_file_name }}"
|
||||
src: "{{ item.value.template_file | default('stream/default.conf.j2') }}"
|
||||
dest: "{{ item.value.conf_file_location | default('/etc/nginx/conf.d/stream/') }}/{{ item.value.conf_file_name | default('default.conf') }}"
|
||||
backup: yes
|
||||
with_dict: "{{ nginx_stream_template }}"
|
||||
when: nginx_stream_template_enable
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
|
||||
- name: "(Setup: All NGINX) Dynamically Generate NGINX API Configuration File"
|
||||
template:
|
||||
src: "{{ nginx_rest_api_src }}"
|
||||
dest: "{{ nginx_rest_api_location }}"
|
||||
backup: yes
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
when: nginx_rest_api_enable
|
||||
|
@ -1,22 +1,28 @@
|
||||
---
|
||||
- name: "(Setup: All NGINX) Ensure NGINX Main Directory Exists"
|
||||
file:
|
||||
path: "{{ nginx_main_upload_dest | default('/etc/nginx/') }}"
|
||||
state: directory
|
||||
when: nginx_main_upload_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Upload NGINX Main Configuration File"
|
||||
copy:
|
||||
src: "{{ nginx_main_upload_src }}"
|
||||
dest: "{{ nginx_main_upload_dest }}"
|
||||
src: "{{ nginx_main_upload_src | default('conf/nginx.conf') }}"
|
||||
dest: "{{ nginx_main_upload_dest | default('/etc/nginx/') }}"
|
||||
backup: yes
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
when: nginx_main_upload_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Ensure NGINX HTTP Directory Exists"
|
||||
file:
|
||||
path: "{{ nginx_http_upload_dest }}"
|
||||
path: "{{ nginx_http_upload_dest | default('/etc/nginx/conf.d/') }}"
|
||||
state: directory
|
||||
when: nginx_http_upload_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Upload NGINX HTTP Configuration Files"
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ nginx_http_upload_dest }}"
|
||||
dest: "{{ nginx_http_upload_dest | default('/etc/nginx/conf.d/') }}"
|
||||
backup: yes
|
||||
with_fileglob: "{{ nginx_http_upload_src }}"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
@ -24,14 +30,14 @@
|
||||
|
||||
- name: "(Setup: All NGINX) Ensure NGINX Stream Directory Exists"
|
||||
file:
|
||||
path: "{{ nginx_stream_upload_dest }}"
|
||||
path: "{{ nginx_stream_upload_dest | default('/etc/nginx/conf.d/') }}"
|
||||
state: directory
|
||||
when: nginx_stream_upload_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Upload NGINX Stream Configuration Files"
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ nginx_stream_upload_dest }}"
|
||||
dest: "{{ nginx_stream_upload_dest | default('/etc/nginx/conf.d/') }}"
|
||||
backup: yes
|
||||
with_fileglob: "{{ nginx_stream_upload_src }}"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
@ -39,14 +45,14 @@
|
||||
|
||||
- name: "(Setup: All NGINX) Ensure NGINX HTML Directory Exists"
|
||||
file:
|
||||
path: "{{ nginx_html_upload_dest }}"
|
||||
path: "{{ nginx_html_upload_dest | default('/usr/share/nginx/html') }}"
|
||||
state: directory
|
||||
when: nginx_html_upload_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Upload NGINX HTML Files"
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ nginx_html_upload_dest }}"
|
||||
dest: "{{ nginx_html_upload_dest | default('/usr/share/nginx/html') }}"
|
||||
backup: yes
|
||||
with_fileglob: "{{ nginx_html_upload_src }}"
|
||||
notify: "(Handler: All OSs) Reload NGINX"
|
||||
@ -54,20 +60,20 @@
|
||||
|
||||
- name: "(Setup: All NGINX) Ensure SSL Certificate Directory Exists"
|
||||
file:
|
||||
path: "{{ nginx_ssl_crt_upload_dest }}"
|
||||
path: "{{ nginx_ssl_crt_upload_dest | default('/etc/ssl/certs/') }}"
|
||||
state: directory
|
||||
when: nginx_ssl_upload_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Ensure SSL Key Directory Exists"
|
||||
file:
|
||||
path: "{{ nginx_ssl_key_upload_dest }}"
|
||||
path: "{{ nginx_ssl_key_upload_dest | default('/etc/ssl/private/') }}"
|
||||
state: directory
|
||||
when: nginx_ssl_upload_enable
|
||||
|
||||
- name: "(Setup: All NGINX) Upload NGINX SSL Certificates"
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ nginx_ssl_crt_upload_dest }}"
|
||||
dest: "{{ nginx_ssl_crt_upload_dest | default('/etc/ssl/certs/') }}"
|
||||
mode: 0640
|
||||
decrypt: yes
|
||||
backup: yes
|
||||
@ -77,7 +83,7 @@
|
||||
- name: "(Setup: All NGINX) Upload NGINX SSL Keys"
|
||||
copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ nginx_ssl_key_upload_dest }}"
|
||||
dest: "{{ nginx_ssl_key_upload_dest | default('/etc/ssl/private/') }}"
|
||||
mode: 0640
|
||||
decrypt: yes
|
||||
backup: yes
|
||||
|
@ -2,4 +2,4 @@
|
||||
- name: "(Install: Debian/Ubuntu) Add NGINX Controller Agent Repository"
|
||||
apt_repository:
|
||||
filename: nginx-controller
|
||||
repo: deb http://packages.nginx.org/controller/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release|lower }} controller
|
||||
repo: deb http://packages.nginx.org/controller/{{ ansible_distribution | lower }}/ {{ ansible_distribution_release | lower }} controller
|
||||
|
@ -1,7 +1,7 @@
|
||||
---
|
||||
- name: "(Install: Debian/Ubuntu) Add NGINX Plus Repository"
|
||||
apt_repository:
|
||||
repo: deb https://plus-pkgs.nginx.com/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} nginx-plus
|
||||
repo: deb https://plus-pkgs.nginx.com/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} nginx-plus
|
||||
filename: nginx-plus
|
||||
update_cache: no
|
||||
|
||||
|
@ -2,7 +2,9 @@
|
||||
- name: "(Install: CentOS/RedHat/Oracle Linux) Add NGINX Plus Repository"
|
||||
yum_repository:
|
||||
name: nginx-plus
|
||||
baseurl: https://plus-pkgs.nginx.com/centos/{{ (ansible_distribution_version | float >= 7.4 and ansible_distribution_version | float < 8.0) | ternary(ansible_distribution_major_version | int, 7.4) }}/$basearch/
|
||||
baseurl: >-
|
||||
https://plus-pkgs.nginx.com/centos/{{ (ansible_distribution_version | float >= 7.4 and ansible_distribution_version | float < 8.0)
|
||||
| ternary(ansible_distribution_major_version | int, 7.4) }}/$basearch/
|
||||
description: NGINX Plus Repository
|
||||
sslclientcert: /etc/ssl/nginx/nginx-repo.crt
|
||||
sslclientkey: /etc/ssl/nginx/nginx-repo.key
|
||||
@ -13,7 +15,9 @@
|
||||
- name: "(Install: Amazon Linux) Add NGINX Plus Repository"
|
||||
yum_repository:
|
||||
name: nginx-plus
|
||||
baseurl: https://plus-pkgs.nginx.com/amzn{{ (ansible_distribution_major_version == "2") | ternary('2', '') }}/$releasever/$basearch
|
||||
baseurl: >-
|
||||
https://plus-pkgs.nginx.com/amzn{{ (ansible_distribution_version == "2")
|
||||
| ternary('2', '') }}/$releasever/$basearch
|
||||
description: NGINX Plus Repository
|
||||
sslclientcert: /etc/ssl/nginx/nginx-repo.crt
|
||||
sslclientkey: /etc/ssl/nginx/nginx-repo.key
|
||||
|
@ -1,17 +0,0 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
server {
|
||||
listen {{ nginx_rest_api_port }};
|
||||
location /api {
|
||||
{% if nginx_rest_api_write %}
|
||||
api write=on;
|
||||
{% else %}
|
||||
api;
|
||||
{% endif %}
|
||||
}
|
||||
{% if nginx_rest_api_dashboard %}
|
||||
location = /dashboard.html {
|
||||
root /usr/share/nginx/html;
|
||||
}
|
||||
{% endif %}
|
||||
}
|
@ -1,6 +1,6 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
{% if item.value.upstreams is defined %}
|
||||
{% if item.value.upstreams is defined and item.value.upstreams %}
|
||||
{% for upstream in item.value.upstreams %}
|
||||
upstream {{ item.value.upstreams[upstream].name }} {
|
||||
{{ item.value.upstreams[upstream].lb_method }};
|
||||
@ -15,33 +15,32 @@ upstream {{ item.value.upstreams[upstream].name }} {
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
{% if item.value.reverse_proxy is defined %}
|
||||
{% if item.value.reverse_proxy.proxy_cache_path is defined %}
|
||||
{% if item.value.reverse_proxy is defined and item.value.reverse_proxy %}
|
||||
{% if item.value.reverse_proxy.proxy_cache_path is defined and item.value.reverse_proxy.proxy_cache_path %}
|
||||
{% for proxy_cache_path in item.value.reverse_proxy.proxy_cache_path %}
|
||||
proxy_cache_path {{ proxy_cache_path.path }} keys_zone={{ proxy_cache_path.keys_zone.name }}:{{ proxy_cache_path.keys_zone.size }}
|
||||
levels={{ proxy_cache_path.levels }} max_size={{ proxy_cache_path.max_size }}
|
||||
inactive={{ proxy_cache_path.inactive }} use_temp_path={{ proxy_cache_path.use_temp_path | ternary("on", "off") }};
|
||||
{% endfor %}
|
||||
|
||||
{% if item.value.reverse_proxy.proxy_cache_background_update is defined %}
|
||||
{% if item.value.reverse_proxy.proxy_cache_background_update is defined and item.value.reverse_proxy.proxy_cache_background_update%}
|
||||
proxy_cache_background_update {{ item.value.reverse_proxy.proxy_cache_background_update | ternary("on", "off") }};
|
||||
{% endif %}
|
||||
{% if item.value.reverse_proxy.proxy_cache_lock is defined %}
|
||||
{% if item.value.reverse_proxy.proxy_cache_lock is defined and item.value.reverse_proxy.proxy_cache_lock %}
|
||||
proxy_cache_lock {{ item.value.reverse_proxy.proxy_cache_lock | ternary("on", "off") }};
|
||||
{% endif %}
|
||||
{% if item.value.reverse_proxy.proxy_cache_min_uses is defined %}
|
||||
{% if item.value.reverse_proxy.proxy_cache_min_uses is defined and item.value.reverse_proxy.proxy_cache_min_uses %}
|
||||
proxy_cache_min_uses {{ item.value.reverse_proxy.proxy_cache_min_uses }};
|
||||
{% endif %}
|
||||
{% if item.value.reverse_proxy.proxy_cache_revalidate is defined %}
|
||||
{% if item.value.reverse_proxy.proxy_cache_revalidate is defined and item.value.reverse_proxy.proxy_cache_revalidate %}
|
||||
proxy_cache_revalidate {{ item.value.reverse_proxy.proxy_cache_revalidate | ternary("on", "off") }};
|
||||
{% endif %}
|
||||
{% if item.value.reverse_proxy.proxy_cache_use_stale is defined %}
|
||||
{% if item.value.reverse_proxy.proxy_cache_use_stale is defined and item.value.reverse_proxy.proxy_cache_use_stale %}
|
||||
proxy_cache_use_stale {{ item.value.reverse_proxy.proxy_cache_use_stale | join(" ") }};
|
||||
{% endif %}
|
||||
{% if item.value.reverse_proxy.proxy_ignore_headers is defined %}
|
||||
{% if item.value.reverse_proxy.proxy_ignore_headers is defined and item.value.reverse_proxy.proxy_ignore_headers %}
|
||||
proxy_ignore_headers {{ item.value.reverse_proxy.proxy_ignore_headers | join(" ") }};
|
||||
{% endif %}
|
||||
{% if item.value.reverse_proxy.proxy_temp_path is defined %}
|
||||
{% if item.value.reverse_proxy.proxy_temp_path is defined and item.value.reverse_proxy.proxy_temp_path.path %}
|
||||
proxy_temp_path {{ item.value.reverse_proxy.proxy_temp_path.path }} {{ item.value.reverse_proxy.proxy_temp_path.level_1 | default("") }} {{ item.value.reverse_proxy.proxy_temp_path.level_2 | default("") }} {{ item.value.reverse_proxy.proxy_temp_path.level_3 | default("") }};
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
@ -51,29 +50,29 @@ auth_request {{ item.value.auth_request_http }};
|
||||
{% endif %}
|
||||
|
||||
server {
|
||||
{% if item.value.ssl is defined %}
|
||||
{% if item.value.ssl is defined and item.value.ssl %}
|
||||
listen {{ item.value.port }} ssl;
|
||||
ssl_certificate {{ item.value.ssl.cert }};
|
||||
ssl_certificate_key {{ item.value.ssl.key }};
|
||||
{% if item.value.ssl.dhparam is defined %}
|
||||
ssl_dhparam {{ item.value.ssl.dhparam }};
|
||||
{% endif %}
|
||||
{% if item.value.ssl.protocols is defined %}
|
||||
{% if item.value.ssl.protocols is defined and item.value.ssl.protocols %}
|
||||
ssl_protocols {{ item.value.ssl.protocols }};
|
||||
{% endif %}
|
||||
{% if item.value.ssl.ciphers is defined %}
|
||||
{% if item.value.ssl.ciphers is defined and item.value.ssl.ciphers %}
|
||||
ssl_ciphers {{ item.value.ssl.ciphers }};
|
||||
{% endif %}
|
||||
{% if item.value.ssl.session_cache is defined %}
|
||||
{% if item.value.ssl.session_cache is defined and item.value.ssl.session_cache %}
|
||||
ssl_session_cache {{ item.value.ssl.session_cache }};
|
||||
{% endif %}
|
||||
{% if item.value.ssl.session_timeout is defined %}
|
||||
{% if item.value.ssl.session_timeout is defined and item.value.ssl.session_timeout %}
|
||||
ssl_session_timeout {{ item.value.ssl.session_timeout }};
|
||||
{% endif %}
|
||||
{% else %}
|
||||
listen {{ item.value.port }};
|
||||
{% endif %}
|
||||
server_name {{ item.value.server_name }};
|
||||
server_name {{ item.value.server_name | default('localhost') }};
|
||||
{% if item.value.auth_basic is defined and item.value.auth_basic %}
|
||||
auth_basic "{{ item.value.auth_basic }}";
|
||||
{% endif %}
|
||||
@ -96,7 +95,7 @@ server {
|
||||
auth_request {{ item.value.auth_request }};
|
||||
{% endif %}
|
||||
|
||||
{% if item.value.reverse_proxy is defined %}
|
||||
{% if item.value.reverse_proxy is defined and item.value.reverse_proxy %}
|
||||
{% for location in item.value.reverse_proxy.locations %}
|
||||
location {{ item.value.reverse_proxy.locations[location].location }} {
|
||||
{% if item.value.reverse_proxy.locations[location].internal is sameas true %}
|
||||
@ -144,8 +143,8 @@ server {
|
||||
{% if item.value.reverse_proxy.locations[location].try_files is defined %}
|
||||
try_files {{ item.value.reverse_proxy.locations[location].try_files }};
|
||||
{% endif %}
|
||||
{% if item.value.reverse_proxy.locations[location].proxy_ssl is defined %}
|
||||
|
||||
{% if item.value.reverse_proxy.locations[location].proxy_ssl is defined and item.value.reverse_proxy.locations[location].proxy_ssl %}
|
||||
{% if item.value.reverse_proxy.locations[location].proxy_ssl.cert is defined %}
|
||||
proxy_ssl_certificate {{ item.value.reverse_proxy.locations[location].proxy_ssl.cert }};
|
||||
{% endif %}
|
||||
@ -265,4 +264,4 @@ server {
|
||||
root {{ item.value.error_page }};
|
||||
}
|
||||
{% endif %}
|
||||
}
|
||||
}
|
||||
|
@ -1,4 +1,5 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
{% if item.value.upstreams is defined %}
|
||||
{% for upstream in item.value.upstreams %}
|
||||
upstream {{ item.value.upstreams[upstream].name }} {
|
||||
|
@ -95,7 +95,7 @@ clearTimeout(ref);
|
||||
<div id="footer">
|
||||
<div id="center" align="center">
|
||||
Request ID: request_id<br/>
|
||||
© NGINX, Inc. 2018
|
||||
© NGINX, Inc. 2018 - 2019
|
||||
</div>
|
||||
</div>
|
||||
</body>
|
||||
|
Loading…
Reference in New Issue
Block a user