--- # Install NGINX. # Default is true. nginx_enable: true # Start NGINX service. # Default is true. nginx_start: true # Print NGINX configuration file to terminal after executing playbook. nginx_debug_output: false # Specify which type of NGINX you want to install. # Options are 'opensource' or 'plus'. # Default is 'opensource'. nginx_type: opensource # Specify which version of NGINX you want to install. # Default is empty. # nginx_version: "=19-1~bionic" # For Plus and modules you'll need a wilcard like below (which installs plus-20 and modules) # nginx_version: "-20*" # Specify whether you want to maintain your version of NGINX, upgrade to the latest version, or remove NGINX. # Can be used with `nginx_version` to achieve fine tune control on which version of NGINX is installed/used on each playbook execution. # Using 'present' will install the latest version (or 'nginx_version') of NGINX on a fresh install. # Using 'latest' will upgrade NGINX to the latest version (that matches your 'nginx_version') of NGINX on every playbook execution. # Using 'absent' will remove NGINX from your system. # Default is present. nginx_state: present # Specify repository origin for NGINX Open Source. # Options are 'nginx_repository', 'source' or 'os_repository'. # Only works if 'nginx_type' is set to 'opensource'. # Default is nginx_repository. nginx_install_from: nginx_repository # Specify source install options for NGINX Open Source. # Options represent whether to install from source also # or to install from packages (default). These only apply # if 'nginx_install_from' is set to 'source' # For the tools, true means we will install from a package # and false means install from source. # 'nginx_install_source_build_tools' will install compiler # and build tools from packages. If false, you need to have # these present. nginx_install_source_build_tools: true nginx_install_source_pcre: false nginx_install_source_openssl: true nginx_install_source_zlib: false # Choose where to fetch the NGINX signing key from. # Default is the official NGINX signing key host. # nginx_signing_key: http://nginx.org/keys/nginx_signing.key # Specify source repository for NGINX Open Source. # Only works if 'install_from' is set to 'nginx_repository'. # Defaults are the official NGINX repositories. # nginx_repository: deb https://nginx.org/packages/mainline/debian/ stretch nginx # Specify which branch of NGINX Open Source you want to install. # Options are 'mainline' or 'stable'. # Only works if 'install_from' is set to 'nginx_repository' or 'source'. # Default is mainline. nginx_branch: mainline # Location of your NGINX Plus license in your local machine. # Default is the files folder within the NGINX Ansible role. nginx_license: certificate: license/nginx-repo.crt key: license/nginx-repo.key # Remove NGINX Plus license and repository after installation for security purposes. # Default is false. nginx_delete_license: false # Install NGINX JavaScript, Perl, ModSecurity WAF (NGINX Plus only), GeoIP, Image-Filter, RTMP Media Streaming (NGINX Plus only), and/or XSLT modules. # Default is false. nginx_modules: njs: false perl: false waf: false geoip: false image_filter: false rtmp: false xslt: false # Remove previously existing NGINX configuration files. # You can specify a list of paths you wish to remove. # Alternatively you can also choose whether to recurse through the paths specified. # Default is false. nginx_cleanup_config: false nginx_cleanup_config_path: - directory: - /etc/nginx/conf.d recurse: false # Set selinux enforcing for nginx (Centos/Redhat only) - you may need to open ports on your own nginx_selinux: false # Enable enforcing mode if true. Permissive if false (audit only, no enforcing) globally (only works with nginx_selinux: true) nginx_selinux_enforcing: true # List of TCP ports to add to http_port_t type (80 and 443 have this type already) # nginx_selinux_tcp_ports: # - 80 # - 443 # List of UDP ports to add to http_port_t type # nginx_selinux_udp_ports: # - 80 # - 443 # Temporary directory to hold selinux modules nginx_tempdir: /tmp