119 lines
4.4 KiB
YAML
119 lines
4.4 KiB
YAML
---
|
|
# Enable NGINX options -- `nginx_install` and `nginx_configure`.
|
|
# Default is true.
|
|
nginx_enable: true
|
|
|
|
# Install NGINX and NGINX modules.
|
|
# Variables for these options can be found below.
|
|
# Default is true.
|
|
nginx_install: true
|
|
|
|
# Enable NGINX configuration options.
|
|
# Variables for these options can be found in `./template.yml` and `./upload.yml`.
|
|
# Default is true.
|
|
nginx_configure: true
|
|
|
|
# Start NGINX service.
|
|
# Default is true.
|
|
nginx_start: true
|
|
|
|
# Print NGINX configuration file to terminal after executing playbook.
|
|
nginx_debug_output: false
|
|
|
|
# Specify which type of NGINX you want to install.
|
|
# Options are 'opensource' or 'plus'.
|
|
# Default is 'opensource'.
|
|
nginx_type: opensource
|
|
|
|
# Specify which version of NGINX you want to install.
|
|
# Default is empty.
|
|
# nginx_version: "=19-1~bionic"
|
|
# For Plus and modules you'll need a wilcard like below (which installs plus-20 and modules)
|
|
# nginx_version: "-20*"
|
|
|
|
# Specify whether you want to maintain your version of NGINX, upgrade to the latest version, or remove NGINX.
|
|
# Can be used with `nginx_version` to fine tune control on which version of NGINX is installed/used on each playbook execution.
|
|
# Using 'present' will install the latest version (or 'nginx_version') of NGINX on a fresh install.
|
|
# Using 'latest' will upgrade NGINX to the latest version (that matches your 'nginx_version') of NGINX on every playbook execution.
|
|
# Using 'absent' will remove NGINX from your system.
|
|
# Default is present.
|
|
nginx_state: present
|
|
|
|
# Specify repository origin for NGINX Open Source.
|
|
# Options are 'nginx_repository', 'source' or 'os_repository'.
|
|
# Only works if 'nginx_type' is set to 'opensource'.
|
|
# Default is nginx_repository.
|
|
nginx_install_from: nginx_repository
|
|
|
|
# Specify source install options for NGINX Open Source.
|
|
# Options represent whether to install from source also or to install from packages (default).
|
|
# These only apply if 'nginx_install_from' is set to 'source'.
|
|
# For the tools, true means we will install from a package and false means install from source.
|
|
# 'nginx_install_source_build_tools' will install compiler and build tools from packages.
|
|
# If false, you need to have these present.
|
|
nginx_install_source_build_tools: true
|
|
nginx_install_source_pcre: false
|
|
nginx_install_source_openssl: true
|
|
nginx_install_source_zlib: false
|
|
|
|
# Choose where to fetch the NGINX signing key from.
|
|
# Default is the official NGINX signing key host.
|
|
# nginx_signing_key: http://nginx.org/keys/nginx_signing.key
|
|
|
|
# Specify source repository for NGINX Open Source.
|
|
# Only works if 'install_from' is set to 'nginx_repository'.
|
|
# Defaults are the official NGINX repositories.
|
|
# nginx_repository: deb https://nginx.org/packages/mainline/debian/ stretch nginx
|
|
|
|
# Specify which branch of NGINX Open Source you want to install.
|
|
# Options are 'mainline' or 'stable'.
|
|
# Only works if 'install_from' is set to 'nginx_repository' or 'source'.
|
|
# Default is mainline.
|
|
nginx_branch: mainline
|
|
|
|
# Location of your NGINX Plus license in your local machine.
|
|
# Default is the files folder within the NGINX Ansible role.
|
|
nginx_license:
|
|
certificate: license/nginx-repo.crt
|
|
key: license/nginx-repo.key
|
|
|
|
# Remove NGINX Plus license and repository after installation for security purposes.
|
|
# Default is false.
|
|
nginx_delete_license: false
|
|
|
|
# Install NGINX JavaScript, Perl, ModSecurity WAF (NGINX Plus only), GeoIP, Image-Filter, RTMP Media Streaming (NGINX Plus only), and/or XSLT modules.
|
|
# Default is false.
|
|
nginx_modules:
|
|
njs: false
|
|
perl: false
|
|
waf: false
|
|
geoip: false
|
|
image_filter: false
|
|
rtmp: false
|
|
xslt: false
|
|
|
|
# Remove previously existing NGINX configuration files.
|
|
# You can specify a list of paths you wish to remove.
|
|
# Alternatively you can also choose whether to recurse through the paths specified.
|
|
# Default is false.
|
|
nginx_cleanup_config: false
|
|
nginx_cleanup_config_path:
|
|
- directory:
|
|
- /etc/nginx/conf.d
|
|
recurse: false
|
|
|
|
# Set selinux enforcing for nginx (Centos/Redhat only) - you may need to open ports on your own
|
|
nginx_selinux: false
|
|
# Enable enforcing mode if true. Permissive if false (audit only, no enforcing) globally (only works with nginx_selinux: true)
|
|
nginx_selinux_enforcing: true
|
|
# List of TCP ports to add to http_port_t type (80 and 443 have this type already)
|
|
# nginx_selinux_tcp_ports:
|
|
# - 80
|
|
# - 443
|
|
# List of UDP ports to add to http_port_t type
|
|
# nginx_selinux_udp_ports:
|
|
# - 80
|
|
# - 443
|
|
# Temporary directory to hold selinux modules
|
|
nginx_tempdir: /tmp
|