From bf0fe49b4bba7d65bac7c40b39649e7a93f3327a Mon Sep 17 00:00:00 2001 From: Oleg Vasilev Date: Thu, 3 Jun 2021 16:51:46 +0300 Subject: [PATCH] First public version --- README.md | 6 ++-- defaults/main.yml | 4 +++ handlers/main.yml | 11 +++++++ tasks/main.yml | 64 +++++++++++++++++++++++++++++++++++++++++ templates/nginx.conf.j2 | 36 +++++++++++++++++++++++ 5 files changed, 119 insertions(+), 2 deletions(-) create mode 100644 defaults/main.yml create mode 100644 handlers/main.yml create mode 100644 tasks/main.yml create mode 100644 templates/nginx.conf.j2 diff --git a/README.md b/README.md index f8fa318..cc75d9e 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ -# nginx +# Nginx ansible role +Simple template-based (no lengthy configuration vars) role. -Ansible role for nginx \ No newline at end of file +### Variables +See `defaults/main.yml` \ No newline at end of file diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..fe01217 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,4 @@ +--- + +# List of configs to deploy from /nginx/vhosts +nginx_vhosts: [] \ No newline at end of file diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..69f26a7 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,11 @@ +--- + +- name: nginx | Check new config + shell: nginx -t + listen: nginx | Config changed + +- name: nginx | Reload + systemd: + name: nginx + state: reloaded + listen: nginx | Config changed diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..8fc3216 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,64 @@ +--- + +- name: nginx | Install packages + pacman: + name: + - nginx-mainline + - mailcap + state: present + update_cache: yes + +- name: nginx | Remove stupid apache-style dirs + file: + path: "{{ item }}" + state: absent + with_items: + - /etc/nginx/sites-available + - /etc/nginx/sites-enabled + +- name: nginx | Add vhosts directory + file: + path: /etc/nginx/vhosts + state: directory + mode: 0700 + owner: root + group: root + +- name: nginx | Deploy main config + template: + src: nginx.conf.j2 + dest: /etc/nginx/nginx.conf + mode: 0600 + owner: root + group: root + notify: nginx | Config changed + +- name: nginx | Deploy vhosts configs + template: + src: nginx/vhosts/{{ item }} + dest: /etc/nginx/vhosts/{{ item }} + mode: 0600 + owner: root + group: root + with_items: "{{ nginx_vhosts }}" + notify: nginx | Config changed + +- name: nginx | Get file list in config dir + find: + path: /etc/nginx/vhosts + hidden: yes + register: nginx_vhosts_find + +- name: nginx | Remove unmanaged shit + file: + path: "/etc/nginx/vhosts/{{ item.path | basename }}" + state: absent + with_items: + - "{{ nginx_vhosts_find.files }}" + when: (item.path | basename) not in nginx_vhosts + +- name: nginx | Enable and start nginx + systemd: + name: nginx + enabled: yes + state: started diff --git a/templates/nginx.conf.j2 b/templates/nginx.conf.j2 new file mode 100644 index 0000000..9825f0b --- /dev/null +++ b/templates/nginx.conf.j2 @@ -0,0 +1,36 @@ +# {{ ansible_managed }} +user http; +worker_processes auto; + +error_log /var/log/nginx/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +# Specified in systemd unit file +#pid /run/nginx.pid; + +events { + worker_connections 512; +} + +http { + include mime.types; + default_type application/octet-stream; + + sendfile on; + tcp_nopush on; + keepalive_timeout 65; + gzip on; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + types_hash_bucket_size 128; + + client_max_body_size 512m; + + include vhosts/*.conf; +}