forked from bitlair/ansible
80 lines
2.6 KiB
YAML
80 lines
2.6 KiB
YAML
---
|
|
|
|
- name: Install nginx base package
|
|
ansible.builtin.apt:
|
|
name: "{{ nginx_package }}"
|
|
state: present
|
|
when:
|
|
- nginx_sites is defined
|
|
|
|
- name: Create sites-available / sites-enabled directories
|
|
ansible.builtin.file:
|
|
state: directory
|
|
path: "{{ item.path }}"
|
|
owner: "{{ item.owner | default('root') }}"
|
|
group: "{{ item.group | default('root') }}"
|
|
mode: "{{ item.mode | default('0755') }}"
|
|
with_items:
|
|
- { path: "/etc/nginx/sites-available" }
|
|
- { path: "/etc/nginx/sites-enabled" }
|
|
notify: Reload nginx
|
|
when:
|
|
- nginx_sites is defined
|
|
|
|
- name: Template default nginx config files
|
|
ansible.builtin.template:
|
|
src: "{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
owner: "{{ item.owner | default('root') }}"
|
|
group: "{{ item.group | default('root') }}"
|
|
mode: "{{ item.mode | default('0644') }}"
|
|
force: "{{ item.force | default('yes') }}"
|
|
backup: true
|
|
loop_control:
|
|
label: "{{ item.dest }}"
|
|
with_items:
|
|
- { src: "etc-nginx.conf.j2", dest: "/etc/nginx/nginx.conf", notify: "Reload nginx" }
|
|
- { src: "tls_params.j2", dest: "/etc/nginx/tls_params", notify: "Reload nginx" }
|
|
- { src: "default.j2", dest: "/etc/nginx/sites-available/default", notify: "Reload nginx" }
|
|
# - { src: "dhparam.pem.j2", dest: "{{ nginx_dhparams_file }}", notify: "Reload nginx" }
|
|
# - { src: "check_nginx.j2", dest: "{{ nagios_plugin_location }}/check_nginx", mode: '755' }
|
|
# - { src: "nrpe-check_nginx.j2", dest: "/etc/nagios/nrpe.d/10-nginx.cfg", notify: "Restart nrpe" }
|
|
notify: "{{ item.notify | default(omit) }}"
|
|
when:
|
|
- nginx_sites is defined
|
|
|
|
- name: Template site-specific configs
|
|
ansible.builtin.template:
|
|
src: "site.conf.j2"
|
|
dest: "/etc/nginx/sites-available/{{ site.server_name }}.conf"
|
|
owner: "{{ site.owner | default('root') }}"
|
|
group: "{{ site.group | default('root') }}"
|
|
mode: "{{ site.mode | default('0644') }}"
|
|
force: "{{ site.force | default('yes') }}"
|
|
backup: true
|
|
loop: "{{ nginx_sites }}"
|
|
loop_control:
|
|
loop_var: site
|
|
label: "{{ site.server_name }}"
|
|
notify: Reload nginx
|
|
when:
|
|
- nginx_sites is defined
|
|
tags:
|
|
- nginxextra
|
|
- nginx_site
|
|
|
|
- name: Enable nginx sites
|
|
ansible.builtin.file:
|
|
src: "/etc/nginx/sites-available/{{ site.server_name }}.conf"
|
|
path: "/etc/nginx/sites-enabled/{{ site.server_name }}.conf"
|
|
state: "{% if site.disabled | default(false) %}absent{% else %}link{% endif %}"
|
|
mode: "0644"
|
|
loop: "{{ nginx_sites }}"
|
|
loop_control:
|
|
loop_var: site
|
|
label: "{{ site.server_name }}"
|
|
notify: Reload nginx
|
|
when:
|
|
- nginx_sites is defined
|
|
ignore_errors: "{{ ansible_check_mode }}"
|
|
|