116 lines
3.6 KiB
YAML
116 lines
3.6 KiB
YAML
---
|
|
- block:
|
|
- name: Create the snippets directory
|
|
file: dest={{ nginx_snippets_dir }} state=directory
|
|
|
|
- name: Create the pki directory
|
|
file: dest={{ pki_dir }}/nginx state=directory
|
|
|
|
- name: Create the client body tmp directory, if needed
|
|
file: dest={{ nginx_client_body_temp_dir }}/nginx state=directory owner=www-data group=www-data mode=0700
|
|
when: nginx_client_body_temp_dir is defined
|
|
|
|
- name: Create a dhparams file 2048 bits long
|
|
shell: openssl dhparam -out {{ pki_dir }}/nginx/dhparams.pem 2048
|
|
args:
|
|
creates: '{{ pki_dir }}/nginx/dhparams.pem'
|
|
when: nginx_ssl_level == 'intermediate'
|
|
notify: Reload nginx
|
|
|
|
- name: Install the supported configuration snippets
|
|
template: src={{ item }}.j2 dest=/etc/nginx/snippets/{{ item }} owner=root group=root mode=0444
|
|
with_items: '{{ nginx_conf_snippets }}'
|
|
notify: Reload nginx
|
|
|
|
- name: Download any remote snippet templates
|
|
become: false
|
|
get_url:
|
|
url: '{{ item.url }}'
|
|
dest: '/var/tmp/{{ item.name }}'
|
|
loop: '{{ nginx_conf_remote_snippets }}'
|
|
delegate_to: 'localhost'
|
|
|
|
- name: Install any remote snippet configuration file
|
|
template:
|
|
src: '/var/tmp/{{ item.name }}'
|
|
dest: '/etc/nginx/snippets/{{ item.name }}'
|
|
owner: root
|
|
group: root
|
|
mode: 0444
|
|
loop: '{{ nginx_conf_remote_snippets }}'
|
|
notify: Reload nginx
|
|
|
|
- name: Download any remote global config templates
|
|
become: false
|
|
get_url:
|
|
url: '{{ item.url }}'
|
|
dest: '/var/tmp/{{ item.name }}'
|
|
loop: '{{ nginx_conf_remote_global_conf }}'
|
|
delegate_to: 'localhost'
|
|
|
|
- name: Install any remote global configuration file
|
|
template:
|
|
src: '/var/tmp/{{ item.name }}'
|
|
dest: '/etc/nginx/conf.d/{{ item.name }}.conf'
|
|
owner: root
|
|
group: root
|
|
mode: 0444
|
|
loop: '{{ nginx_conf_remote_global_conf }}'
|
|
notify: Reload nginx
|
|
|
|
|
|
- name: Create the modules- directories
|
|
file:
|
|
dest: '/etc/nginx/modules-{{ item }}'
|
|
state: directory
|
|
loop:
|
|
- available
|
|
- enabled
|
|
|
|
- name: Install the modules configurations
|
|
copy:
|
|
content: "load_module modules/{{ item.mod_name }};"
|
|
dest: /etc/nginx/modules-available/{{ item.pkg_name }}.conf
|
|
loop: '{{ nginx_org_modules }}'
|
|
when:
|
|
- item.enabled
|
|
- nginx_use_nginx_org_repo
|
|
|
|
- name: Enable the additional modules
|
|
file:
|
|
src: /etc/nginx/modules-available/{{ item.pkg_name }}.conf
|
|
dest: /etc/nginx/modules-enabled/{{ item.pkg_name }}.conf
|
|
state: link
|
|
when: item.enabled
|
|
loop: '{{ nginx_org_modules }}'
|
|
|
|
- name: Disable the additional modules that we do not want installed
|
|
file:
|
|
dest: /etc/nginx/modules-enabled/{{ item.pkg_name }}.conf
|
|
state: absent
|
|
when: not item.enabled
|
|
loop: '{{ nginx_org_modules }}'
|
|
|
|
- name: Remove the default configuration when using the nginx.com repository
|
|
file:
|
|
dest: /etc/nginx/conf.d/default.conf
|
|
state: absent
|
|
when: nginx_use_nginx_org_repo
|
|
|
|
- name: Install the main nginx.conf
|
|
template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf mode=444
|
|
notify: Reload nginx
|
|
|
|
when: nginx_enabled
|
|
tags: ['nginx', 'nginx_conf', 'nginx_virtualhost']
|
|
|
|
- block:
|
|
- name: remove nginx default virtualhost
|
|
file: dest=/etc/nginx/sites-enabled/default state=absent
|
|
notify: Reload nginx
|
|
|
|
when:
|
|
- nginx_enabled
|
|
- ansible_distribution_file_variety == "Debian"
|
|
tags: ['nginx', 'nginx_conf', 'nginx_virtualhost']
|