Ansible franklinkim.nginx role
franklinkim.nginx
is an Ansible role which:
- installs nginx
- configures nginx
- creates sites
- enables/disables sites
- optionally removes default host
- adds rules
- configures service
Installation
Using ansible-galaxy
:
$ ansible-galaxy install franklinkim.nginx
Using requirements.yml
:
- src: franklinkim.nginx
Using git
:
$ git clone https://github.com/weareinteractive/ansible-nginx.git franklinkim.nginx
Dependencies
- Ansible >= 2.0
Related (see example)
Variables
Here is a list of all the default variables for this role, which are also available in defaults/main.yml
.
---
# nginx_sites:
# - id: foo (required)
# name: foo.com (required)
# ip: '*'
# port: 80
# state: present
# add_webroot: no
# template: path/to/template.j2
# aliases: []
# redirects: []
# ssl:
# port: 443
# key_name: mykey
# cert_name: mycert
# rules: []
# auth:
# name: foo
# file: foo
# append: ''
#
# apt repository
nginx_repo: ppa:nginx/stable
# package name (version)
nginx_package: nginx
# run as a less privileged user for security reasons.
nginx_user: www-data
# number or auto
nginx_worker_processes: 1
nginx_worker_connections: 1024
# default settings
nginx_sendfile: 'on'
nginx_tcp_nopush: 'on'
nginx_tcp_nodelay: 'on'
nginx_keepalive_timeout: 15
nginx_types_hash_max_size: 2048
nginx_server_names_hash_bucket_size: 128
nginx_server_tokens: 'off'
# remove default site
nginx_remove_default: no
# start on boot
nginx_service_enabled: yes
# current state: started, stopped
nginx_service_state: started
# enabled/disabled sites
nginx_sites: []
# add rules
nginx_add_rules: yes
Handlers
These are the handlers that are defined in handlers/main.yml
.
---
- name: restart nginx
service: name=nginx state=restarted
when: nginx_service_state != 'stopped'
- name: reload nginx
service: name=nginx state=reloaded
when: nginx_service_state != 'stopped'
Rules
If nginx_add_rules
is yes
, it will copy some configuration rules to /etc/nginx/rules
:
- cache_busting.conf
- cors_web_fonts.conf
- gzip.conf
- no_transform.conf
- ssl.conf
- cors_ajax.con
- expires.conf
- gzip_static.conf
- security.conf
Usage
This is an example playbook:
---
- hosts: all
roles:
- weareinteractive.apt
- franklinkim.openssl
- franklinkim.htpasswd
- franklinkim.nginx
vars:
nginx_worker_processes: 1
nginx_remove_default: yes
htpasswd:
- name: foobar
users:
- { name: foobar, password: foobar }
openssl_self_signed:
- { name: 'foobar.local', country: 'DE', state: 'Bavaria', city: 'Munich', organization: 'Foo Bar', email: 'foo@bar.com' }
nginx_sites:
- id: foobar
add_webroot: yes
name: foobar.local
ssl:
key_name: foobar.local
cert_name: foobar.local
rules:
- gzip
- security
auth:
name: Foo Bar
file: foobar
Testing
$ git clone https://github.com/weareinteractive/ansible-nginx.git
$ cd ansible-nginx
$ make test
Contributing
In lieu of a formal style guide, take care to maintain the existing coding style. Add unit tests and examples for any new or changed functionality.
- Fork it
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create new Pull Request
Note: To update the README.md
file please install and run ansible-role
:
$ gem install ansible-role
$ ansible-role docgen
License
Copyright (c) We Are Interactive under the MIT license.