├── README.md ├── defaults └── main.yml ├── files └── epel.repo ├── handlers └── main.yml ├── meta └── main.yml ├── tasks └── main.yml ├── templates ├── default.conf.j2 ├── default.j2 ├── nginx.conf.j2 └── site.j2 └── vars └── main.yml /README.md: -------------------------------------------------------------------------------- 1 | nginx 2 | ===== 3 | 4 | This role installs and configures the nginx web server. The user can specify 5 | any http configuration parameters they wish to apply their site. Any number of 6 | sites can be added with configurations of your choice. 7 | 8 | Requirements 9 | ------------ 10 | 11 | This role requires Ansible 1.4 or higher and platform requirements are listed 12 | in the metadata file. 13 | 14 | Role Variables 15 | -------------- 16 | 17 | The variables that can be passed to this role and a brief description about 18 | them are as follows. 19 | 20 | # The max clients allowed 21 | nginx_max_clients: 512 22 | 23 | # A hash of the http paramters. Note that any 24 | # valid nginx http paramters can be added here. 25 | # (see the nginx documentation for details.) 26 | nginx_http_params: 27 | sendfile: "on" 28 | tcp_nopush: "on" 29 | tcp_nodelay: "on" 30 | keepalive_timeout: "65" 31 | access_log: "/var/log/nginx/access.log" 32 | error_log: "/var/log/nginx/error.log" 33 | 34 | # A list of hashs that define the servers for nginx, 35 | # as with http parameters. Any valid server parameters 36 | # can be defined here. 37 | nginx_sites: 38 | - server: 39 | file_name: foo 40 | listen: 8080 41 | server_name: localhost 42 | root: "/tmp/site1" 43 | location1: {name: /, try_files: "$uri $uri/ /index.html"} 44 | location2: {name: /images/, try_files: "$uri $uri/ /index.html"} 45 | - server: 46 | file_name: bar 47 | listen: 9090 48 | server_name: ansible 49 | root: "/tmp/site2" 50 | location1: {name: /, try_files: "$uri $uri/ /index.html"} 51 | location2: {name: /images/, try_files: "$uri $uri/ /index.html"} 52 | 53 | Examples 54 | ======== 55 | 56 | 1) Install nginx with HTTP directives of choices, but with no sites 57 | configured: 58 | 59 | - hosts: all 60 | roles: 61 | - {role: nginx, 62 | nginx_http_params: { sendfile: "on", 63 | access_log: "/var/log/nginx/access.log"}, 64 | nginx_sites: none } 65 | 66 | 67 | 2) Install nginx with different HTTP directives than previous example, but no 68 | sites configured. 69 | 70 | - hosts: all 71 | roles: 72 | - {role: nginx, 73 | nginx_http_params: { tcp_nodelay: "on", 74 | error_log: "/var/log/nginx/error.log"}, 75 | nginx_sites: none } 76 | 77 | Note: Please make sure the HTTP directives passed are valid, as this role 78 | won't check for the validity of the directives. See the nginx documentation 79 | for details. 80 | 81 | 3) Install nginx and add a site to the configuration. 82 | 83 | - hosts: all 84 | 85 | roles: 86 | - role: nginx, 87 | nginx_http_params: 88 | sendfile: "on" 89 | access_log: "/var/log/nginx/access.log" 90 | nginx_sites: 91 | - server: 92 | file_name: bar 93 | listen: 8080 94 | location1: {name: "/", try_files: "$uri $uri/ /index.html"} 95 | location2: {name: /images/, try_files: "$uri $uri/ /index.html"} 96 | 97 | Note: Each site added is represented by list of hashes, and the configurations 98 | generated are populated in `/etc/nginx/sites-available/` and have corresponding 99 | symlinks from `/etc/nginx/sites-enabled/` 100 | 101 | The file name for the specific site configurtaion is specified in the hash 102 | with the key "file_name", any valid server directives can be added to hash. 103 | For location directive add the key "location" suffixed by a unique number, the 104 | value for the location is hash, please make sure they are valid location 105 | directives. 106 | 107 | 4) Install Nginx and add 2 sites (different method) 108 | 109 | --- 110 | - hosts: all 111 | roles: 112 | - role: nginx 113 | nginx_http_params: 114 | sendfile: "on" 115 | access_log: "/var/log/nginx/access.log" 116 | nginx_sites: 117 | - server: 118 | file_name: foo 119 | listen: 8080 120 | server_name: localhost 121 | root: "/tmp/site1" 122 | location1: {name: /, try_files: "$uri $uri/ /index.html"} 123 | location2: {name: /images/, try_files: "$uri $uri/ /index.html"} 124 | - server: 125 | file_name: bar 126 | listen: 9090 127 | server_name: ansible 128 | root: "/tmp/site2" 129 | location1: {name: /, try_files: "$uri $uri/ /index.html"} 130 | location2: {name: /images/, try_files: "$uri $uri/ /index.html"} 131 | 132 | Dependencies 133 | ------------ 134 | 135 | None 136 | 137 | License 138 | ------- 139 | 140 | BSD 141 | 142 | Author Information 143 | ------------------ 144 | 145 | Benno Joy 146 | 147 | 148 | -------------------------------------------------------------------------------- /defaults/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | nginx_max_clients: 512 4 | 5 | nginx_http_params: 6 | sendfile: "on" 7 | tcp_nopush: "on" 8 | tcp_nodelay: "on" 9 | keepalive_timeout: "65" 10 | 11 | nginx_log_dir: "/var/log/nginx" 12 | nginx_access_log_name: "access.log" 13 | nginx_error_log_name: "error.log" 14 | nginx_separate_logs_per_site: False 15 | 16 | nginx_sites: 17 | - server: 18 | file_name: foo 19 | listen: 8080 20 | server_name: localhost 21 | root: "/tmp/site1" 22 | location1: {name: /, try_files: "$uri $uri/ /index.html"} 23 | location2: {name: /images/, try_files: "$uri $uri/ /index.html"} 24 | - server: 25 | file_name: bar 26 | listen: 9090 27 | server_name: ansible 28 | root: "/tmp/site2" 29 | location1: {name: /, try_files: "$uri $uri/ /index.html"} 30 | location2: {name: /images/, try_files: "$uri $uri/ /index.html"} 31 | -------------------------------------------------------------------------------- /files/epel.repo: -------------------------------------------------------------------------------- 1 | [epel] 2 | name=Extra Packages for Enterprise Linux 6 - $basearch 3 | baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch 4 | #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch 5 | failovermethod=priority 6 | enabled=1 7 | gpgcheck=0 8 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 9 | 10 | [epel-debuginfo] 11 | name=Extra Packages for Enterprise Linux 6 - $basearch - Debug 12 | #baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch/debug 13 | mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-6&arch=$basearch 14 | failovermethod=priority 15 | enabled=0 16 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 17 | gpgcheck=1 18 | 19 | [epel-source] 20 | name=Extra Packages for Enterprise Linux 6 - $basearch - Source 21 | #baseurl=http://download.fedoraproject.org/pub/epel/6/SRPMS 22 | mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-source-6&arch=$basearch 23 | failovermethod=priority 24 | enabled=0 25 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 26 | gpgcheck=1 27 | -------------------------------------------------------------------------------- /handlers/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | - name: restart nginx 3 | service: name=nginx state=restarted 4 | 5 | - name: reload nginx 6 | service: name=nginx state=reloaded 7 | -------------------------------------------------------------------------------- /meta/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | galaxy_info: 3 | author: "Benno Joy" 4 | company: AnsibleWorks 5 | license: BSD 6 | min_ansible_version: 1.4 7 | platforms: 8 | - name: EL 9 | versions: 10 | - 5 11 | - 6 12 | - name: Fedora 13 | versions: 14 | - 16 15 | - 17 16 | - 18 17 | - name: Ubuntu 18 | versions: 19 | - precise 20 | - quantal 21 | - raring 22 | - saucy 23 | categories: 24 | - web 25 | dependencies: [] 26 | 27 | -------------------------------------------------------------------------------- /tasks/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | - name: Install the selinux python module 4 | yum: name=libselinux-python state=present 5 | when: ansible_os_family == "RedHat" 6 | 7 | - name: Copy the epel packages 8 | copy: src=epel.repo dest=/etc/yum.repos.d/epel_ansible.repo 9 | when: ansible_os_family == "RedHat" 10 | 11 | - name: Install the nginx packages 12 | yum: name={{ item }} state=present 13 | with_items: redhat_pkg 14 | when: ansible_os_family == "RedHat" 15 | 16 | - name: Install the nginx packages 17 | apt: name={{ item }} state=present update_cache=yes 18 | with_items: ubuntu_pkg 19 | environment: env 20 | when: ansible_os_family == "Debian" 21 | 22 | - name: Create the directories for site specific configurations 23 | file: path=/etc/nginx/{{ item }} state=directory owner=root group=root mode=0755 24 | with_items: 25 | - "sites-available" 26 | - "sites-enabled" 27 | 28 | - name: Copy the nginx configuration file 29 | template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf 30 | notify: 31 | - restart nginx 32 | 33 | - name: Copy the nginx default configuration file 34 | template: src=default.conf.j2 dest=/etc/nginx/conf.d/default.conf 35 | 36 | - name: Copy the nginx default site configuration file 37 | template: src=default.j2 dest=/etc/nginx/sites-available/default 38 | 39 | - name: Create the link for site enabled specific configurations 40 | file: path=/etc/nginx/sites-enabled/default state=link src=/etc/nginx/sites-available/default 41 | 42 | - name: Create the configurations for sites 43 | template: src=site.j2 dest=/etc/nginx/sites-available/{{ item['server']['file_name'] }} 44 | with_items: nginx_sites 45 | when: nginx_sites|lower != 'none' 46 | 47 | - name: Create the links to enable site configurations 48 | file: path=/etc/nginx/sites-enabled/{{ item['server']['file_name'] }} state=link src=/etc/nginx/sites-available/{{ item['server']['file_name'] }} 49 | with_items: nginx_sites 50 | when: nginx_sites|lower != 'none' 51 | notify: 52 | - reload nginx 53 | 54 | - name: start the nginx service 55 | service: name=nginx state=started enabled=yes 56 | 57 | -------------------------------------------------------------------------------- /templates/default.conf.j2: -------------------------------------------------------------------------------- 1 | #{{ ansible_managed }} 2 | -------------------------------------------------------------------------------- /templates/default.j2: -------------------------------------------------------------------------------- 1 | #{{ ansible_managed }} 2 | -------------------------------------------------------------------------------- /templates/nginx.conf.j2: -------------------------------------------------------------------------------- 1 | #{{ ansible_managed }} 2 | {% if ansible_os_family == 'RedHat' %} 3 | user nginx; 4 | {% endif %} 5 | {% if ansible_os_family == 'Debian' %} 6 | user www-data; 7 | {% endif %} 8 | 9 | worker_processes {{ ansible_processor_count }}; 10 | pid /var/run/nginx.pid; 11 | 12 | 13 | events { 14 | worker_connections {{ nginx_max_clients }}; 15 | } 16 | 17 | 18 | http { 19 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 20 | include /etc/nginx/mime.types; 21 | default_type application/octet-stream; 22 | 23 | access_log {{ nginx_log_dir}}/{{ nginx_access_log_name}}; 24 | error_log {{ nginx_log_dir}}/{{ nginx_error_log_name}}; 25 | 26 | {% for k,v in nginx_http_params.iteritems() %} 27 | {{ k }} {{ v }}; 28 | {% endfor %} 29 | 30 | gzip on; 31 | gzip_disable "msie6"; 32 | 33 | include /etc/nginx/conf.d/*.conf; 34 | include /etc/nginx/sites-enabled/*; 35 | } 36 | -------------------------------------------------------------------------------- /templates/site.j2: -------------------------------------------------------------------------------- 1 | server { 2 | 3 | {% if nginx_separate_logs_per_site == True %} 4 | access_log {{ nginx_log_dir}}/{{ item.server.server_name}}-{{ nginx_access_log_name}}; 5 | error_log {{ nginx_log_dir}}/{{ item.server.server_name}}-{{ nginx_error_log_name}}; 6 | {% endif %} 7 | 8 | {% for k,v in item.server.iteritems() %} 9 | {% if k.find('location') == -1 and k != 'file_name' %} 10 | {{ k }} {{ v }}; 11 | {% endif %} 12 | {% endfor %} 13 | 14 | {% for k,v in item.server.iteritems() if k.find('location') != -1 %} 15 | location {{ v.name }} { 16 | {% for x,y in v.iteritems() if x != 'name' %} 17 | {{ x }} {{ y }}; 18 | {% endfor %} 19 | } 20 | {% endfor %} 21 | } 22 | 23 | -------------------------------------------------------------------------------- /vars/main.yml: -------------------------------------------------------------------------------- 1 | --- 2 | 3 | env: 4 | RUNLEVEL: 1 5 | 6 | redhat_pkg: 7 | - nginx 8 | 9 | ubuntu_pkg: 10 | - python-selinux 11 | - nginx 12 | 13 | 14 | --------------------------------------------------------------------------------