aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbnewbold <bnewbold@robocracy.org>2016-04-09 23:16:19 -0400
committerbnewbold <bnewbold@robocracy.org>2016-04-09 23:16:19 -0400
commita2463bf3e8feb50a8b4d9450ec0745fa9d6b4e5e (patch)
treee057e3b252d78fa0af35eaf63a6f0875bf88bd0b
parent68f2a39b1494c4959d37d54f1733d169183bab38 (diff)
downloadinfra-a2463bf3e8feb50a8b4d9450ec0745fa9d6b4e5e.tar.gz
infra-a2463bf3e8feb50a8b4d9450ec0745fa9d6b4e5e.zip
nginx: first pass of live, workable nginx role
-rw-r--r--roles/nginx/HOWTO_new_site.txt19
-rw-r--r--roles/nginx/defaults/main.yml6
-rw-r--r--roles/nginx/handlers/main.yml8
-rw-r--r--roles/nginx/tasks/main.yml25
-rw-r--r--roles/nginx/tasks/nginx.yml39
-rw-r--r--roles/nginx/templates/etc_nginx_sites-available_default.j228
6 files changed, 98 insertions, 27 deletions
diff --git a/roles/nginx/HOWTO_new_site.txt b/roles/nginx/HOWTO_new_site.txt
new file mode 100644
index 0000000..ef9ee37
--- /dev/null
+++ b/roles/nginx/HOWTO_new_site.txt
@@ -0,0 +1,19 @@
+
+For a static website:
+
+ server {
+ listen 80;
+ listen [::]:80;
+ server_name <example.com>;
+
+ root /srv/http/<example.com>/www;
+ index index.html;
+
+ location / {
+ try_files $uri $uri/ =404;
+ }
+ }
+
+For a reverse proxied website:
+
+ XXX: TODO
diff --git a/roles/nginx/defaults/main.yml b/roles/nginx/defaults/main.yml
new file mode 100644
index 0000000..728f381
--- /dev/null
+++ b/roles/nginx/defaults/main.yml
@@ -0,0 +1,6 @@
+
+ninx_default_404: nginx_default_404.html
+nginx_default_50x: nginx_default_50x.html
+nginx_default_favicon: nginx_default_favicon.png
+nginx_default_index: nginx_default_index.html
+nginx_default_robots: nginx_default_robots.txt
diff --git a/roles/nginx/handlers/main.yml b/roles/nginx/handlers/main.yml
index c63e4a3..7732673 100644
--- a/roles/nginx/handlers/main.yml
+++ b/roles/nginx/handlers/main.yml
@@ -1,7 +1,9 @@
---
-- name: test nginx
+- name: nginx test
command: nginx -t
- notify: reload nginx
-- name: restart nginx
+- name: nginx reload
+ command: nginx -s reload
+
+- name: nginx restart
service: name=nginx state=restarted enabled=yes
diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
index 8b32f07..042b317 100644
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -1,24 +1 @@
----
-- name: Install nginx
- apt: name=nginx state=present
-
-- name: Copy nginx configuration for wordpress
- template: src=default.conf dest=/etc/nginx/conf.d/default.conf
- notify: restart nginx
-
-mkdir -p /srv/http/default
-
-- name: Setup default nginx pages
- copy:
- src: "{{item.src}}"
- dest: "/srv/http/default/www/{{item.dest}}"
- owner: www-data
- group: www-data
- force: no
- tags:
- - nginx
- with_items:
- - {src: "static_files/nginx_default_404.html", dest: "404.html"}
- - {src: "static_files/nginx_default_50x.html", dest: "50x.html"}
- - {src: "static_files/nginx_default_favicon.png", dest: "favicon.png"}
- - {src: "static_files/nginx_default_index.html", dest: "index.html"}
+- include: nginx.yml tags=nginx
diff --git a/roles/nginx/tasks/nginx.yml b/roles/nginx/tasks/nginx.yml
new file mode 100644
index 0000000..fdc91c8
--- /dev/null
+++ b/roles/nginx/tasks/nginx.yml
@@ -0,0 +1,39 @@
+---
+
+- name: Ensure Apache HTTP is Not Installed
+ apt: name=apache2 state=absent
+
+- name: Install nginx
+ apt: name=nginx state=present
+
+- name: Create default nginx content directory
+ file: path=/srv/http/default/www
+ state=directory
+ owner=www-data
+ group=www-data
+ mode=0775
+ recurse=yes
+
+- name: Setup default nginx pages
+ copy:
+ src: "{{item.src}}"
+ dest: "/srv/http/default/www/{{item.dest}}"
+ owner: www-data
+ group: www-data
+ force: no
+ with_items:
+ - {src: "{{ nginx_default_404 }}", dest: "404.html"}
+ - {src: "{{ nginx_default_50x }}", dest: "50x.html"}
+ - {src: "{{ nginx_default_favicon }}", dest: "favicon.png"}
+ - {src: "{{ nginx_default_index }}", dest: "index.html"}
+
+- name: Copy generic (default) nginx site configuration
+ template: src=etc_nginx_sites-available_default.j2
+ dest=/etc/nginx/sites-available/default
+
+- name: Create nginx symlink for default
+ file: state=link
+ src=/etc/nginx/sites-available/default
+ dest=/etc/nginx/sites-enabled/default
+ notify: nginx restart # reload not sufficient?
+
diff --git a/roles/nginx/templates/etc_nginx_sites-available_default.j2 b/roles/nginx/templates/etc_nginx_sites-available_default.j2
new file mode 100644
index 0000000..1b0ec79
--- /dev/null
+++ b/roles/nginx/templates/etc_nginx_sites-available_default.j2
@@ -0,0 +1,28 @@
+# Default server configuration
+server {
+ listen 80 default_server;
+ listen [::]:80 default_server;
+ server_name _;
+
+ # SSL configuration
+ #
+ # listen 443 ssl default_server;
+ # listen [::]:443 ssl default_server;
+ #
+ # Self signed certs generated by the ssl-cert package
+ # Don't use them in a production server!
+ #
+ # include snippets/snakeoil.conf;
+
+ root /srv/http/default/www;
+
+ # Add index.php to the list if you are using PHP
+ index index.html index.htm index.nginx-debian.html;
+
+ location / {
+ # First attempt to serve request as file, then
+ # as directory, then fall back to displaying a 404.
+ try_files $uri $uri/ =404;
+ }
+
+}