From 235a0053a759ca9f0d7d35a0775cb60f4d7e5a49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oskar=20Sch=C3=B6ldstr=C3=B6m?= Date: Sat, 3 Jun 2017 08:46:33 -0500 Subject: [PATCH 1/6] Document missing nginx_vhost parameters --- README.md | 1 + defaults/main.yml | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 2e4a2d6..7c18ed7 100644 --- a/README.md +++ b/README.md @@ -21,6 +21,7 @@ A list of vhost definitions (server blocks) for Nginx virtual hosts. Each entry nginx_vhosts: - listen: "80 default_server" server_name: "example.com" + server_name_redirect: "www.example.com" root: "/var/www/example.com" index: "index.php index.html index.htm" error_page: "" diff --git a/defaults/main.yml b/defaults/main.yml index 5161e82..9851f06 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -55,8 +55,9 @@ nginx_extra_http_options: "" nginx_remove_default_vhost: false nginx_vhosts: [] # Example vhost below, showing all available options: -# - listen: "80 default_server" # default: "80 default_server" +# - listen: "80" # default: "80" # server_name: "example.com" # default: N/A +# server_name_redirect: "www.example.com" # default: N/A # root: "/var/www/example.com" # default: N/A # index: "index.html index.htm" # default: "index.html index.htm" # From 98b736f4792a35d1b50a7c3111a48d29088c52cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oskar=20Sch=C3=B6ldstr=C3=B6m?= Date: Sat, 3 Jun 2017 08:48:00 -0500 Subject: [PATCH 2/6] Add optional vhost_filename option to nginx_vhosts --- README.md | 1 + defaults/main.yml | 1 + tasks/vhosts.yml | 4 ++-- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7c18ed7..fd29db5 100644 --- a/README.md +++ b/README.md @@ -29,6 +29,7 @@ A list of vhost definitions (server blocks) for Nginx virtual hosts. Each entry error_log: "" state: "present" template: "{{ nginx_vhost_template }}" + vhost_filename: "example.com.conf" extra_parameters: | location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; diff --git a/defaults/main.yml b/defaults/main.yml index 9851f06..a7a4db4 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -60,6 +60,7 @@ nginx_vhosts: [] # server_name_redirect: "www.example.com" # default: N/A # root: "/var/www/example.com" # default: N/A # index: "index.html index.htm" # default: "index.html index.htm" +# vhost_filename: "example.com.conf" # Can be used to set the filename of the vhost file. # # # Properties that are only added if defined: # error_page: "" diff --git a/tasks/vhosts.yml b/tasks/vhosts.yml index 03c32d9..e7bd642 100644 --- a/tasks/vhosts.yml +++ b/tasks/vhosts.yml @@ -15,7 +15,7 @@ - name: Add managed vhost config files. template: src: "{{ item.template|default(nginx_vhost_template) }}" - dest: "{{ nginx_vhost_path }}/{{ item.server_name.split(' ')[0] }}.conf" + dest: "{{ nginx_vhost_path }}/{{ item.vhost_filename|default(item.server_name.split(' ')[0] ~ '.conf') }}" force: yes owner: root group: root @@ -26,7 +26,7 @@ - name: Remove managed vhost config files. file: - path: "{{ nginx_vhost_path }}/{{ item.server_name.split(' ')[0] }}.conf" + path: "{{ nginx_vhost_path }}/{{ item.vhost_filename|default(item.server_name.split(' ')[0] ~ '.conf') }}" state: absent when: item.state|default('present') == 'absent' with_items: "{{ nginx_vhosts }}" From 4c5df1faea645551c0655c96209b683ee44ff20b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oskar=20Sch=C3=B6ldstr=C3=B6m?= Date: Sat, 3 Jun 2017 08:49:55 -0500 Subject: [PATCH 3/6] Change README vhost example for the common SSL option with a http redirect --- README.md | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index fd29db5..1103c8c 100644 --- a/README.md +++ b/README.md @@ -19,7 +19,7 @@ Available variables are listed below, along with default values (see `defaults/m A list of vhost definitions (server blocks) for Nginx virtual hosts. Each entry will create a separate config file named by `server_name`. If left empty, you will need to supply your own virtual host configuration. See the commented example in `defaults/main.yml` for available server options. If you have a large number of customizations required for your server definition(s), you're likely better off managing the vhost configuration file yourself, leaving this variable set to `[]`. nginx_vhosts: - - listen: "80 default_server" + - listen: "443 ssl http2" server_name: "example.com" server_name_redirect: "www.example.com" root: "/var/www/example.com" @@ -38,11 +38,24 @@ A list of vhost definitions (server blocks) for Nginx virtual hosts. Each entry fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } + ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; + ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; + ssl_protocols TLSv1.1 TLSv1.2; + ssl_ciphers HIGH:!aNULL:!MD5; An example of a fully-populated nginx_vhosts entry, using a `|` to declare a block of syntax for the `extra_parameters`. Please take note of the indentation in the above block. The first line should be a normal 2-space indent. All other lines should be indented normally relative to that line. In the generated file, the entire block will be 4-space indented. This style will ensure the config file is indented correctly. + - listen: "80" + server_name: "example.com www.example.com" + return "301 https://example.com$request_uri;" + vhost_filename: "example.com.80.conf" + +An example of a secondary vhost which will redirect to the one shown above. + +*Note: The `vhost_filename` defaults to the first domain in `server_name`, if you have two vhosts with the same domain, eg. a redirect, you need to manually set the `vhost_filename` so the second one doesn't override the first one* + nginx_remove_default_vhost: false Whether to remove the 'default' virtualhost configuration supplied by Nginx. Useful if you want the base `/` URL to be directed at one of your own virtual hosts configured in a separate .conf file. From d227a1803c5b69059a3dc9974cb4569011802a20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oskar=20Sch=C3=B6ldstr=C3=B6m?= Date: Sat, 3 Jun 2017 08:56:03 -0500 Subject: [PATCH 4/6] server_name_redirect is only added if defined --- defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/defaults/main.yml b/defaults/main.yml index a7a4db4..fff97c9 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -57,12 +57,12 @@ nginx_vhosts: [] # Example vhost below, showing all available options: # - listen: "80" # default: "80" # server_name: "example.com" # default: N/A -# server_name_redirect: "www.example.com" # default: N/A # root: "/var/www/example.com" # default: N/A # index: "index.html index.htm" # default: "index.html index.htm" # vhost_filename: "example.com.conf" # Can be used to set the filename of the vhost file. # # # Properties that are only added if defined: +# server_name_redirect: "www.example.com" # default: N/A # error_page: "" # access_log: "" # error_log: "" From 7b47c3de1243d3868b9eea780d6ae4687753f56f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oskar=20Sch=C3=B6ldstr=C3=B6m?= Date: Sat, 3 Jun 2017 09:01:09 -0500 Subject: [PATCH 5/6] vhost_filename -> filename --- README.md | 6 +++--- defaults/main.yml | 2 +- tasks/vhosts.yml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 1103c8c..5a5f668 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ A list of vhost definitions (server blocks) for Nginx virtual hosts. Each entry error_log: "" state: "present" template: "{{ nginx_vhost_template }}" - vhost_filename: "example.com.conf" + filename: "example.com.conf" extra_parameters: | location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; @@ -50,11 +50,11 @@ Please take note of the indentation in the above block. The first line should be - listen: "80" server_name: "example.com www.example.com" return "301 https://example.com$request_uri;" - vhost_filename: "example.com.80.conf" + filename: "example.com.80.conf" An example of a secondary vhost which will redirect to the one shown above. -*Note: The `vhost_filename` defaults to the first domain in `server_name`, if you have two vhosts with the same domain, eg. a redirect, you need to manually set the `vhost_filename` so the second one doesn't override the first one* +*Note: The `filename` defaults to the first domain in `server_name`, if you have two vhosts with the same domain, eg. a redirect, you need to manually set the `filename` so the second one doesn't override the first one* nginx_remove_default_vhost: false diff --git a/defaults/main.yml b/defaults/main.yml index fff97c9..b21140b 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -59,7 +59,7 @@ nginx_vhosts: [] # server_name: "example.com" # default: N/A # root: "/var/www/example.com" # default: N/A # index: "index.html index.htm" # default: "index.html index.htm" -# vhost_filename: "example.com.conf" # Can be used to set the filename of the vhost file. +# filename: "example.com.conf" # Can be used to set the filename of the vhost file. # # # Properties that are only added if defined: # server_name_redirect: "www.example.com" # default: N/A diff --git a/tasks/vhosts.yml b/tasks/vhosts.yml index e7bd642..05af037 100644 --- a/tasks/vhosts.yml +++ b/tasks/vhosts.yml @@ -15,7 +15,7 @@ - name: Add managed vhost config files. template: src: "{{ item.template|default(nginx_vhost_template) }}" - dest: "{{ nginx_vhost_path }}/{{ item.vhost_filename|default(item.server_name.split(' ')[0] ~ '.conf') }}" + dest: "{{ nginx_vhost_path }}/{{ item.filename|default(item.server_name.split(' ')[0] ~ '.conf') }}" force: yes owner: root group: root @@ -26,7 +26,7 @@ - name: Remove managed vhost config files. file: - path: "{{ nginx_vhost_path }}/{{ item.vhost_filename|default(item.server_name.split(' ')[0] ~ '.conf') }}" + path: "{{ nginx_vhost_path }}/{{ item.filename|default(item.server_name.split(' ')[0] ~ '.conf') }}" state: absent when: item.state|default('present') == 'absent' with_items: "{{ nginx_vhosts }}" From 3a06154e76c720f2971665a844e0eacddc7a9022 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oskar=20Sch=C3=B6ldstr=C3=B6m?= Date: Sat, 3 Jun 2017 09:06:23 -0500 Subject: [PATCH 6/6] fix ubuntu tests using ansible-role-elasticsearch as example --- tests/test.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tests/test.yml b/tests/test.yml index 32b4e09..9ae8960 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -10,11 +10,12 @@ pre_tasks: - name: Update apt cache. - apt: update_cache=yes cache_valid_time=86400 + apt: update_cache=yes cache_valid_time=600 when: ansible_os_family == 'Debian' + changed_when: false - name: Install dependencies. - package: name=curl + package: name=curl state=present roles: - role_under_test