diff --git a/.gitignore b/.gitignore
deleted file mode 100644
index 0dc78ba..0000000
--- a/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-wordpress-nginx/hosts
-.DS_Store
\ No newline at end of file
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..13d7de0
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,39 @@
+---
+sudo: required
+language: python
+python: "2.7"
+
+env:
+ - SITE=test.yml
+
+before_install:
+ - sudo apt-get update -qq
+ - sudo apt-get install -y curl
+
+install:
+ # Install Ansible.
+ - pip install ansible
+
+ # Add ansible.cfg to pick up roles path.
+ - "{ echo '[defaults]'; echo 'roles_path = ../'; } >> ansible.cfg"
+
+script:
+ # Check the role/playbook's syntax.
+ - "ansible-playbook -i tests/inventory tests/$SITE --syntax-check"
+
+ # Run the role/playbook with ansible-playbook.
+ - "ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo"
+
+ # Run the role/playbook again, checking to make sure it's idempotent.
+ - >
+ ansible-playbook -i tests/inventory tests/$SITE --connection=local --sudo
+ | grep -q 'changed=0.*failed=0'
+ && (echo 'Idempotence test: pass' && exit 0)
+ || (echo 'Idempotence test: fail' && exit 1)
+
+ # TODO - get the test working. Probably need to add a virtual host.
+ # Request a page via Nginx, to make sure Nginx is running and responds.
+ # - "curl http://localhost/"
+
+notifications:
+ webhooks: https://galaxy.ansible.com/api/v1/notifications/
diff --git a/LICENSE.md b/LICENSE.md
deleted file mode 100644
index 1b1fe9d..0000000
--- a/LICENSE.md
+++ /dev/null
@@ -1,5 +0,0 @@
-Modified by David Beck (techiscool@gmail.com) 2015
-Copyright (C) 2015 Eugene Varnavsky (varnavruz@gmail.com)
-
-This work is licensed under the Creative Commons Attribution 3.0 Unported License.
-To view a copy of this license, visit http://creativecommons.org/licenses/by/3.0/deed.en_US.
diff --git a/README.md b/README.md
old mode 100644
new mode 100755
index f4b8ae7..854fa32
--- a/README.md
+++ b/README.md
@@ -1,34 +1,122 @@
-## WordPress+Nginx+PHP-FPM+MariaDB Deployment
+# Ansible Role: Nginx
-- Requires Ansible 1.2 or newer
-- Expects CentOS/RHEL 7.x host/s
+[](https://travis-ci.org/geerlingguy/ansible-role-nginx)
-RHEL7 version reflects changes in Red Hat Enterprise Linux and CentOS 7:
-1. Network device naming scheme has changed
-2. iptables is replaced with firewalld
-3. MySQL is replaced with MariaDB
+Installs Nginx on RedHat/CentOS or Debian/Ubuntu Linux, or FreeBSD servers.
-These playbooks deploy a simple all-in-one configuration of the popular
-WordPress blogging platform and CMS, frontend by the Nginx web server and the
-PHP-FPM process manager. To use, copy the `hosts.example` file to `hosts` and
-edit the `hosts` inventory file to include the names or URLs of the servers
-you want to deploy.
+This role installs and configures the latest version of Nginx from the Nginx yum repository (on RedHat-based systems) or via apt (on Debian-based systems) or pkgng (on FreeBSD systems). You will likely need to do extra setup work after this role has installed Nginx, like adding your own [virtualhost].conf file inside `/etc/nginx/conf.d/`, describing the location and options to use for your particular website.
-Then run the playbook, like this:
+## Requirements
- ansible-playbook -i hosts site.yml
+None.
-The playbooks will configure MariaDB, WordPress, Nginx, and PHP-FPM. When the run
-is complete, you can hit access server to begin the WordPress configuration.
+## Role Variables
-### Ideas for Improvement
+Available variables are listed below, along with default values (see `defaults/main.yml`):
-Here are some ideas for ways that these playbooks could be extended:
+ nginx_vhosts: []
-- Parameterize the WordPress deployment to handle multi-site configurations.
-- Separate the components (PHP-FPM, MySQL, Nginx) onto separate hosts and
-handle the configuration appropriately.
-- Handle WordPress upgrades automatically.
+A list of vhost definitions (server blocks) for Nginx virtual hosts. If left empty, you will need to supply your own virtual host configuration. See the commented example in `defaults/main.yml` for available server options. If you have a large number of customizations required for your server definition(s), you're likely better off managing the vhost configuration file yourself, leaving this variable set to `[]`.
-We would love to see contributions and improvements, so please fork this
-repository on GitHub and send us your changes via pull requests.
\ No newline at end of file
+ nginx_vhosts:
+ - listen: "80 default_server"
+ server_name: "example.com"
+ root: "/var/www/example.com"
+ index: "index.php index.html index.htm"
+ error_page: ""
+ access_log: ""
+ error_log: ""
+ extra_parameters: |
+ location ~ \.php$ {
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+ fastcgi_pass unix:/var/run/php5-fpm.sock;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ include fastcgi_params;
+ }
+
+An example of a fully-populated nginx_vhosts entry, using a `|` to declare a block of syntax for the `extra_parameters`.
+
+ nginx_remove_default_vhost: false
+
+Whether to remove the 'default' virtualhost configuration supplied by Nginx. Useful if you want the base `/` URL to be directed at one of your own virtual hosts configured in a separate .conf file.
+
+ nginx_upstreams: []
+
+If you are configuring Nginx as a load balancer, you can define one or more upstream sets using this variable. In addition to defining at least one upstream, you would need to configure one of your server blocks to proxy requests through the defined upstream (e.g. `proxy_pass http://myapp1;`). See the commented example in `defaults/main.yml` for more information.
+
+ nginx_user: "nginx"
+
+The user under which Nginx will run. Defaults to `nginx` for RedHat, and `www-data` for Debian.
+
+ nginx_worker_processes: "1"
+ nginx_worker_connections: "1024"
+ nginx_multi_accept: "off"
+
+`nginx_worker_processes` should be set to the number of cores present on your machine. Connections (find this number with `grep processor /proc/cpuinfo | wc -l`). `nginx_worker_connections` is the number of connections per process. Set this higher to handle more simultaneous connections (and remember that a connection will be used for as long as the keepalive timeout duration for every client!). You can set `nginx_multi_accept` to `on` if you want Nginx to accept all connections immediately.
+
+ nginx_error_log: "/var/log/nginx/error.log warn"
+ nginx_access_log: "/var/log/nginx/access.log main buffer=16k"
+
+Configuration of the default error and access logs. Set to `off` to disable a log entirely.
+
+ nginx_sendfile: "on"
+ nginx_tcp_nopush: "on"
+ nginx_tcp_nodelay: "on"
+
+TCP connection options. See [this blog post](https://t37.net/nginx-optimization-understanding-sendfile-tcp_nodelay-and-tcp_nopush.html) for more information on these directives.
+
+ nginx_keepalive_timeout: "65"
+ nginx_keepalive_requests: "100"
+
+Nginx keepalive settings. Timeout should be set higher (10s+) if you have more polling-style traffic (AJAX-powered sites especially), or lower (<10s) if you have a site where most users visit a few pages and don't send any further requests.
+
+ nginx_client_max_body_size: "64m"
+
+This value determines the largest file upload possible, as uploads are passed through Nginx before hitting a backend like `php-fpm`. If you get an error like `client intended to send too large body`, it means this value is set too low.
+
+ nginx_server_names_hash_bucket_size: "64"
+
+If you have many server names, or have very long server names, you might get an Nginx error on startup requiring this value to be increased.
+
+ nginx_proxy_cache_path: ""
+
+Set as the `proxy_cache_path` directive in the `nginx.conf` file. By default, this will not be configured (if left as an empty string), but if you wish to use Nginx as a reverse proxy, you can set this to a valid value (e.g. `"/var/cache/nginx keys_zone=cache:32m"`) to use Nginx's cache (further proxy configuration can be done in individual server configurations).
+
+ nginx_extra_http_options: ""
+
+Extra lines to be inserted in the top-level `http` block in `nginx.conf`. The value should be defined literally (as you would insert it directly in the `nginx.conf`, adhering to the Nginx configuration syntax - such as `;` for line termination, etc.), for example:
+
+ nginx_extra_http_options: |
+ proxy_buffering off;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Scheme $scheme;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header Host $http_host;
+
+ nginx_default_release: ""
+
+(For Debian/Ubuntu only) Allows you to set a different repository for the installation of Nginx. As an example, if you are running Debian's wheezy release, and want to get a newer version of Nginx, you can install the `wheezy-backports` repository and set that value here, and Ansible will use that as the `-t` option while installing Nginx.
+
+ nginx_ppa_use: false
+ nginx_ppa_version: stable
+
+(For Ubuntu only) Allows you to use the official Nginx PPA instead of the system's package. You can set the version to `stable` or `development`.
+
+## Dependencies
+
+None.
+
+## Example Playbook
+
+ - hosts: server
+ roles:
+ - { role: geerlingguy.nginx }
+
+## License
+
+MIT / BSD
+
+## Author Information
+
+This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/).
diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100755
index 0000000..8c9f67e
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,68 @@
+---
+# Used only for Debian/Ubuntu installation, as the -t option for apt.
+nginx_default_release: ""
+
+# Use the official Nginx PPA for Ubuntu, and the version to use if so.
+nginx_ppa_use: false
+nginx_ppa_version: stable
+
+# The name of the nginx apt/yum package to install.
+nginx_package_name: "nginx"
+
+nginx_worker_processes: "auto"
+nginx_worker_connections: "1024"
+nginx_multi_accept: "off"
+
+nginx_error_log: "/var/log/nginx/error.log warn"
+nginx_access_log: "/var/log/nginx/access.log main buffer=16k"
+
+nginx_sendfile: "on"
+nginx_tcp_nopush: "on"
+nginx_tcp_nodelay: "on"
+
+nginx_keepalive_timeout: "65"
+nginx_keepalive_requests: "100"
+
+nginx_client_max_body_size: "64m"
+
+nginx_server_names_hash_bucket_size: "64"
+
+nginx_proxy_cache_path: ""
+
+nginx_extra_conf_options: ""
+# Example extra main options, used within the main nginx's context:
+# nginx_extra_conf_options: |
+# env VARIABLE;
+# include /etc/nginx/main.d/*.conf;
+
+nginx_extra_http_options: ""
+# Example extra http options, printed inside the main server http config:
+# nginx_extra_http_options: |
+# proxy_buffering off;
+# proxy_set_header X-Real-IP $remote_addr;
+# proxy_set_header X-Scheme $scheme;
+# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+# proxy_set_header Host $http_host;
+
+nginx_remove_default_vhost: false
+nginx_vhosts: []
+# Example vhost below, showing all available options:
+# - listen: "80 default_server" # default: "80 default_server"
+# server_name: "example.com" # default: N/A
+# root: "/var/www/example.com" # default: N/A
+# index: "index.html index.htm" # default: "index.html index.htm"
+#
+# # Properties that are only added if defined:
+# error_page: ""
+# access_log: ""
+# error_log: ""
+# extra_parameters: "" # Can be used to add extra config blocks (multiline).
+
+nginx_upstreams: []
+# - name: myapp1
+# strategy: "ip_hash" # "least_conn", etc.
+# servers: {
+# "srv1.example.com",
+# "srv2.example.com weight=3",
+# "srv3.example.com"
+# }
diff --git a/group_vars/all.yml b/group_vars/all.yml
deleted file mode 100644
index ca92fc0..0000000
--- a/group_vars/all.yml
+++ /dev/null
@@ -1,335 +0,0 @@
----
-# Variables listed here are applicable to all host groups
-server_hostname: web01.redyhost.com
-mysql_root_password: Ff!2KDSUOs10[tXR*Ms %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedlog
- CustomLog "/var/log/httpd/{{ server_hostname }}_access.log" combinedlog
-
- ProxySet timeout=600
-
- - servername: "www.2{{ server_hostname }}"
- serveralias: "2{{ server_hostname }}"
- documentroot: "/var/www/html/2{{ server_hostname }}"
- extra_parameters: |
- RewriteCond %{HTTP_HOST} !^www\. [NC]
- RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
- ErrorLog "/var/log/httpd/2{{ server_hostname }}_error.log"
- ServerSignature Off
- ProxyTimeout 600
- ProxyPassMatch ^/(.*\.php(/.*)?)$ "fcgi://127.0.0.1:9000/var/www/html/2{{ server_hostname }}/$1"
- LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedlog
- CustomLog "/var/log/httpd/2{{ server_hostname }}_access.log" combinedlog
-
- ProxySet timeout=600
-
-
-# Disable All Updates
-# By default automatic updates are enabled, set this value to true to disable all automatic updates
-auto_up_disable: false
-
-#Define Core Update Level
-# true = Development, minor, and major updates are all enabled
-# false = Development, minor, and major updates are all disabled
-# minor = Minor updates are enabled, development, and major updates are disabled
-core_update_level: true
-
-# Defines PHP values
-php_enablerepo: "remi-php70"
-
-# PHP-FPM configuration.
-php_enable_php_fpm: true
-php_fpm_pool_user: vmuser
-php_fpm_pool_group: www-php
-
-php_apc_shm_size: "128M"
-php_post_max_size: "256M"
-php_upload_max_filesize: "1024M"
-php_max_input_vars: "4000"
-
-# Interaction with which web server
-php_webserver_daemon: "httpd"
-
-php_error_reporting: "E_ALL & ~E_DEPRECATED & ~E_STRICT & ~E_NOTICE & ~E_WARNING"
-
-php_packages:
- - php
- - php-cli
- - php-common
- - php-devel
- - php-fpm
- - php-gd
- - php-imap
- - php-ldap
- - php-mbstring
- - php-mcrypt
- - php-memcached
- - php-mysql
- - php-opcache
- - php-pdo
- - php-pear
- - php-pecl-apcu
- - php-xml
- - php-twig
- - php-xmlrpc
- - php-pecl-uploadprogress
-
-# Drush
-drush_keep_updated: yes
-drush_force_update: yes
-
-# Nginx vhosts configuration
-nginx_vhosts:
- - listen: "{{ nginx_port }}"
- server_name: "{{ server_hostname }} www.{{ server_hostname }}"
- root: "/var/www/html/{{ server_hostname }}"
- open_file_cache: "max=2000 inactive=120s"
- open_file_cache_valid: "240s"
- open_file_cache_min_uses: "5"
- open_file_cache_errors: "off"
- client_max_body_size: "5m"
- client_body_timeout: "60"
- index: "index.php index.html index.htm"
- error_page: "403 =404"
- access_log: "/var/log/nginx/{{ server_hostname }}_access.log"
- error_log: "/var/log/nginx/{{ server_hostname }}_error.log"
- extra_parameters: |
- location ~ ^/sites/.*/files/styles/ {
- try_files $uri @rewrite;
- }
- location ~ ^/sites/default/files/ {
- try_files $uri @rewrite;
- }
- location ~ \.(gif|jpg|jpeg|png|ico|bmp|js|css|pdf|doc|webp|woff|ico|js|css|svg)(\?[a-zA-Z0-9\.\-_,])?$ {
- expires max;
- log_not_found off;
- add_header Cache-Control "public";
- add_header X-Cache $upstream_cache_status;
- }
- location = /favicon.ico {
- log_not_found off;
- access_log off;
- }
- location = /robots.txt {
- allow all;
- log_not_found off;
- access_log off;
- }
- location / {
- proxy_pass http://127.0.0.1:{{ apache_listen_port }};
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $remote_addr;
- add_header X-Cache $upstream_cache_status;
- add_header X-Loaded "/";
- add_header X-Your-IP $remote_addr;
- }
- location ~ \.php$ {
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $remote_addr;
- proxy_set_header Host $host;
- proxy_pass http://127.0.0.1:{{ apache_listen_port }};
- add_header X-Cache $upstream_cache_status;
- add_header X-Loaded "php";
- add_header X-Your-IP $remote_addr;
- }
- location = /backup {
- deny all;
- }
- location ~* \.(txt|log)$ {
- allow 127.0.0.1;
- deny all;
- }
- location ~ \..*/.*\.php$ {
- return 403;
- }
-
- location ~ /\. {
- access_log off;
- log_not_found off;
- deny all;
- }
- location ~ ~$ {
- access_log off;
- log_not_found off;
- deny all;
- }
- location ~ /\.ht {
- deny all;
- }
- location @rewrite {
- # Some modules enforce no slash (/) at the end of the URL
- # Else this rewrite block wouldn't be needed (GlobalRedirect)
- rewrite ^/(.*)$ /index.php?q=$1 last;
- }
- - listen: "{{ nginx_port }}"
- server_name: "2{{ server_hostname }} www.2{{ server_hostname }}"
- root: "/var/www/html/2{{ server_hostname }}"
- open_file_cache: "max=2000 inactive=120s"
- open_file_cache_valid: "240s"
- open_file_cache_min_uses: "5"
- open_file_cache_errors: "off"
- client_max_body_size: "5m"
- client_body_timeout: "60"
- index: "index.php index.html index.htm"
- error_page: "403 =404"
- access_log: "/var/log/nginx/2{{ server_hostname }}_access.log"
- error_log: "/var/log/nginx/2{{ server_hostname }}_error.log"
- extra_parameters: |
- location ~ ^/sites/.*/files/styles/ {
- try_files $uri @rewrite;
- }
- location ~ ^/sites/default/files/ {
- try_files $uri @rewrite;
- }
- location ~ \.(gif|jpg|jpeg|png|ico|bmp|js|css|pdf|doc|webp|woff|ico|js|css|svg)(\?[a-zA-Z0-9\.\-_,])?$ {
- expires max;
- log_not_found off;
- add_header Cache-Control "public";
- add_header X-Cache $upstream_cache_status;
- }
- location = /favicon.ico {
- log_not_found off;
- access_log off;
- }
- location = /robots.txt {
- allow all;
- log_not_found off;
- access_log off;
- }
- location / {
- proxy_pass http://127.0.0.1:{{ apache_listen_port }};
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $remote_addr;
- add_header X-Cache $upstream_cache_status;
- add_header X-Loaded "/";
- add_header X-Your-IP $remote_addr;
- }
- location ~ \.php$ {
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $remote_addr;
- proxy_set_header Host $host;
- proxy_pass http://127.0.0.1:{{ apache_listen_port }};
- add_header X-Cache $upstream_cache_status;
- add_header X-Loaded "php";
- add_header X-Your-IP $remote_addr;
- }
- location = /backup {
- deny all;
- }
- location ~* \.(txt|log)$ {
- allow 127.0.0.1;
- deny all;
- }
- location ~ \..*/.*\.php$ {
- return 403;
- }
-
- location ~ /\. {
- access_log off;
- log_not_found off;
- deny all;
- }
- location ~ ~$ {
- access_log off;
- log_not_found off;
- deny all;
- }
- location ~ /\.ht {
- deny all;
- }
- location @rewrite {
- # Some modules enforce no slash (/) at the end of the URL
- # Else this rewrite block wouldn't be needed (GlobalRedirect)
- rewrite ^/(.*)$ /index.php?q=$1 last;
- }
diff --git a/handlers/main.yml b/handlers/main.yml
new file mode 100755
index 0000000..3f6d024
--- /dev/null
+++ b/handlers/main.yml
@@ -0,0 +1,10 @@
+---
+- name: restart nginx
+ service: name=nginx state=restarted
+
+- name: validate nginx configuration
+ command: nginx -t -c /etc/nginx/nginx.conf
+ changed_when: False
+
+- name: reload nginx
+ service: name=nginx state=reloaded
diff --git a/hosts b/hosts
deleted file mode 100644
index c77885e..0000000
--- a/hosts
+++ /dev/null
@@ -1,2 +0,0 @@
-[lemp-server]
-122.129.219.67:221
diff --git a/roles/ansible-role-apache/meta/main.yml b/meta/main.yml
old mode 100644
new mode 100755
similarity index 54%
rename from roles/ansible-role-apache/meta/main.yml
rename to meta/main.yml
index 12200db..fab65e4
--- a/roles/ansible-role-apache/meta/main.yml
+++ b/meta/main.yml
@@ -3,29 +3,28 @@ dependencies: []
galaxy_info:
author: geerlingguy
- description: Apache 2.x for RedHat/CentOS/Debian/Ubuntu/Solaris/Suse.
+ description: Nginx installation for Linux and FreeBSD.
company: "Midwestern Mac, LLC"
license: "license (BSD, MIT)"
- min_ansible_version: 1.9
+ min_ansible_version: 1.8
platforms:
- name: EL
versions:
- - all
+ - 6
+ - 7
- name: Debian
versions:
- all
- name: Ubuntu
- versions:
- - precise
- - raring
- - saucy
- - trusty
- - xenial
- - name: Suse
versions:
- all
- - name: Solaris
+ - name: FreeBSD
versions:
- - 11.3
+ - 10.3
+ - 10.2
+ - 10.1
+ - 10.0
+ - 9.3
galaxy_tags:
+ - development
- web
diff --git a/roles/ansible-role-apache/.travis.yml b/roles/ansible-role-apache/.travis.yml
deleted file mode 100644
index 163e4c3..0000000
--- a/roles/ansible-role-apache/.travis.yml
+++ /dev/null
@@ -1,54 +0,0 @@
----
-sudo: required
-
-env:
- - distribution: centos
- version: 6
- init: /sbin/init
- run_opts: ""
- - distribution: centos
- version: 7
- init: /usr/lib/systemd/systemd
- run_opts: "--privileged --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro"
- - distribution: ubuntu
- version: 14.04
- init: /sbin/init
- run_opts: ""
- - distribution: ubuntu
- version: 12.04
- init: /sbin/init
- run_opts: ""
-
-services:
- - docker
-
-before_install:
- # - sudo apt-get update
- # Pull container
- - 'sudo docker pull ${distribution}:${version}'
- # Customize container
- - 'sudo docker build --rm=true --file=tests/Dockerfile.${distribution}-${version} --tag=${distribution}-${version}:ansible tests'
-
-script:
- - container_id=$(mktemp)
- # Run container in detached state
- - 'sudo docker run --detach --volume="${PWD}":/etc/ansible/roles/role_under_test:ro ${run_opts} ${distribution}-${version}:ansible "${init}" > "${container_id}"'
-
- # Ansible syntax check.
- - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml --syntax-check'
-
- # Test role.
- - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml'
-
- # Test role idempotence.
- - >
- sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml
- | grep -q 'changed=0.*failed=0'
- && (echo 'Idempotence test: pass' && exit 0)
- || (echo 'Idempotence test: fail' && exit 1)
-
- # Clean up
- - 'sudo docker stop "$(cat ${container_id})"'
-
-notifications:
- webhooks: https://galaxy.ansible.com/api/v1/notifications/
diff --git a/roles/ansible-role-apache/README.md b/roles/ansible-role-apache/README.md
deleted file mode 100644
index 100614d..0000000
--- a/roles/ansible-role-apache/README.md
+++ /dev/null
@@ -1,124 +0,0 @@
-# Ansible Role: Apache 2.x
-
-[](https://travis-ci.org/geerlingguy/ansible-role-apache)
-
-An Ansible Role that installs Apache 2.x on RHEL/CentOS, Debian/Ubuntu, SLES and Solaris.
-
-## Requirements
-
-If you are using SSL/TLS, you will need to provide your own certificate and key files. You can generate a self-signed certificate with a command like `openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout example.key -out example.crt`.
-
-If you are using Apache with PHP, I recommend using the `geerlingguy.php` role to install PHP, and you can either use mod_php (by adding the proper package, e.g. `libapache2-mod-php5` for Ubuntu, to `php_packages`), or by also using `geerlingguy.apache-php-fpm` to connect Apache to PHP via FPM. See that role's README for more info.
-
-## Role Variables
-
-Available variables are listed below, along with default values (see `defaults/main.yml`):
-
- apache_enablerepo: ""
-
-The repository to use when installing Apache (only used on RHEL/CentOS systems). If you'd like later versions of Apache than are available in the OS's core repositories, use a repository like EPEL (which can be installed with the `geerlingguy.repo-epel` role).
-
- apache_listen_ip: "*"
- apache_listen_port: 80
- apache_listen_port_ssl: 443
-
-The IP address and ports on which apache should be listening. Useful if you have another service (like a reverse proxy) listening on port 80 or 443 and need to change the defaults.
-
- apache_create_vhosts: true
- apache_vhosts_filename: "vhosts.conf"
-
-If set to true, a vhosts file, managed by this role's variables (see below), will be created and placed in the Apache configuration folder. If set to false, you can place your own vhosts file into Apache's configuration folder and skip the convenient (but more basic) one added by this role.
-
- apache_remove_default_vhost: false
-
-On Debian/Ubuntu, a default virtualhost is included in Apache's configuration. Set this to `true` to remove that default virtualhost configuration file.
-
- apache_global_vhost_settings: |
- DirectoryIndex index.php index.html
- # Add other global settings on subsequent lines.
-
-You can add or override global Apache configuration settings in the role-provided vhosts file (assuming `apache_create_vhosts` is true) using this variable. By default it only sets the DirectoryIndex configuration.
-
- apache_vhosts:
- # Additional optional properties: 'serveradmin, serveralias, extra_parameters'.
- - servername: "local.dev"
- documentroot: "/var/www/html"
-
-Add a set of properties per virtualhost, including `servername` (required), `documentroot` (required), `serveradmin` (optional), `serveralias` (optional) and `extra_parameters` (optional: you can add whatever additional configuration lines you'd like in here).
-
-Here's an example using `extra_parameters` to add a RewriteRule to redirect all requests to the `www.` site:
-
- - servername: "www.local.dev"
- serveralias: "local.dev"
- documentroot: "/var/www/html"
- extra_parameters: |
- RewriteCond %{HTTP_HOST} !^www\. [NC]
- RewriteRule ^(.*)$ http://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
-
-The `|` denotes a multiline scalar block in YAML, so newlines are preserved in the resulting configuration file output.
-
- apache_vhosts_ssl: []
-
-No SSL vhosts are configured by default, but you can add them using the same pattern as `apache_vhosts`, with a few additional directives, like the following example:
-
- apache_vhosts_ssl:
- - {
- servername: "local.dev",
- documentroot: "/var/www/html",
- certificate_file: "/home/vagrant/example.crt",
- certificate_key_file: "/home/vagrant/example.key",
- certificate_chain_file: "/path/to/certificate_chain.crt"
- }
-
-Other SSL directives can be managed with other SSL-related role variables.
-
- apache_ssl_protocol: "All -SSLv2 -SSLv3"
- apache_ssl_cipher_suite: "AES256+EECDH:AES256+EDH"
-
-The SSL protocols and cipher suites that are used/allowed when clients make secure connections to your server. These are secure/sane defaults, but for maximum security, performand, and/or compatibility, you may need to adjust these settings.
-
- apache_mods_enabled:
- - rewrite.load
- - ssl.load
- apache_mods_disabled: []
-
-(Debian/Ubuntu ONLY) Which Apache mods to enable or disable (these will be symlinked into the appropriate location). See the `mods-available` directory inside the apache configuration directory (`/etc/apache2/mods-available` by default) for all the available mods.
-
- apache_packages:
- - [platform-specific]
-
-The list of packages to be installed. This defaults to a set of platform-specific packages for RedHat or Debian-based systems (see `vars/RedHat.yml` and `vars/Debian.yml` for the default values).
-
- apache_state: started
-
-Set initial Apache daemon state to be enforced when this role is run. This should generally remain `started`, but you can set it to `stopped` if you need to fix the Apache config during a playbook run or otherwise would not like Apache started at the time this role is run.
-
- apache_ignore_missing_ssl_certificate: true
-
-If you would like to only create SSL vhosts when the vhost certificate is present (e.g. when using Let’s Encrypt), set `apache_ignore_missing_ssl_certificate` to `false`. When doing this, you might need to run your playbook more than once so all the vhosts are configured (if another part of the playbook generates the SSL certificates).
-
-## Dependencies
-
-None.
-
-## Example Playbook
-
- - hosts: webservers
- vars_files:
- - vars/main.yml
- roles:
- - { role: geerlingguy.apache }
-
-*Inside `vars/main.yml`*:
-
- apache_listen_port: 8080
- apache_vhosts:
- - {servername: "example.com", documentroot: "/var/www/vhosts/example_com"}
-
-## License
-
-MIT / BSD
-
-## Author Information
-
-This role was created in 2014 by [Jeff Geerling](http://jeffgeerling.com/), author of [Ansible for DevOps](http://ansiblefordevops.com/).
diff --git a/roles/ansible-role-apache/defaults/main.yml b/roles/ansible-role-apache/defaults/main.yml
deleted file mode 100644
index 4acdfce..0000000
--- a/roles/ansible-role-apache/defaults/main.yml
+++ /dev/null
@@ -1,44 +0,0 @@
----
-apache_enablerepo: ""
-
-apache_listen_ip: "*"
-apache_listen_port: 80
-apache_listen_port_ssl: 443
-
-apache_create_vhosts: true
-apache_vhosts_filename: "vhosts.conf"
-
-# On Debian/Ubuntu, a default virtualhost is included in Apache's configuration.
-# Set this to `true` to remove that default.
-apache_remove_default_vhost: false
-
-apache_global_vhost_settings: |
- DirectoryIndex index.php index.html
-
-apache_vhosts:
- # Additional properties: 'serveradmin, serveralias, extra_parameters'.
- - servername: "local.dev"
- documentroot: "/var/www/html"
-
-apache_vhosts_ssl: []
- # Additional properties: 'serveradmin, extra_parameters'.
- # - servername: "local.dev",
- # documentroot: "/var/www/html",
- # certificate_file: "/path/to/certificate.crt",
- # certificate_key_file: "/path/to/certificate.key",
- # # Optional.
- # certificate_chain_file: "/path/to/certificate_chain.crt"
-
-apache_ignore_missing_ssl_certificate: true
-
-apache_ssl_protocol: "All -SSLv2 -SSLv3"
-apache_ssl_cipher_suite: "AES256+EECDH:AES256+EDH"
-
-# Only used on Debian/Ubuntu.
-apache_mods_enabled:
- - rewrite.load
- - ssl.load
-apache_mods_disabled: []
-
-# Set initial apache state. Recommended values: `started` or `stopped`
-apache_state: started
diff --git a/roles/ansible-role-apache/handlers/main.yml b/roles/ansible-role-apache/handlers/main.yml
deleted file mode 100644
index 25d14ec..0000000
--- a/roles/ansible-role-apache/handlers/main.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-- name: restart apache
- service:
- name: "{{ apache_service }}"
- state: restarted
diff --git a/roles/ansible-role-apache/tasks/configure-Debian.yml b/roles/ansible-role-apache/tasks/configure-Debian.yml
deleted file mode 100644
index 94b9b23..0000000
--- a/roles/ansible-role-apache/tasks/configure-Debian.yml
+++ /dev/null
@@ -1,54 +0,0 @@
----
-- name: Configure Apache.
- lineinfile:
- dest: "{{ apache_server_root }}/ports.conf"
- regexp: "{{ item.regexp }}"
- line: "{{ item.line }}"
- state: present
- with_items: "{{ apache_ports_configuration_items }}"
- notify: restart apache
-
-- name: Enable Apache mods.
- file:
- src: "{{ apache_server_root }}/mods-available/{{ item }}"
- dest: "{{ apache_server_root }}/mods-enabled/{{ item }}"
- state: link
- with_items: "{{ apache_mods_enabled }}"
- notify: restart apache
-
-- name: Disable Apache mods.
- file:
- path: "{{ apache_server_root }}/mods-enabled/{{ item }}"
- state: absent
- with_items: "{{ apache_mods_disabled }}"
- notify: restart apache
-
-- name: Check whether certificates defined in vhosts exist.
- stat: "path={{ item.certificate_file }}"
- register: apache_ssl_certificates
- with_items: "{{ apache_vhosts_ssl }}"
-
-- name: Add apache vhosts configuration.
- template:
- src: "vhosts.conf.j2"
- dest: "{{ apache_conf_path }}/sites-available/{{ apache_vhosts_filename }}"
- owner: root
- group: root
- mode: 0644
- notify: restart apache
- when: apache_create_vhosts
-
-- name: Add vhost symlink in sites-enabled.
- file:
- src: "{{ apache_conf_path }}/sites-available/{{ apache_vhosts_filename }}"
- dest: "{{ apache_conf_path }}/sites-enabled/{{ apache_vhosts_filename }}"
- state: link
- notify: restart apache
- when: apache_create_vhosts
-
-- name: Remove default vhost in sites-enabled.
- file:
- path: "{{ apache_conf_path }}/sites-enabled/{{ apache_default_vhost_filename }}"
- state: absent
- notify: restart apache
- when: apache_remove_default_vhost
diff --git a/roles/ansible-role-apache/tasks/configure-RedHat.yml b/roles/ansible-role-apache/tasks/configure-RedHat.yml
deleted file mode 100644
index 0c3a01f..0000000
--- a/roles/ansible-role-apache/tasks/configure-RedHat.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-- name: Configure Apache.
- lineinfile:
- dest: "{{ apache_server_root }}/conf/{{ apache_daemon }}.conf"
- regexp: "{{ item.regexp }}"
- line: "{{ item.line }}"
- state: present
- with_items: "{{ apache_ports_configuration_items }}"
- notify: restart apache
-
-- name: Check whether certificates defined in vhosts exist.
- stat: path={{ item.certificate_file }}
- register: apache_ssl_certificates
- with_items: "{{ apache_vhosts_ssl }}"
-
-- name: Add apache vhosts configuration.
- template:
- src: "vhosts.conf.j2"
- dest: "{{ apache_conf_path }}/{{ apache_vhosts_filename }}"
- owner: root
- group: root
- mode: 0644
- notify: restart apache
- when: apache_create_vhosts
diff --git a/roles/ansible-role-apache/tasks/configure-Solaris.yml b/roles/ansible-role-apache/tasks/configure-Solaris.yml
deleted file mode 100644
index a95654b..0000000
--- a/roles/ansible-role-apache/tasks/configure-Solaris.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-- name: Configure Apache.
- lineinfile:
- dest: "{{ apache_server_root }}/{{ apache_daemon }}.conf"
- regexp: "{{ item.regexp }}"
- line: "{{ item.line }}"
- state: present
- with_items: "{{ apache_ports_configuration_items }}"
- notify: restart apache
-
-- name: Add apache vhosts configuration.
- template:
- src: "vhosts.conf.j2"
- dest: "{{ apache_conf_path }}/{{ apache_vhosts_filename }}"
- owner: root
- group: root
- mode: 0644
- notify: restart apache
- when: apache_create_vhosts
diff --git a/roles/ansible-role-apache/tasks/configure-Suse.yml b/roles/ansible-role-apache/tasks/configure-Suse.yml
deleted file mode 100644
index 16d89f8..0000000
--- a/roles/ansible-role-apache/tasks/configure-Suse.yml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-- name: Configure Apache.
- lineinfile:
- dest: "{{ apache_server_root }}/listen.conf"
- regexp: "{{ item.regexp }}"
- line: "{{ item.line }}"
- state: present
- with_items: "{{ apache_ports_configuration_items }}"
- notify: restart apache
-
-- name: Check whether certificates defined in vhosts exist.
- stat: path={{ item.certificate_file }}
- register: apache_ssl_certificates
- with_items: "{{ apache_vhosts_ssl }}"
-
-- name: Add apache vhosts configuration.
- template:
- src: "vhosts.conf.j2"
- dest: "{{ apache_conf_path }}/{{ apache_vhosts_filename }}"
- owner: root
- group: root
- mode: 0644
- notify: restart apache
- when: apache_create_vhosts
diff --git a/roles/ansible-role-apache/tasks/main.yml b/roles/ansible-role-apache/tasks/main.yml
deleted file mode 100644
index 0715fc2..0000000
--- a/roles/ansible-role-apache/tasks/main.yml
+++ /dev/null
@@ -1,58 +0,0 @@
----
-# Include variables and define needed variables.
-- name: Include OS-specific variables.
- include_vars: "{{ ansible_os_family }}.yml"
-
-- name: Define apache_packages.
- set_fact:
- apache_packages: "{{ __apache_packages | list }}"
- when: apache_packages is not defined
-
-# Setup/install tasks.
-- include: setup-RedHat.yml
- when: ansible_os_family == 'RedHat'
-
-- include: setup-Suse.yml
- when: ansible_os_family == 'Suse'
-
-- include: setup-Debian.yml
- when: ansible_os_family == 'Debian'
-
-- include: setup-Solaris.yml
- when: ansible_os_family == 'Solaris'
-
-# Figure out what version of Apache is installed.
-- name: Get installed version of Apache.
- shell: "{{ apache_daemon_path }}{{ apache_daemon }} -v"
- changed_when: false
- always_run: yes
- register: _apache_version
-
-- name: Create apache_version variable.
- set_fact:
- apache_version: "{{ _apache_version.stdout.split()[2].split('/')[1] }}"
-
-- include_vars: apache-22.yml
- when: "apache_version.split('.')[1] == '2'"
-
-- include_vars: apache-24.yml
- when: "apache_version.split('.')[1] == '4'"
-
-# Configure Apache.
-- include: configure-RedHat.yml
- when: ansible_os_family == 'RedHat'
-
-- include: configure-Suse.yml
- when: ansible_os_family == 'Suse'
-
-- include: configure-Debian.yml
- when: ansible_os_family == 'Debian'
-
-- include: configure-Solaris.yml
- when: ansible_os_family == 'Solaris'
-
-- name: Ensure Apache has selected state and enabled on boot.
- service:
- name: "{{ apache_service }}"
- state: "{{ apache_state }}"
- enabled: yes
diff --git a/roles/ansible-role-apache/tasks/setup-Debian.yml b/roles/ansible-role-apache/tasks/setup-Debian.yml
deleted file mode 100644
index 8d72deb..0000000
--- a/roles/ansible-role-apache/tasks/setup-Debian.yml
+++ /dev/null
@@ -1,7 +0,0 @@
----
-- name: Update apt cache.
- apt: update_cache=yes cache_valid_time=86400
-
-- name: Ensure Apache is installed on Debian.
- apt: "name={{ item }} state=installed"
- with_items: "{{ apache_packages }}"
diff --git a/roles/ansible-role-apache/tasks/setup-RedHat.yml b/roles/ansible-role-apache/tasks/setup-RedHat.yml
deleted file mode 100644
index f4a838f..0000000
--- a/roles/ansible-role-apache/tasks/setup-RedHat.yml
+++ /dev/null
@@ -1,7 +0,0 @@
----
-- name: Ensure Apache is installed on RHEL.
- yum:
- name: "{{ item }}"
- state: installed
- enablerepo: "{{ apache_enablerepo }}"
- with_items: "{{ apache_packages }}"
diff --git a/roles/ansible-role-apache/tasks/setup-Solaris.yml b/roles/ansible-role-apache/tasks/setup-Solaris.yml
deleted file mode 100644
index 989e32e..0000000
--- a/roles/ansible-role-apache/tasks/setup-Solaris.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- name: Ensure Apache is installed on Solaris.
- pkg5:
- name: "{{ item }}"
- state: installed
- with_items: "{{ apache_packages }}"
diff --git a/roles/ansible-role-apache/tasks/setup-Suse.yml b/roles/ansible-role-apache/tasks/setup-Suse.yml
deleted file mode 100644
index 80c65ca..0000000
--- a/roles/ansible-role-apache/tasks/setup-Suse.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-- name: Ensure Apache is installed on Suse.
- zypper:
- name: "{{ item }}"
- state: installed
- with_items: "{{ apache_packages }}"
diff --git a/roles/ansible-role-apache/templates/vhosts.conf.j2 b/roles/ansible-role-apache/templates/vhosts.conf.j2
deleted file mode 100644
index 766554f..0000000
--- a/roles/ansible-role-apache/templates/vhosts.conf.j2
+++ /dev/null
@@ -1,82 +0,0 @@
-{{ apache_global_vhost_settings }}
-
-{# Set up VirtualHosts #}
-{% for vhost in apache_vhosts %}
-
- ServerName {{ vhost.servername }}
-{% if vhost.serveralias is defined %}
- ServerAlias {{ vhost.serveralias }}
-{% endif %}
-{% if vhost.documentroot is defined %}
- DocumentRoot {{ vhost.documentroot }}
-{% endif %}
-
-{% if vhost.serveradmin is defined %}
- ServerAdmin {{ vhost.serveradmin }}
-{% endif %}
-{% if vhost.documentroot is defined %}
-
- AllowOverride All
- Options -Indexes +FollowSymLinks
-{% if apache_vhosts_version == "2.2" %}
- Order allow,deny
- Allow from all
-{% else %}
- Require all granted
-{% endif %}
-
-{% endif %}
-{% if vhost.extra_parameters is defined %}
- {{ vhost.extra_parameters }}
-{% endif %}
-
-
-{% endfor %}
-
-{# Set up SSL VirtualHosts #}
-{% for vhost in apache_vhosts_ssl %}
-{% if apache_ignore_missing_ssl_certificate or apache_ssl_certificates.results[loop.index0].stat.exists %}
-
- ServerName {{ vhost.servername }}
-{% if vhost.serveralias is defined %}
- ServerAlias {{ vhost.serveralias }}
-{% endif %}
-{% if vhost.documentroot is defined %}
- DocumentRoot {{ vhost.documentroot }}
-{% endif %}
-
- SSLEngine on
- SSLCipherSuite {{ apache_ssl_cipher_suite }}
- SSLProtocol {{ apache_ssl_protocol }}
- SSLHonorCipherOrder On
-{% if apache_vhosts_version == "2.4" %}
- SSLCompression off
-{% endif %}
- SSLCertificateFile {{ vhost.certificate_file }}
- SSLCertificateKeyFile {{ vhost.certificate_key_file }}
-{% if vhost.certificate_chain_file is defined %}
- SSLCertificateChainFile {{ vhost.certificate_chain_file }}
-{% endif %}
-
-{% if vhost.serveradmin is defined %}
- ServerAdmin {{ vhost.serveradmin }}
-{% endif %}
-{% if vhost.documentroot is defined %}
-
- AllowOverride All
- Options -Indexes +FollowSymLinks
-{% if apache_vhosts_version == "2.2" %}
- Order allow,deny
- Allow from all
-{% else %}
- Require all granted
-{% endif %}
-
-{% endif %}
-{% if vhost.extra_parameters is defined %}
- {{ vhost.extra_parameters }}
-{% endif %}
-
-
-{% endif %}
-{% endfor %}
diff --git a/roles/ansible-role-apache/tests/Dockerfile.centos-6 b/roles/ansible-role-apache/tests/Dockerfile.centos-6
deleted file mode 100644
index 4a4e7b8..0000000
--- a/roles/ansible-role-apache/tests/Dockerfile.centos-6
+++ /dev/null
@@ -1,15 +0,0 @@
-FROM centos:6
-
-# Install Ansible
-RUN yum -y update; yum clean all;
-RUN yum -y install epel-release
-RUN yum -y install git ansible sudo
-RUN yum clean all
-
-# Disable requiretty
-RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers
-
-# Install Ansible inventory file
-RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts
-
-CMD ["/usr/sbin/init"]
diff --git a/roles/ansible-role-apache/tests/Dockerfile.centos-7 b/roles/ansible-role-apache/tests/Dockerfile.centos-7
deleted file mode 100644
index 8aa0654..0000000
--- a/roles/ansible-role-apache/tests/Dockerfile.centos-7
+++ /dev/null
@@ -1,27 +0,0 @@
-FROM centos:7
-
-# Install systemd -- See https://hub.docker.com/_/centos/
-RUN yum -y swap -- remove fakesystemd -- install systemd systemd-libs
-RUN yum -y update; yum clean all; \
-(cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == systemd-tmpfiles-setup.service ] || rm -f $i; done); \
-rm -f /lib/systemd/system/multi-user.target.wants/*; \
-rm -f /etc/systemd/system/*.wants/*; \
-rm -f /lib/systemd/system/local-fs.target.wants/*; \
-rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
-rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
-rm -f /lib/systemd/system/basic.target.wants/*; \
-rm -f /lib/systemd/system/anaconda.target.wants/*;
-
-# Install Ansible
-RUN yum -y install epel-release
-RUN yum -y install git ansible sudo
-RUN yum clean all
-
-# Disable requiretty
-RUN sed -i -e 's/^\(Defaults\s*requiretty\)/#--- \1/' /etc/sudoers
-
-# Install Ansible inventory file
-RUN echo -e '[local]\nlocalhost ansible_connection=local' > /etc/ansible/hosts
-
-VOLUME ["/sys/fs/cgroup"]
-CMD ["/usr/sbin/init"]
diff --git a/roles/ansible-role-apache/tests/Dockerfile.ubuntu-12.04 b/roles/ansible-role-apache/tests/Dockerfile.ubuntu-12.04
deleted file mode 100644
index d0c130c..0000000
--- a/roles/ansible-role-apache/tests/Dockerfile.ubuntu-12.04
+++ /dev/null
@@ -1,11 +0,0 @@
-FROM ubuntu:12.04
-RUN apt-get update
-
-# Install Ansible
-RUN apt-get install -y software-properties-common python-software-properties git
-RUN apt-add-repository -y ppa:ansible/ansible
-RUN apt-get update
-RUN apt-get install -y ansible
-
-# Install Ansible inventory file
-RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts
diff --git a/roles/ansible-role-apache/tests/Dockerfile.ubuntu-14.04 b/roles/ansible-role-apache/tests/Dockerfile.ubuntu-14.04
deleted file mode 100644
index ca33287..0000000
--- a/roles/ansible-role-apache/tests/Dockerfile.ubuntu-14.04
+++ /dev/null
@@ -1,11 +0,0 @@
-FROM ubuntu:14.04
-RUN apt-get update
-
-# Install Ansible
-RUN apt-get install -y software-properties-common git
-RUN apt-add-repository -y ppa:ansible/ansible
-RUN apt-get update
-RUN apt-get install -y ansible
-
-# Install Ansible inventory file
-RUN echo "[local]\nlocalhost ansible_connection=local" > /etc/ansible/hosts
diff --git a/roles/ansible-role-apache/tests/test.yml b/roles/ansible-role-apache/tests/test.yml
deleted file mode 100644
index f5c5ca6..0000000
--- a/roles/ansible-role-apache/tests/test.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-- hosts: all
-
- vars:
- apache_listen_port_ssl: 443
- apache_create_vhosts: true
- apache_vhosts_filename: "vhosts.conf"
- apache_vhosts:
- - servername: "example.com"
- documentroot: "/var/www/vhosts/example_com"
-
- roles:
- - role_under_test
diff --git a/roles/ansible-role-apache/vars/Debian.yml b/roles/ansible-role-apache/vars/Debian.yml
deleted file mode 100644
index 7ff09c5..0000000
--- a/roles/ansible-role-apache/vars/Debian.yml
+++ /dev/null
@@ -1,14 +0,0 @@
----
-apache_service: apache2
-apache_daemon: apache2
-apache_daemon_path: /usr/sbin/
-apache_server_root: /etc/apache2
-apache_conf_path: /etc/apache2
-
-__apache_packages:
- - apache2
- - apache2-utils
-
-apache_ports_configuration_items:
- - regexp: "^Listen "
- line: "Listen {{ apache_listen_port }}"
diff --git a/roles/ansible-role-apache/vars/RedHat.yml b/roles/ansible-role-apache/vars/RedHat.yml
deleted file mode 100644
index d79fa5a..0000000
--- a/roles/ansible-role-apache/vars/RedHat.yml
+++ /dev/null
@@ -1,20 +0,0 @@
----
-apache_service: httpd
-apache_daemon: httpd
-apache_daemon_path: /usr/sbin/
-apache_server_root: /etc/httpd
-apache_conf_path: /etc/httpd/conf.d
-
-apache_vhosts_version: "2.2"
-
-__apache_packages:
- - httpd
- - httpd-devel
- - mod_ssl
- - openssh
-
-apache_ports_configuration_items:
- - regexp: "^Listen "
- line: "Listen {{ apache_listen_port }}"
- - regexp: "^#?NameVirtualHost "
- line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"
diff --git a/roles/ansible-role-apache/vars/Solaris.yml b/roles/ansible-role-apache/vars/Solaris.yml
deleted file mode 100644
index 576291e..0000000
--- a/roles/ansible-role-apache/vars/Solaris.yml
+++ /dev/null
@@ -1,19 +0,0 @@
----
-apache_service: apache24
-apache_daemon: httpd
-apache_daemon_path: /usr/apache2/2.4/bin/
-apache_server_root: /etc/apache2/2.4/
-apache_conf_path: /etc/apache2/2.4/conf.d
-
-apache_vhosts_version: "2.2"
-
-__apache_packages:
- - web/server/apache-24
- - web/server/apache-24/module/apache-ssl
- - web/server/apache-24/module/apache-security
-
-apache_ports_configuration_items:
- - regexp: "^Listen "
- line: "Listen {{ apache_listen_port }}"
- - regexp: "^#?NameVirtualHost "
- line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"
diff --git a/roles/ansible-role-apache/vars/Suse.yml b/roles/ansible-role-apache/vars/Suse.yml
deleted file mode 100644
index 27703f3..0000000
--- a/roles/ansible-role-apache/vars/Suse.yml
+++ /dev/null
@@ -1,18 +0,0 @@
----
-apache_service: apache2
-apache_daemon: httpd2
-apache_daemon_path: /usr/sbin/
-apache_server_root: /etc/apache2
-apache_conf_path: /etc/apache2/conf.d
-
-apache_vhosts_version: "2.2"
-
-__apache_packages:
- - apache2
- - openssh
-
-apache_ports_configuration_items:
- - regexp: "^Listen "
- line: "Listen {{ apache_listen_port }}"
- - regexp: "^#?NameVirtualHost "
- line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"
diff --git a/roles/ansible-role-apache/vars/apache-22.yml b/roles/ansible-role-apache/vars/apache-22.yml
deleted file mode 100644
index c932f93..0000000
--- a/roles/ansible-role-apache/vars/apache-22.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-apache_vhosts_version: "2.2"
-apache_default_vhost_filename: 000-default
-apache_ports_configuration_items:
- - {
- regexp: "^Listen ",
- line: "Listen {{ apache_listen_port }}"
- }
- - {
- regexp: "^#?NameVirtualHost ",
- line: "NameVirtualHost {{ apache_listen_ip }}:{{ apache_listen_port }}"
- }
diff --git a/roles/ansible-role-apache/vars/apache-24.yml b/roles/ansible-role-apache/vars/apache-24.yml
deleted file mode 100644
index 449a444..0000000
--- a/roles/ansible-role-apache/vars/apache-24.yml
+++ /dev/null
@@ -1,8 +0,0 @@
----
-apache_vhosts_version: "2.4"
-apache_default_vhost_filename: 000-default.conf
-apache_ports_configuration_items:
- - {
- regexp: "^Listen ",
- line: "Listen {{ apache_listen_port }}"
- }
diff --git a/roles/common/files/RPM-GPG-KEY-EPEL-7 b/roles/common/files/RPM-GPG-KEY-EPEL-7
deleted file mode 100644
index a1d6f25..0000000
--- a/roles/common/files/RPM-GPG-KEY-EPEL-7
+++ /dev/null
@@ -1,29 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.11 (GNU/Linux)
-
-mQINBFKuaIQBEAC1UphXwMqCAarPUH/ZsOFslabeTVO2pDk5YnO96f+rgZB7xArB
-OSeQk7B90iqSJ85/c72OAn4OXYvT63gfCeXpJs5M7emXkPsNQWWSju99lW+AqSNm
-jYWhmRlLRGl0OO7gIwj776dIXvcMNFlzSPj00N2xAqjMbjlnV2n2abAE5gq6VpqP
-vFXVyfrVa/ualogDVmf6h2t4Rdpifq8qTHsHFU3xpCz+T6/dGWKGQ42ZQfTaLnDM
-jToAsmY0AyevkIbX6iZVtzGvanYpPcWW4X0RDPcpqfFNZk643xI4lsZ+Y2Er9Yu5
-S/8x0ly+tmmIokaE0wwbdUu740YTZjCesroYWiRg5zuQ2xfKxJoV5E+Eh+tYwGDJ
-n6HfWhRgnudRRwvuJ45ztYVtKulKw8QQpd2STWrcQQDJaRWmnMooX/PATTjCBExB
-9dkz38Druvk7IkHMtsIqlkAOQMdsX1d3Tov6BE2XDjIG0zFxLduJGbVwc/6rIc95
-T055j36Ez0HrjxdpTGOOHxRqMK5m9flFbaxxtDnS7w77WqzW7HjFrD0VeTx2vnjj
-GqchHEQpfDpFOzb8LTFhgYidyRNUflQY35WLOzLNV+pV3eQ3Jg11UFwelSNLqfQf
-uFRGc+zcwkNjHh5yPvm9odR1BIfqJ6sKGPGbtPNXo7ERMRypWyRz0zi0twARAQAB
-tChGZWRvcmEgRVBFTCAoNykgPGVwZWxAZmVkb3JhcHJvamVjdC5vcmc+iQI4BBMB
-AgAiBQJSrmiEAhsPBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRBqL66iNSxk
-5cfGD/4spqpsTjtDM7qpytKLHKruZtvuWiqt5RfvT9ww9GUUFMZ4ZZGX4nUXg49q
-ixDLayWR8ddG/s5kyOi3C0uX/6inzaYyRg+Bh70brqKUK14F1BrrPi29eaKfG+Gu
-MFtXdBG2a7OtPmw3yuKmq9Epv6B0mP6E5KSdvSRSqJWtGcA6wRS/wDzXJENHp5re
-9Ism3CYydpy0GLRA5wo4fPB5uLdUhLEUDvh2KK//fMjja3o0L+SNz8N0aDZyn5Ax
-CU9RB3EHcTecFgoy5umRj99BZrebR1NO+4gBrivIfdvD4fJNfNBHXwhSH9ACGCNv
-HnXVjHQF9iHWApKkRIeh8Fr2n5dtfJEF7SEX8GbX7FbsWo29kXMrVgNqHNyDnfAB
-VoPubgQdtJZJkVZAkaHrMu8AytwT62Q4eNqmJI1aWbZQNI5jWYqc6RKuCK6/F99q
-thFT9gJO17+yRuL6Uv2/vgzVR1RGdwVLKwlUjGPAjYflpCQwWMAASxiv9uPyYPHc
-ErSrbRG0wjIfAR3vus1OSOx3xZHZpXFfmQTsDP7zVROLzV98R3JwFAxJ4/xqeON4
-vCPFU6OsT3lWQ8w7il5ohY95wmujfr6lk89kEzJdOTzcn7DBbUru33CQMGKZ3Evt
-RjsC7FDbL017qxS+ZVA/HGkyfiu4cpgV8VUnbql5eAZ+1Ll6Dw==
-=hdPa
------END PGP PUBLIC KEY BLOCK-----
\ No newline at end of file
diff --git a/roles/common/files/RPM-GPG-KEY-NGINX b/roles/common/files/RPM-GPG-KEY-NGINX
deleted file mode 100644
index 2528b45..0000000
--- a/roles/common/files/RPM-GPG-KEY-NGINX
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PGP PUBLIC KEY BLOCK-----
-Version: GnuPG v1.4.11 (FreeBSD)
-
-mQENBE5OMmIBCAD+FPYKGriGGf7NqwKfWC83cBV01gabgVWQmZbMcFzeW+hMsgxH
-W6iimD0RsfZ9oEbfJCPG0CRSZ7ppq5pKamYs2+EJ8Q2ysOFHHwpGrA2C8zyNAs4I
-QxnZZIbETgcSwFtDun0XiqPwPZgyuXVm9PAbLZRbfBzm8wR/3SWygqZBBLdQk5TE
-fDR+Eny/M1RVR4xClECONF9UBB2ejFdI1LD45APbP2hsN/piFByU1t7yK2gpFyRt
-97WzGHn9MV5/TL7AmRPM4pcr3JacmtCnxXeCZ8nLqedoSuHFuhwyDnlAbu8I16O5
-XRrfzhrHRJFM1JnIiGmzZi6zBvH0ItfyX6ttABEBAAG0KW5naW54IHNpZ25pbmcg
-a2V5IDxzaWduaW5nLWtleUBuZ2lueC5jb20+iQE+BBMBAgAoBQJOTjJiAhsDBQkJ
-ZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRCr9b2Ce9m/YpvjB/98uV4t
-94d0oEh5XlqEZzVMrcTgPQ3BZt05N5xVuYaglv7OQtdlErMXmRWaFZEqDaMHdniC
-sF63jWMd29vC4xpzIfmsLK3ce9oYo4t9o4WWqBUdf0Ff1LMz1dfLG2HDtKPfYg3C
-8NESud09zuP5NohaE8Qzj/4p6rWDiRpuZ++4fnL3Dt3N6jXILwr/TM/Ma7jvaXGP
-DO3kzm4dNKp5b5bn2nT2QWLPnEKxvOg5Zoej8l9+KFsUnXoWoYCkMQ2QTpZQFNwF
-xwJGoAz8K3PwVPUrIL6b1lsiNovDgcgP0eDgzvwLynWKBPkRRjtgmWLoeaS9FAZV
-ccXJMmANXJFuCf26iQEcBBABAgAGBQJOTkelAAoJEKZP1bF62zmo79oH/1XDb29S
-YtWp+MTJTPFEwlWRiyRuDXy3wBd/BpwBRIWfWzMs1gnCjNjk0EVBVGa2grvy9Jtx
-JKMd6l/PWXVucSt+U/+GO8rBkw14SdhqxaS2l14v6gyMeUrSbY3XfToGfwHC4sa/
-Thn8X4jFaQ2XN5dAIzJGU1s5JA0tjEzUwCnmrKmyMlXZaoQVrmORGjCuH0I0aAFk
-RS0UtnB9HPpxhGVbs24xXZQnZDNbUQeulFxS4uP3OLDBAeCHl+v4t/uotIad8v6J
-SO93vc1evIje6lguE81HHmJn9noxPItvOvSMb2yPsE8mH4cJHRTFNSEhPW6ghmlf
-Wa9ZwiVX5igxcvaIRgQQEQIABgUCTk5b0gAKCRDs8OkLLBcgg1G+AKCnacLb/+W6
-cflirUIExgZdUJqoogCeNPVwXiHEIVqithAM1pdY/gcaQZmIRgQQEQIABgUCTk5f
-YQAKCRCpN2E5pSTFPnNWAJ9gUozyiS+9jf2rJvqmJSeWuCgVRwCcCUFhXRCpQO2Y
-Va3l3WuB+rgKjsQ=
-=A015
------END PGP PUBLIC KEY BLOCK-----
\ No newline at end of file
diff --git a/roles/common/files/epel.repo b/roles/common/files/epel.repo
deleted file mode 100644
index 0301cc7..0000000
--- a/roles/common/files/epel.repo
+++ /dev/null
@@ -1,8 +0,0 @@
-[epel]
-name=Extra Packages for Enterprise Linux 7 - $basearch
-#baseurl=http://download.fedoraproject.org/pub/epel/7/$basearch
-mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch
-failovermethod=priority
-enabled=1
-gpgcheck=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
\ No newline at end of file
diff --git a/roles/common/files/nginx.repo b/roles/common/files/nginx.repo
deleted file mode 100644
index 9060b8d..0000000
--- a/roles/common/files/nginx.repo
+++ /dev/null
@@ -1,7 +0,0 @@
-[nginx]
-name=Nginx repo - $basearch
-baseurl=http://nginx.org/packages/centos/7/$basearch
-failovermethod=priority
-gpgcheck=1
-enabled=1
-gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-NGINX
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
deleted file mode 100644
index b16fe11..0000000
--- a/roles/common/tasks/main.yml
+++ /dev/null
@@ -1,12 +0,0 @@
----
-# Setup/install tasks.
-- include: setup-RedHat.yml
- when: ansible_os_family == 'RedHat'
-
-- hostname: name={{ server_hostname }}
-
-- name: Creates custom users
- user: name=vmuser comment=DefaultUser groups=wheel password={{ default_user_password }} shell=/bin/bash createhome=yes
-
-- name: Creates custom PHP users
- user: name=www-php comment=DefaultPHPUser shell=/sbin/nologin createhome=no
diff --git a/roles/common/tasks/setup-RedHat.yml b/roles/common/tasks/setup-RedHat.yml
deleted file mode 100644
index c7ab2e8..0000000
--- a/roles/common/tasks/setup-RedHat.yml
+++ /dev/null
@@ -1,19 +0,0 @@
-- name: Copy the NGINX repository definition
- copy: src=nginx.repo dest=/etc/yum.repos.d/
-
-- name: Copy the EPEL repository definition
- copy: src=epel.repo dest=/etc/yum.repos.d/
-
-- name: Create the GPG key for NGINX
- copy: src=RPM-GPG-KEY-NGINX dest=/etc/pki/rpm-gpg
-
-- name: Create the GPG key for EPEL
- copy: src=RPM-GPG-KEY-EPEL-7 dest=/etc/pki/rpm-gpg
-
-- name: Creates Docroot vhost directory
- file: path=/var/www/html/{{ item.value.name }} state=directory owner={{ default_user_username }} group={{ php_fpm_pool_group }} mode=0755 recurse=yes
- when: nginx_vhosts|length > 0
- with_dict: "{{ vhost_domains }}"
- notify:
- - reload nginx
- - reload apache
diff --git a/roles/wordpress/tasks/main.yml b/roles/wordpress/tasks/main.yml
deleted file mode 100644
index 8a577cb..0000000
--- a/roles/wordpress/tasks/main.yml
+++ /dev/null
@@ -1,60 +0,0 @@
----
-- name: Download WordPress
- get_url: url=http://wordpress.org/wordpress-{{ wp_version }}.tar.gz dest=/srv/wordpress-{{ wp_version }}.tar.gz
- sha256sum="{{ wp_sha256sum }}"
-
-- name: Extract archive
- command: chdir=/srv/ /bin/tar xvf wordpress-{{ wp_version }}.tar.gz creates=/srv/wordpress
-
-- name: Add group "wordpress"
- group: name=wordpress
-
-- name: Add user "wordpress"
- user: name=wordpress group=wordpress home=/srv/wordpress/
-
-- name: Fetch random salts for WordPress config
- local_action: command curl https://api.wordpress.org/secret-key/1.1/salt/
- register: "wp_salt"
- sudo: no
-
-- name: Create WordPress database
- mysql_db: name={{ wp_db_name }} state=present
-
-- name: Create WordPress database user
- mysql_user: name={{ wp_db_user }} password={{ wp_db_password }} priv={{ wp_db_name }}.*:ALL host='localhost' state=present
-
-- name: Copy WordPress config file
- template: src=wp-config.php dest=/srv/wordpress/
-
-- name: Change ownership of WordPress installation
- file: path=/srv/wordpress/ owner=wordpress group=wordpress state=directory recurse=yes
-
-- name: install SEManage
- yum: pkg=policycoreutils-python state=present
-
-- name: set the SELinux policy for the Wordpress directory
- command: semanage fcontext -a -t httpd_sys_content_t "/srv/wordpress(/.*)?"
-
-- name: set the SELinux policy for wp-config.php
- command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/wp-config\.php"
-
-- name: set the SELinux policy for wp-content directory
- command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content(/.*)?"
-
-- name: set the SELinux policy for the *.php files
- command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/.*\.php"
-
-- name: set the SELinux policy for the Upgrade directory
- command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content/upgrade(/.*)?"
-
-- name: set the SELinux policy for the Uploads directory
- command: semanage fcontext -a -t httpd_sys_rw_content_t "/srv/wordpress/wp-content/uploads(/.*)?"
-
-- name: set the SELinux policy for the wp-includes php files
- command: semanage fcontext -a -t httpd_sys_script_exec_t "/srv/wordpress/wp-includes/.*\.php"
-
-- name: set the SELinux on all the Files
- command: restorecon -Rv /srv/wordpress
-
-- name: Start php-fpm Service
- service: name=php-fpm state=started enabled=yes
diff --git a/roles/wordpress/templates/wp-config.php b/roles/wordpress/templates/wp-config.php
deleted file mode 100644
index 5694520..0000000
--- a/roles/wordpress/templates/wp-config.php
+++ /dev/null
@@ -1,90 +0,0 @@
- 0
+ notify:
+ - reload nginx
+
+- name: Creates Nginx vhost directory
+ file: path=/var/www/html/{{ server_hostname }} state=directory owner={{ php_fpm_pool_user }} group={{ php_fpm_pool_group }} mode=0755 recurse=yes
+ when: nginx_vhosts|length > 0
+ notify:
+ - reload nginx
+
+- name: Remove managed vhost config file (if no vhosts are configured).
+ file:
+ path: "{{ nginx_vhost_path }}/vhosts.conf"
+ state: absent
+ when: nginx_vhosts|length == 0
+ notify:
+ - reload nginx
+
diff --git a/templates/headers.conf.j2 b/templates/headers.conf.j2
new file mode 100644
index 0000000..3dc3b46
--- /dev/null
+++ b/templates/headers.conf.j2
@@ -0,0 +1,7 @@
+{% if nginx_bigpipe_enable %}
+ add_header X-Accel-Buffering: no;
+{% endif %}
+add_header X-Frame-Options SAMEORIGIN;
+add_header X-Content-Type-Options nosniff;
+add_header X-XSS-Protection "1; mode=block";
+add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'";
diff --git a/templates/nginx.conf.j2 b/templates/nginx.conf.j2
new file mode 100755
index 0000000..86eda73
--- /dev/null
+++ b/templates/nginx.conf.j2
@@ -0,0 +1,63 @@
+user {{ nginx_user }};
+
+error_log {{ nginx_error_log }};
+pid {{ nginx_pidfile }};
+
+worker_processes {{ nginx_worker_processes }};
+
+events {
+ worker_connections {{ nginx_worker_connections }};
+ multi_accept {{ nginx_multi_accept }};
+}
+
+{% if nginx_extra_conf_options %}
+{{ nginx_extra_conf_options }}
+{% endif %}
+
+http {
+ include {{ nginx_mime_file_path }};
+ default_type application/octet-stream;
+
+ server_names_hash_bucket_size {{ nginx_server_names_hash_bucket_size }};
+
+ client_max_body_size {{ nginx_client_max_body_size }};
+
+ log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+
+ access_log {{ nginx_access_log }};
+
+ sendfile {{ nginx_sendfile }};
+ tcp_nopush {{ nginx_tcp_nopush }};
+ tcp_nodelay {{ nginx_tcp_nodelay }};
+
+ keepalive_timeout {{ nginx_keepalive_timeout }};
+ keepalive_requests {{ nginx_keepalive_requests }};
+
+ gzip on;
+
+{% if nginx_proxy_cache_path %}
+ proxy_cache_path {{ nginx_proxy_cache_path }};
+{% endif %}
+
+{% if nginx_extra_http_options %}
+ {{ nginx_extra_http_options }}
+{% endif %}
+
+{% for upstream in nginx_upstreams %}
+ upstream {{ upstream.name }} {
+{% if upstream.strategy is defined %}
+ {{ upstream.strategy }};
+{% endif %}
+{% for server in upstream.servers %}
+ server {{ server }};
+{% endfor %}
+ }
+{% endfor %}
+
+ include {{ nginx_conf_path }}/*.conf;
+{% if nginx_conf_path != nginx_vhost_path %}
+ include {{ nginx_vhost_path }}/*;
+{% endif %}
+}
diff --git a/templates/nginx.repo.j2 b/templates/nginx.repo.j2
new file mode 100755
index 0000000..9a853b7
--- /dev/null
+++ b/templates/nginx.repo.j2
@@ -0,0 +1,5 @@
+[nginx]
+name=nginx repo
+baseurl=http://nginx.org/packages/centos/{{ ansible_distribution_major_version }}/$basearch/
+gpgcheck=0
+enabled=1
diff --git a/templates/vhosts.j2 b/templates/vhosts.j2
new file mode 100755
index 0000000..20bcf6f
--- /dev/null
+++ b/templates/vhosts.j2
@@ -0,0 +1,33 @@
+{% for vhost in nginx_vhosts %}
+server {
+ listen {{ vhost.listen | default('80') }};
+
+ {% if vhost.server_name is defined %}
+ server_name {{ vhost.server_name }};
+ {% endif %}
+
+ {% if vhost.root is defined %}
+ root {{ vhost.root }};
+ {% endif %}
+
+ index {{ vhost.index | default('index.html index.htm') }};
+
+ {% if vhost.error_page is defined %}
+ error_page {{ vhost.error_page }};
+ {% endif %}
+ {% if vhost.access_log is defined %}
+ access_log {{ vhost.access_log }};
+ {% endif %}
+ {% if vhost.error_log is defined %}
+ error_log {{ vhost.error_log }} error;
+ {% endif %}
+
+ {% if vhost.return is defined %}
+ return {{ vhost.return }};
+ {% endif %}
+
+ {% if vhost.extra_parameters is defined %}
+ {{ vhost.extra_parameters }}
+ {% endif %}
+}
+{% endfor %}
diff --git a/tests/inventory b/tests/inventory
new file mode 100755
index 0000000..2fbb50c
--- /dev/null
+++ b/tests/inventory
@@ -0,0 +1 @@
+localhost
diff --git a/tests/test.yml b/tests/test.yml
new file mode 100755
index 0000000..5b55b97
--- /dev/null
+++ b/tests/test.yml
@@ -0,0 +1,6 @@
+---
+- hosts: localhost
+ remote_user: root
+ roles:
+ - role: ansible-role-nginx
+ nginx_use_ppa: true
diff --git a/vars/Debian.yml b/vars/Debian.yml
new file mode 100755
index 0000000..cb12770
--- /dev/null
+++ b/vars/Debian.yml
@@ -0,0 +1,9 @@
+---
+root_group: root
+nginx_conf_path: /etc/nginx/conf.d
+nginx_conf_file_path: /etc/nginx/nginx.conf
+nginx_mime_file_path: /etc/nginx/mime.types
+nginx_pidfile: /run/nginx.pid
+nginx_vhost_path: /etc/nginx/sites-enabled
+nginx_default_vhost_path: /etc/nginx/sites-enabled/default
+__nginx_user: "www-data"
diff --git a/vars/FreeBSD.yml b/vars/FreeBSD.yml
new file mode 100755
index 0000000..b032f98
--- /dev/null
+++ b/vars/FreeBSD.yml
@@ -0,0 +1,9 @@
+---
+root_group: wheel
+nginx_conf_path: /usr/local/etc/nginx/conf.d
+nginx_conf_file_path: /usr/local/etc/nginx/nginx.conf
+nginx_mime_file_path: /usr/local/etc/nginx/mime.types
+nginx_pidfile: /var/run/nginx.pid
+nginx_vhost_path: /usr/local/etc/nginx/sites-enabled
+nginx_default_vhost_path: /usr/local/etc/nginx/sites-enabled/default
+__nginx_user: "www"
diff --git a/vars/RedHat.yml b/vars/RedHat.yml
new file mode 100755
index 0000000..0138f8d
--- /dev/null
+++ b/vars/RedHat.yml
@@ -0,0 +1,9 @@
+---
+root_group: root
+nginx_conf_path: /etc/nginx/conf.d
+nginx_conf_file_path: /etc/nginx/nginx.conf
+nginx_mime_file_path: /etc/nginx/mime.types
+nginx_pidfile: /var/run/nginx.pid
+nginx_vhost_path: /etc/nginx/conf.d
+nginx_default_vhost_path: /etc/nginx/conf.d/default.conf
+__nginx_user: "nginx"