nginx: add vhost support to role
This commit is contained in:
@@ -9,6 +9,7 @@ nginx_service_enabled: yes
|
||||
nginx_etc_path: /etc/nginx
|
||||
nginx_conf_d_path: "{{ nginx_etc_path }}/conf.d"
|
||||
nginx_mime_types_path: "{{ nginx_etc_path }}/mime.types"
|
||||
nginx_var_log_path: /var/log/nginx
|
||||
|
||||
nginx_user: nginx
|
||||
nginx_worker_processes: auto
|
||||
@@ -31,3 +32,4 @@ nginx_acme_challenge_enabled: yes
|
||||
nginx_acme_challenge_path: /var/www/.acme-challenge
|
||||
|
||||
nginx_conf_d: {}
|
||||
nginx_vhosts: []
|
||||
|
||||
@@ -45,6 +45,10 @@
|
||||
mode: 0644
|
||||
notify: reload nginx
|
||||
|
||||
- name: configure virtual hosts
|
||||
include_tasks: vhost.yaml
|
||||
loop: "{{ nginx_vhosts | dict2items }}"
|
||||
|
||||
- name: manage service
|
||||
service:
|
||||
name: "{{ nginx_service_name }}"
|
||||
|
||||
20
roles/nginx/tasks/vhost.yaml
Normal file
20
roles/nginx/tasks/vhost.yaml
Normal file
@@ -0,0 +1,20 @@
|
||||
---
|
||||
- name: configure virtual hosts
|
||||
block:
|
||||
- name: create webroot
|
||||
file:
|
||||
path: "{{ vhost.root }}"
|
||||
state: directory
|
||||
loop: "{{ item.value }}"
|
||||
loop_control:
|
||||
loop_var: vhost
|
||||
|
||||
- name: configure virtual host
|
||||
template:
|
||||
src: vhost.conf.j2
|
||||
dest: "{{ nginx_conf_d_path }}/{{ item.key }}.conf"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0444
|
||||
notify: reload nginx
|
||||
loop: "{{ nginx_vhosts | dict2items }}"
|
||||
@@ -16,8 +16,8 @@ http {
|
||||
include {{ nginx_mime_types_path }};
|
||||
default_type {{ nginx_default_type }};
|
||||
|
||||
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent "$http_referer" '
|
||||
log_format main '$server_name $remote_addr - $remote_user [$time_local] "$request" '
|
||||
'$status $body_bytes_sent $request_time "$http_referer" '
|
||||
'"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log {{ nginx_access_log }};
|
||||
|
||||
42
roles/nginx/templates/vhost.conf.j2
Normal file
42
roles/nginx/templates/vhost.conf.j2
Normal file
@@ -0,0 +1,42 @@
|
||||
# {{ ansible_managed }}
|
||||
|
||||
{% for vhost in item.value %}
|
||||
server {
|
||||
{% if vhost.listen is defined %}
|
||||
{% for listen in vhost.listen %}
|
||||
listen {{ listen }};
|
||||
{% endfor %}
|
||||
|
||||
{% if vhost.server_name is defined %}
|
||||
server_name {{ vhost.server_name }};
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
access_log {{ vhost.access_log | default(nginx_var_log_path + '/' + vhost.server_name + '.access.log main') }};
|
||||
error_log {{ vhost.error_log | default(nginx_var_log_path + '/' + vhost.server_name + '.error.log warn') }};
|
||||
|
||||
{% if vhost.root is defined %}
|
||||
root {{ vhost.root }};
|
||||
{% endif %}
|
||||
|
||||
index {{ vhost.index | default('index.html index.htm') }};
|
||||
|
||||
{% if vhost.ssl_certificate is defined %}
|
||||
ssl_certificate {{ vhost.ssl_certificate }};
|
||||
{% endif %}
|
||||
{% if vhost.ssl_certificate_key is defined %}
|
||||
ssl_certificate_key {{ vhost.ssl_certificate_key }};
|
||||
{% endif %}
|
||||
{% if vhost.ssl_dhparam is defined %}
|
||||
ssl_dhparam {{ vhost.ssl_dhparam }};
|
||||
{% endif %}
|
||||
|
||||
location /.well-known/acme-challenge/ {
|
||||
root {{ nginx_root }};
|
||||
try_files $uri =404;
|
||||
}
|
||||
|
||||
{% if vhost.raw is defined %}
|
||||
{{ vhost.raw | indent(4) }}
|
||||
{% endif %}
|
||||
}
|
||||
{% endfor %}
|
||||
Reference in New Issue
Block a user