Implement configure-webproxy for setting up basic nginx server
Fix init playbook Add nginx config Fix networkd install on fedora
This commit is contained in:
parent
1e1d4d75a0
commit
ae0be16dd6
@ -1,37 +1,28 @@
|
||||
---
|
||||
# TBW
|
||||
- import_playbook: initialize.yml
|
||||
|
||||
# - name: Install Nginx
|
||||
# hosts: jupiter
|
||||
# handlers:
|
||||
# - name: restart_nginx
|
||||
# become: true
|
||||
# systemd:
|
||||
# name: nginx
|
||||
# state: restarted
|
||||
# tasks:
|
||||
# - name: Install nginx and certbot
|
||||
# become: true
|
||||
# dnf:
|
||||
# name:
|
||||
# - nginx
|
||||
# - certbot
|
||||
# - python3-certbot-nginx
|
||||
# state: present
|
||||
#
|
||||
# - name: Enable and start nginx
|
||||
# become: true
|
||||
# systemd:
|
||||
# name: nginx
|
||||
# state: started
|
||||
# enabled: true
|
||||
#
|
||||
# - name: Install configuration
|
||||
# become: true
|
||||
# copy:
|
||||
# src: nginx.conf
|
||||
# dest: /etc/nginx/nginx.conf
|
||||
# notify:
|
||||
# - restart_nginx
|
||||
#
|
||||
# # sudo setsebool -P httpd_can_network_connect on
|
||||
|
||||
- name: Install Nginx
|
||||
hosts: jupiter
|
||||
handlers:
|
||||
- name: restart-nginx
|
||||
import_tasks: tasks/nginx/services.yml
|
||||
tasks:
|
||||
- import_tasks: tasks/nginx/install.yml
|
||||
|
||||
- name: Install configuration
|
||||
become: true
|
||||
copy:
|
||||
src: nginx.conf
|
||||
dest: /etc/nginx/nginx.conf
|
||||
notify:
|
||||
- restart-nginx
|
||||
|
||||
- name: Set required SELinux options
|
||||
become: true
|
||||
seboolean:
|
||||
name: httpd_can_network_connect
|
||||
persistent: true
|
||||
state: true
|
||||
notify:
|
||||
- restart-nginx
|
||||
|
@ -1,7 +1,6 @@
|
||||
---
|
||||
- name: Bootstrap remote ansible environment
|
||||
hosts: all
|
||||
|
||||
tags:
|
||||
- always
|
||||
vars:
|
||||
@ -39,16 +38,6 @@
|
||||
cmd: "{{ ansible_python_interpreter }} -m venv {{ omni_ansible_venv }} --system-site-packages"
|
||||
creates: "{{ omni_ansible_venv }}/bin/python"
|
||||
|
||||
# - name: Assign ownership of the virtualenv to ansible
|
||||
# become: true
|
||||
# file:
|
||||
# path: "{{ omni_ansible_venv }}"
|
||||
# state: directory
|
||||
# owner: "{{ ansible_user }}"
|
||||
# group: "{{ ansible_user }}"
|
||||
# mode: 0755
|
||||
# follow: false
|
||||
|
||||
- name: Generate remote requirements file locally
|
||||
delegate_to: 127.0.0.1
|
||||
command:
|
||||
|
37
resources/nginx.conf
Normal file
37
resources/nginx.conf
Normal file
@ -0,0 +1,37 @@
|
||||
# Ansible managed file
|
||||
# DO NOT MANUALLY EDIT
|
||||
#
|
||||
user nginx;
|
||||
worker_processes auto;
|
||||
error_log /var/log/nginx/error.log;
|
||||
pid /run/nginx.pid;
|
||||
|
||||
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
|
||||
include /usr/share/nginx/modules/*.conf;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
|
||||
http {
|
||||
log_format main '$time_local $remote_addr[$status] - $remote_addr($remote_user) - $body_bytes_sent - "$request" "$http_referer" "$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
access_log /var/log/nginx/access.log main;
|
||||
|
||||
sendfile on;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
keepalive_timeout 65;
|
||||
types_hash_max_size 2048;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
# Load modular configuration files from the /etc/nginx/conf.d directory.
|
||||
# See http://nginx.org/en/docs/ngx_core_module.html#include
|
||||
# for more information.
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
|
||||
}
|
||||
#
|
||||
# EOF
|
@ -17,7 +17,7 @@
|
||||
|
||||
|
||||
- name: Install systemd-networkd on Fedora
|
||||
when: ansible_distribution == "Fedora" and ansible_distribution_major_version == "8"
|
||||
when: ansible_distribution == "Fedora"
|
||||
become: true
|
||||
dnf:
|
||||
state: "{{ _runtime_update_state }}"
|
||||
|
36
tasks/nginx/install.yml
Normal file
36
tasks/nginx/install.yml
Normal file
@ -0,0 +1,36 @@
|
||||
---
|
||||
- name: Install Nginx and CertBot on CentOS 8 and Fedora
|
||||
when: >-
|
||||
(ansible_distribution == "CentOS" and ansible_distribution_major_version == "8")
|
||||
or
|
||||
ansible_distribution == "Fedora"
|
||||
become: true
|
||||
dnf:
|
||||
state: "{{ _runtime_update_state }}"
|
||||
name:
|
||||
- nginx
|
||||
- certbot
|
||||
- python3-certbot-nginx
|
||||
notify:
|
||||
- restart-nginx
|
||||
|
||||
- name: Install Nginx and CertBot on CentOS 7
|
||||
when: ansible_distribution == "CentOS" and ansible_distribution_major_version == "7"
|
||||
become: true
|
||||
yum:
|
||||
state: "{{ _runtime_update_state }}"
|
||||
name:
|
||||
- nginx
|
||||
- certbot
|
||||
- python-certbot-nginx
|
||||
notify:
|
||||
- restart-nginx
|
||||
|
||||
#
|
||||
# - name: Install configuration
|
||||
# become: true
|
||||
# copy:
|
||||
# src: nginx.conf
|
||||
# dest: /etc/nginx/nginx.conf
|
||||
# notify:
|
||||
# - restart_nginx
|
7
tasks/nginx/services.yml
Normal file
7
tasks/nginx/services.yml
Normal file
@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: Restart nginx
|
||||
become: true
|
||||
systemd:
|
||||
name: nginx
|
||||
state: restarted
|
||||
enabled: true
|
Reference in New Issue
Block a user