You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

109 lines
3.2 KiB

  1. ---
  2. - name: Manage nginx webserver
  3. collections: [ 'debops.debops', 'debops.roles01',
  4. 'debops.roles02', 'debops.roles03' ]
  5. hosts: [ 'debian10' ]
  6. become: True
  7. environment: '{{ inventory__environment | d({})
  8. | combine(inventory__group_environment | d({}))
  9. | combine(inventory__host_environment | d({})) }}'
  10. vars_files:
  11. - ./../vars/nginx.yml
  12. vars:
  13. nginx_acme: False
  14. nginx_http_extra_options: |
  15. client_max_body_size 100M;
  16. nginx_real_ip_from: ['172.16.30.0/24']
  17. nginx_default_keepalive_timeout: 65
  18. # nginx_webroot_create: False
  19. nginx_ocsp: False
  20. nginx_worker_processes: auto
  21. nginx__servers:
  22. - name: '{{ lxc_host }}'
  23. type: php
  24. root: '/var/www/{{ lxc_host }}'
  25. public_dir_name: ''
  26. include_files_begin: '{{ nginx_includes_begin }}'
  27. options: set $upstream unix:/run/php7.4-fpm-www-data.sock;
  28. location_list:
  29. - pattern: '/'
  30. options: rewrite ^/.*$ /index.php last;
  31. locations:
  32. - pattern: '~ ^/*.-backend/'
  33. options: set $upstream unix:/run/php7.4-fpm-backend.sock;
  34. - pattern: '~* ^(?!/index).*\.php$'
  35. options: return 403;
  36. php_options: |
  37. fastcgi_read_timeout 3000;
  38. php_upstream: $upstream
  39. #location ~ ^(?!.+\.php/)(?<script_name>.+\.php)$ {
  40. php_location_script_name: ~ ^(?<script_name>/index\.php)
  41. #location ~ ^(?<script_name>.+?\.php)(?<path_info>/.*)?$ {
  42. php_location_path_info: ~ ^(?<script_name>/index\.php)(?<path_info>/.*)?
  43. pre_tasks:
  44. - name: Set filtered includes
  45. set_fact:
  46. nginx_includes_begin: "{{ (nginx_includes_begin | default([])) | union([item]) }}"
  47. when: item != omit
  48. loop:
  49. - "{{ (nginx_www_redirect | default(False)) | ternary('includes.d/www.conf', omit) }}"
  50. - includes.d/octobercms.conf
  51. - includes.d/staticfiles.conf
  52. - name: Copy OctoberCMS nginx conf includes and www redirect
  53. copy:
  54. src: etc/nginx/includes.d
  55. dest: /etc/nginx/
  56. mode: 0644
  57. post_tasks:
  58. - name: Default index.html
  59. template:
  60. src: var/www/lxc_host/index.html.j2
  61. dest: '/var/www/{{ lxc_host }}/index.html'
  62. mode: 0644
  63. owner: '{{ lxc_host }}'
  64. - name: Copy normalized.css
  65. template:
  66. src: var/www/lxc_host/normalize.css
  67. dest: '/var/www/{{ lxc_host }}/'
  68. mode: 0644
  69. owner: '{{ lxc_host }}'
  70. roles:
  71. # - role: keyring
  72. # tags: [ 'role::keyring', 'skip::keyring', 'role::nginx' ]
  73. # keyring__dependent_apt_keys:
  74. # - '{{ nginx__keyring__dependent_apt_keys }}'
  75. #
  76. # - role: apt_preferences
  77. # tags: [ 'role::apt_preferences', 'skip::apt_preferences' ]
  78. # apt_preferences__dependent_list:
  79. # - '{{ nginx__apt_preferences__dependent_list }}'
  80. #
  81. # - role: python
  82. # tags: [ 'role::python', 'skip::python' ]
  83. # python__dependent_packages3:
  84. # - '{{ nginx__python__dependent_packages3 }}'
  85. # python__dependent_packages2:
  86. # - '{{ nginx__python__dependent_packages2 }}'
  87. - role: nginx
  88. tags: [ 'role::nginx', 'skip::nginx' ]