--- - name: Manage nginx webserver collections: [ 'debops.debops', 'debops.roles01', 'debops.roles02', 'debops.roles03' ] hosts: [ 'debian10' ] become: True environment: '{{ inventory__environment | d({}) | combine(inventory__group_environment | d({})) | combine(inventory__host_environment | d({})) }}' vars_files: - ./../../vars/site.yml - ./../../vars/php.yml - ./../../vars/nginx.yml vars: nginx_acme: False nginx_http_extra_options: | client_max_body_size 100M; nginx_real_ip_from: ['172.16.30.0/24'] nginx_default_keepalive_timeout: 65 # nginx_webroot_create: False nginx_ocsp: False nginx_worker_processes: auto nginx_manage_ipv6only: False # TODO: Replace [::]:443 to 443 and [::]:80 to 80 in site nginx config nginx__servers: - name: '{{ domain_name }}' type: php root: '/var/www/{{ site_name }}' public_dir_name: '' include_files_begin: '{{ nginx_includes_begin }}' options: 'set $upstream unix:/run/{{ php__version_preference[0] }}-fpm-www-data.sock;' location_list: - pattern: '/' locations: - pattern: '~ ^/*.-backend/' options: 'set $upstream unix:/run/{{ php__version_preference[0] }}-fpm-backend.sock;' options: try_files /index.html @october; - pattern: '@october' options: rewrite ^/.*$ /index.php last; - pattern: '~* ^(?!/index).*\.php$' options: return 403; php_options: | fastcgi_read_timeout 3000; php_upstream: $upstream #location ~ ^(?!.+\.php/)(?.+\.php)$ { php_location_script_name: ~ ^(?/index\.php) #location ~ ^(?.+?\.php)(?/.*)?$ { php_location_path_info: ~ ^(?/index\.php)(?/.*)? pre_tasks: - name: Set filtered includes set_fact: nginx_includes_begin: "{{ (nginx_includes_begin | default([])) | union([item]) }}" when: item != omit loop: - "{{ (nginx_www_domain and nginx_www_redirect == 'www') | ternary('includes.d/www.conf', omit) }}" - "{{ (nginx_www_domain and nginx_www_redirect == 'non-www') | ternary('includes.d/non-www.conf', omit) }}" - includes.d/octobercms.conf - includes.d/staticfiles.conf - name: Copy OctoberCMS nginx conf includes and www redirect copy: src: etc/nginx/includes.d dest: /etc/nginx/ mode: 0644 - name: Copy map config for www/non-www redirects copy: src: etc/nginx/conf.d/map_tld_domain.conf dest: /etc/nginx/conf.d/ mode: 0644 post_tasks: - name: Default index.html template: src: var/www/site_name/index.html.j2 dest: '/var/www/{{ site_name }}/index.html' mode: 0644 owner: '{{ site_name }}' - name: Copy normalized.css template: src: var/www/site_name/normalize.css dest: '/var/www/{{ site_name }}/' mode: 0644 owner: '{{ site_name }}' roles: # - role: keyring # tags: [ 'role::keyring', 'skip::keyring', 'role::nginx' ] # keyring__dependent_apt_keys: # - '{{ nginx__keyring__dependent_apt_keys }}' # # - role: apt_preferences # tags: [ 'role::apt_preferences', 'skip::apt_preferences' ] # apt_preferences__dependent_list: # - '{{ nginx__apt_preferences__dependent_list }}' # # - role: python # tags: [ 'role::python', 'skip::python' ] # python__dependent_packages3: # - '{{ nginx__python__dependent_packages3 }}' # python__dependent_packages2: # - '{{ nginx__python__dependent_packages2 }}' - role: nginx tags: [ 'role::nginx', 'skip::nginx' ]