You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
124 lines
3.9 KiB
124 lines
3.9 KiB
---
|
|
|
|
- name: Manage nginx webserver
|
|
collections: [ 'debops.debops', 'debops.roles01',
|
|
'debops.roles02', 'debops.roles03' ]
|
|
hosts: [ 'debian10' ]
|
|
become: True
|
|
|
|
environment: '{{ inventory__environment | d({})
|
|
| combine(inventory__group_environment | d({}))
|
|
| combine(inventory__host_environment | d({})) }}'
|
|
|
|
vars_files:
|
|
- ./../../vars/site.yml
|
|
- ./../../vars/php.yml
|
|
- ./../../vars/nginx.yml
|
|
|
|
vars:
|
|
nginx_acme: False
|
|
nginx_http_extra_options: |
|
|
client_max_body_size 100M;
|
|
nginx_real_ip_from: ['172.16.30.0/24']
|
|
nginx_default_keepalive_timeout: 65
|
|
# nginx_webroot_create: False
|
|
nginx_ocsp: False
|
|
nginx_worker_processes: auto
|
|
nginx_manage_ipv6only: False
|
|
# TODO: Replace [::]:443 to 443 and [::]:80 to 80 in site nginx config
|
|
nginx__servers:
|
|
- name: '{{ domain_name }}'
|
|
|
|
type: php
|
|
|
|
root: '/var/www/{{ site_name }}'
|
|
|
|
public_dir_name: ''
|
|
|
|
include_files_begin: '{{ nginx_includes_begin }}'
|
|
|
|
options: 'set $upstream unix:/run/{{ php__version_preference[0] }}-fpm-www-data.sock;'
|
|
|
|
location_list:
|
|
- pattern: '/'
|
|
locations:
|
|
- pattern: '~ ^/.*-backend/'
|
|
options: |
|
|
try_files /index.html @october
|
|
set $upstream unix:/run/{{ php__version_preference[0] }}-fpm-backend.sock
|
|
client_max_body_size 1000M
|
|
options: try_files /index.html @october;
|
|
- pattern: '@october'
|
|
options: rewrite ^/.*$ /index.php last;
|
|
- pattern: '~* ^(?!/index).*\.php$'
|
|
options: return 403;
|
|
|
|
php_options: |
|
|
fastcgi_read_timeout 3000;
|
|
php_upstream: $upstream
|
|
|
|
#location ~ ^(?!.+\.php/)(?<script_name>.+\.php)$ {
|
|
php_location_script_name: ~ ^(?<script_name>/index\.php)
|
|
|
|
#location ~ ^(?<script_name>.+?\.php)(?<path_info>/.*)?$ {
|
|
php_location_path_info: ~ ^(?<script_name>/index\.php)(?<path_info>/.*)?
|
|
|
|
pre_tasks:
|
|
- name: Set filtered includes
|
|
set_fact:
|
|
nginx_includes_begin: "{{ (nginx_includes_begin | default([])) | union([item]) }}"
|
|
when: item != omit
|
|
loop:
|
|
- "{{ (nginx_www_domain and nginx_www_redirect == 'www') | ternary('includes.d/www.conf', omit) }}"
|
|
- "{{ (nginx_www_domain and nginx_www_redirect == 'non-www') | ternary('includes.d/non-www.conf', omit) }}"
|
|
- includes.d/octobercms.conf
|
|
- includes.d/staticfiles.conf
|
|
|
|
- name: Copy OctoberCMS nginx conf includes and www redirect
|
|
copy:
|
|
src: etc/nginx/includes.d
|
|
dest: /etc/nginx/
|
|
mode: 0644
|
|
|
|
- name: Copy map config for www/non-www redirects
|
|
copy:
|
|
src: etc/nginx/conf.d/map_tld_domain.conf
|
|
dest: /etc/nginx/conf.d/
|
|
mode: 0644
|
|
|
|
post_tasks:
|
|
- name: Default index.html
|
|
template:
|
|
src: var/www/site_name/index.html.j2
|
|
dest: '/var/www/{{ site_name }}/index.html'
|
|
mode: 0644
|
|
owner: '{{ site_name }}'
|
|
|
|
- name: Copy normalized.css
|
|
template:
|
|
src: var/www/site_name/normalize.css
|
|
dest: '/var/www/{{ site_name }}/'
|
|
mode: 0644
|
|
owner: '{{ site_name }}'
|
|
|
|
roles:
|
|
|
|
# - role: keyring
|
|
# tags: [ 'role::keyring', 'skip::keyring', 'role::nginx' ]
|
|
# keyring__dependent_apt_keys:
|
|
# - '{{ nginx__keyring__dependent_apt_keys }}'
|
|
#
|
|
# - role: apt_preferences
|
|
# tags: [ 'role::apt_preferences', 'skip::apt_preferences' ]
|
|
# apt_preferences__dependent_list:
|
|
# - '{{ nginx__apt_preferences__dependent_list }}'
|
|
#
|
|
# - role: python
|
|
# tags: [ 'role::python', 'skip::python' ]
|
|
# python__dependent_packages3:
|
|
# - '{{ nginx__python__dependent_packages3 }}'
|
|
# python__dependent_packages2:
|
|
# - '{{ nginx__python__dependent_packages2 }}'
|
|
|
|
- role: nginx
|
|
tags: [ 'role::nginx', 'skip::nginx' ]
|