Alan Orth
6de385021d
There are currently no nginx.org builds for Debian 9, so we need to use the package from Debian's repository. This package provides a www-data user and group instead of an nginx one. We can revert some of this after Debian 9 is released and official builds come from nginx.org (though it might be useful to keep the main nginx.conf as a template).
73 lines
2.3 KiB
YAML
73 lines
2.3 KiB
YAML
---
|
|
# There is no nginx.org build for Debian 9 (stretch) yet, so we will use the
|
|
# builds in Debian's own repositories for now. This creates a few problems
|
|
# in this playbook, and we need to remember to undo these workarounds when
|
|
# the Debian stretch builds become available.
|
|
#
|
|
# See: https://nginx.org/packages/mainline/debian/dists/
|
|
|
|
- name: Add nginx.org apt signing key
|
|
when: ansible_distribution_major_version | version_compare('9', '!=')
|
|
apt_key: id=0x573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62 url=https://nginx.org/keys/nginx_signing.key state=present
|
|
tags: nginx, packages
|
|
|
|
- name: Add nginx.org repo
|
|
when: ansible_distribution_major_version | version_compare('9', '!=')
|
|
template: src=nginx_org_sources.list.j2 dest=/etc/apt/sources.list.d/nginx_org_sources.list owner=root group=root mode=0644
|
|
tags: nginx, packages
|
|
|
|
- name: Install nginx
|
|
apt: pkg=nginx update_cache=yes state=latest
|
|
tags: nginx, packages
|
|
|
|
- name: Copy nginx.conf
|
|
template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf mode=0644 owner=root group=root
|
|
notify:
|
|
- reload nginx
|
|
tags: nginx
|
|
|
|
- name: Copy extra nginx configs
|
|
copy: src={{ item }} dest=/etc/nginx/{{ item }} mode=0644 owner=root group=root
|
|
with_items:
|
|
- extra-security.conf
|
|
- fastcgi_cache
|
|
notify:
|
|
- reload nginx
|
|
tags: nginx
|
|
|
|
- name: Remove default nginx vhost
|
|
file: path=/etc/nginx/conf.d/default.conf state=absent
|
|
tags: nginx
|
|
|
|
- name: Create fastcgi cache dir
|
|
when: ansible_distribution_major_version | version_compare('9', '!=')
|
|
file: path=/var/cache/nginx/cached/fastcgi state=directory owner=nginx group=nginx mode=0755
|
|
tags: nginx
|
|
|
|
- name: Create fastcgi cache dir
|
|
when: ansible_distribution_major_version | version_compare('9', '==')
|
|
file: path=/var/cache/nginx/cached/fastcgi state=directory owner=www-data group=www-data mode=0755
|
|
tags: nginx
|
|
|
|
- include: vhosts.yml
|
|
when: nginx_vhosts is defined
|
|
tags: nginx
|
|
|
|
- name: Configure blank nginx vhost
|
|
template: src=blank-vhost.conf.j2 dest={{ nginx_confd_path }}/blank-vhost.conf mode=0644 owner=root group=root
|
|
notify:
|
|
- reload nginx
|
|
tags: nginx
|
|
|
|
- name: Configure munin vhost
|
|
copy: src=munin.conf dest=/etc/nginx/conf.d/munin.conf mode=0644 owner=root group=root
|
|
notify:
|
|
- reload nginx
|
|
tags: nginx
|
|
|
|
- name: Start and enable nginx service
|
|
service: name=nginx state=started enabled=yes
|
|
tags: nginx
|
|
|
|
# vim: set ts=2 sw=2:
|