Nginx

Installs the Nginx webserver with the possibility to let Ansible manage the sites, modules, docroots etc.

Installation

This role requires at least Ansible v1.9. To install it, run:

ansible-galaxy install DimitriSteyaert/nginx

Role variables

List of default variables available in the inventory:

---
nginx_version: latest
nginx_state: present
nginx_purge: no
nginx_manage: true
nginx_config_dirs:
  - conf.d
  - modules-available
  - modules-enabled
  - sites-available
  - sites-enabled

# General Nginx configuration parameters
nginx_user: www-data
nginx_worker_connections: 768

# General http settings
nginx_server_tokens: 'off'
nginx_ssl_protocols:
  - TLSv1
  - TLSv1.1
  - TLSv1.2
nginx_ssl_ciphers:
  - 'HIGH'
  - '!aNULL'
  - '!MD5 or HIGH'
  - '!aNULL'
  - '!MD5'
  - '!3DES'

# Manage the modules
nginx_remove_default_modules: true
nginx_modules_default:
  - 50-mod-http-auth-pam
  - 50-mod-http-geoip
  - 50-mod-http-image-filter
  - 50-mod-http-xslt-filter
  - 50-mod-mail
  - 50-mod-stream
nginx_modules_available:
  - mod-http-auth-pam
  - mod-http-geoip
  - mod-http-image-filter
  - mod-http-xslt-filter
  - mod-mail
  - mod-stream
nginx_modules_enabled: []
nginx_modules_disabled: []

# Additional configuration blocks
nginx_extra_confd: []
nginx_extra_confd_remove: []

# Manage the sites
nginx_remove_default_site: true
nginx_sites_folder: '/var/www/sites'
nginx_sites: []

Detailed usage guide

By default the latest stable release is installed from the Dotdeb repository, being 1.10 but you can define other versions by defining the nginx_version parameter with eg 1.8.1-1~dotdeb+8.1. By default this role manages the entire Nginx config including sites-enabled, conf.d, mods-enabled en docroots.

Examples

This is a basic playbook to install Nginx with the default variables:

---
- hosts: all
  roles:
    - nginx

You can follow the next example to define a website and let it parse its .php files by PHP-FPM (which is ideally configured by DimitriSteyaert/php-fpm ^^):

nginx_sites:
  - id: example.org
    name: example.org
    default_server: true
    aliases:
      - www.example.org
    state: present
    create_webroot: yes
    webroot: current
    user: exampleorg
    group: www-data
    index_files:
      - index.php
      - index.html
    locations:
      - match: '\.php$'
        modifier: '~'
        settings: |
          try_files $uri =404;
              fastcgi_pass unix:/var/run/php/php7.0-fpm_exampleorg.sock;
              fastcgi_index index.php;
              fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
              fastcgi_param PATH_INFO $fastcgi_script_name;
              include /etc/nginx/fastcgi_params;

And there even more parameters you can pass to nginx_sites that are not visible in this example such as:

nginx_sites:
  ssl:
    port: 443
    cert_name: /location/to/ssl.crt
    key_name: /location/to/ssl.key
    http2: true
  rewrite:
    match: match_value
    replace: replace_value
    flags: flags_value
    return: return_value
  extra_block: you can dump any config here as long as it works for Nginx

Authors and license

The nginx role was written by:

• Dimitri Steyaert | e-mail | Twitter

License: MIT

---

README generated by Ansigenome.