Skip to content

Latest commit

 

History

History
152 lines (122 loc) · 3.62 KB

README.md

File metadata and controls

152 lines (122 loc) · 3.62 KB

Nginx

Ansible Galaxy

Installs the Nginx webserver with the possibility to let Ansible manage the sites, modules, docroots etc.

Installation

This role requires at least Ansible v1.9. To install it, run:

ansible-galaxy install DimitriSteyaert/nginx

Role variables

List of default variables available in the inventory:

---
nginx_version: latest
nginx_state: present
nginx_purge: no
nginx_manage: true
nginx_config_dirs:
  - conf.d
  - modules-available
  - modules-enabled
  - sites-available
  - sites-enabled

# General Nginx configuration parameters
nginx_user: www-data
nginx_worker_connections: 768

# General http settings
nginx_server_tokens: 'off'
nginx_ssl_protocols:
  - TLSv1
  - TLSv1.1
  - TLSv1.2
nginx_ssl_ciphers:
  - 'HIGH'
  - '!aNULL'
  - '!MD5 or HIGH'
  - '!aNULL'
  - '!MD5'
  - '!3DES'

# Manage the modules
nginx_remove_default_modules: true
nginx_modules_default:
  - 50-mod-http-auth-pam
  - 50-mod-http-geoip
  - 50-mod-http-image-filter
  - 50-mod-http-xslt-filter
  - 50-mod-mail
  - 50-mod-stream
nginx_modules_available:
  - mod-http-auth-pam
  - mod-http-geoip
  - mod-http-image-filter
  - mod-http-xslt-filter
  - mod-mail
  - mod-stream
nginx_modules_enabled: []
nginx_modules_disabled: []

# Additional configuration blocks
nginx_extra_confd: []
nginx_extra_confd_remove: []

# Manage the sites
nginx_remove_default_site: true
nginx_sites_folder: '/var/www/sites'
nginx_sites: []

Detailed usage guide

By default the latest stable release is installed from the Dotdeb repository, being 1.10 but you can define other versions by defining the nginx_version parameter with eg 1.8.1-1~dotdeb+8.1. By default this role manages the entire Nginx config including sites-enabled, conf.d, mods-enabled en docroots.

Examples

This is a basic playbook to install Nginx with the default variables:

---
- hosts: all
  roles:
    - nginx

You can follow the next example to define a website and let it parse its .php files by PHP-FPM (which is ideally configured by DimitriSteyaert/php-fpm ^^):

nginx_sites:
  - id: example.org
    name: example.org
    default_server: true
    aliases:
      - www.example.org
    state: present
    create_webroot: yes
    webroot: current
    user: exampleorg
    group: www-data
    index_files:
      - index.php
      - index.html
    locations:
      - match: '\.php$'
        modifier: '~'
        settings: |
          try_files $uri =404;
              fastcgi_pass unix:/var/run/php/php7.0-fpm_exampleorg.sock;
              fastcgi_index index.php;
              fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
              fastcgi_param PATH_INFO $fastcgi_script_name;
              include /etc/nginx/fastcgi_params;

And there even more parameters you can pass to nginx_sites that are not visible in this example such as:

nginx_sites:
  ssl:
    port: 443
    cert_name: /location/to/ssl.crt
    key_name: /location/to/ssl.key
    http2: true
  rewrite:
    match: match_value
    replace: replace_value
    flags: flags_value
    return: return_value
  extra_block: you can dump any config here as long as it works for Nginx

Authors and license

The nginx role was written by:

License: MIT


README generated by Ansigenome.