--- - name: Install NGINX apt: update_cache: true name: nginx register: apt_result retries: 3 until: apt_result is succeeded - name: Copy proxypass snippets template: src: "nginx/snippets/options-proxypass.conf.j2" dest: "/etc/nginx/snippets/options-proxypass.conf" owner: root group: root mode: 0644 - name: Copy SSL snippets template: src: "nginx/snippets/options-ssl.conf.j2" dest: "/etc/nginx/snippets/options-ssl.{{ item.name }}.conf" owner: root group: root mode: 0644 loop: "{{ nginx.ssl }}" - name: Disable default site file: dest: "/etc/nginx/sites-enabled/default" state: absent - name: Add 'extended' log format template: src: nginx/conf.d/extended_log.conf.j2 dest: /etc/nginx/conf.d/extended_log.conf owner: root group: root mode: 0644 notify: Reload nginx - name: Add syslog snippet template: src: nginx/snippets/syslog.conf.j2 dest: /etc/nginx/snippets/syslog.conf owner: root group: root mode: 0644 notify: Reload nginx - name: Copy reverse proxy sites when: reverseproxy is defined template: src: "nginx/sites-available/{{ item }}.j2" dest: "/etc/nginx/sites-available/{{ item }}" owner: root group: root mode: 0644 loop: - reverseproxy - reverseproxy_redirect_dname - redirect notify: Reload nginx - name: Activate reverse proxy sites when: reverseproxy is defined file: src: "/etc/nginx/sites-available/{{ item }}" dest: "/etc/nginx/sites-enabled/{{ item }}" owner: root group: root state: link loop: - reverseproxy - reverseproxy_redirect_dname - redirect notify: Reload nginx ignore_errors: "{{ ansible_check_mode }}" - name: Copy forward modules when: reverseproxy.redirect_tcp is defined and reverseproxy.redirect_tcp|length > 0 template: src: "nginx/modules-available/60-forward.conf.j2" dest: "/etc/nginx/modules-available/60-forward.conf" mode: 0644 notify: Reload nginx - name: Activate modules when: reverseproxy.redirect_tcp is defined and reverseproxy.redirect_tcp|length > 0 file: src: "/etc/nginx/modules-available/60-forward.conf" dest: "/etc/nginx/modules-enabled/60-forward.conf" state: link mode: 0644 notify: Reload nginx ignore_errors: "{{ ansible_check_mode }}" - name: Copy service nginx configuration when: nginx.servers is defined and nginx.servers|length > 0 template: src: "nginx/sites-available/service.j2" dest: "/etc/nginx/sites-available/{{ nginx.service_name }}" owner: root group: root mode: 0644 notify: Reload nginx - name: Activate local nginx service site when: nginx.servers is defined and nginx.servers|length > 0 file: src: "/etc/nginx/sites-available/{{ nginx.service_name }}" dest: "/etc/nginx/sites-enabled/{{ nginx.service_name }}" owner: root group: root state: link notify: Reload nginx ignore_errors: "{{ ansible_check_mode }}" - name: Copy 50x error page template: src: www/html/50x.html.j2 dest: /var/www/html/50x.html owner: www-data group: www-data mode: 0644 - name: Copy robots.txt file when: nginx.deploy_robots_file template: src: www/html/robots.txt.j2 dest: /var/www/html/robots.txt owner: www-data group: www-data mode: 0644 - name: Install passwords when: nginx.auth_passwd|length > 0 template: src: nginx/passwd.j2 dest: /etc/nginx/passwd mode: 0644 - name: Copy 401 error page when: nginx.auth_passwd|length > 0 template: src: www/html/401.html.j2 dest: /var/www/html/401.html owner: www-data group: www-data mode: 0644 - include_role: name: update_motd vars: motd_messages: - key: 10-nginx message: >- NGinx est installé sur ce serveur. Voir /etc/nginx. - name: Clean old files file: path: "{{ item }}" state: absent loop: - "/etc/nginx/snippets/options-ssl.conf" - "/var/www/custom_401.html" - "/var/www/robots.txt" ...