diff options
| author | Thedro Neely <thedroneely@gmail.com> | 2020-01-17 22:34:09 -0500 |
|---|---|---|
| committer | Thedro Neely <thedroneely@gmail.com> | 2020-01-17 22:34:09 -0500 |
| commit | 8a75c065b4a432511c052e87b81f2b6939e39332 (patch) | |
| tree | dfb35b4fa2f990c2fb24bdbe6ec1198b4b84d9e9 /roles/nginx | |
| parent | cdf16b043c0b8f293a32581dc24c1f156a26d028 (diff) | |
| download | playbooks-8a75c065b4a432511c052e87b81f2b6939e39332.tar.gz playbooks-8a75c065b4a432511c052e87b81f2b6939e39332.tar.bz2 playbooks-8a75c065b4a432511c052e87b81f2b6939e39332.zip | |
roles/nginx/main: Add nginx play
Diffstat (limited to 'roles/nginx')
| -rw-r--r-- | roles/nginx/main.yml | 112 |
1 files changed, 112 insertions, 0 deletions
diff --git a/roles/nginx/main.yml b/roles/nginx/main.yml new file mode 100644 index 0000000..2c9f3cc --- /dev/null +++ b/roles/nginx/main.yml @@ -0,0 +1,112 @@ +--- +# Target: alpine3.11 +- name: Install Nginx and Certbot + hosts: nginx + + vars: + user: nginx + home: "/etc/{{ user }}" + nginx_key: https://nginx.org/keys/nginx_signing.key + nginx_version: 1.16.1 + nginx_headers_version: 552e216a0da95c685d9db4f43e209c3f2a803e49 + brotli_version: e505dce68acc190cc5a1e780a3b0275e39f160ca + quiche_version: 3c75701c6fa5b29a9076d9f82251f5aeee2c7f79 + + tasks: + + - name: Ensuring group exists + group: + name: "{{ user }}" + state: present + + - name: Creating user and making home directory + user: + system: yes + state: present + name: "{{ user }}" + groups: "{{ user }}" + home: "{{ home }}" + + - name: Installing the required nginx dependencies + apk: + state: present + update_cache: yes + name: + - gcc + - libc-dev + - make + - openssl-dev + - pcre-dev + - zlib-dev + - linux-headers + - curl + - gnupg + - libxslt-dev + - gd-dev + - geoip-dev + - perl-dev + + - name: Installing the required brotli dependencies + apk: + state: present + update_cache: yes + name: + - autoconf + - libtool + - automake + - git + - g++ + - cmake + - go + - perl + - rust + - cargo + + - name: Cloning repositories + git: + repo: "{{ item.repo }}" + dest: "{{ item.dest }}" + version: "{{ item.version }}" + with_items: + - + repo: https://github.com/google/ngx_brotli.git + dest: /opt/nginx/brotli + version: "{{ brotli_version }}" + - + repo: https://github.com/openresty/headers-more-nginx-module.git + dest: /opt/nginx/nginx-headers + version: "{{ nginx_headers_version }}" + - + repo: https://github.com/cloudflare/quiche + dest: /opt/nginx/quiche + version: "{{ quiche_version }}" + + - name: Downloading nginx + get_url: + url: "{{ item.url }}" + dest: "{{ item.dest }}" + with_items: + - + url: https://nginx.org/download/nginx-{{ nginx_version }}.tar.gz + dest: /opt/nginx + - + url: https://nginx.org/download/nginx-{{ nginx_version }}.tar.gz.asc + dest: /opt/nginx + + - name: Importing keys + shell: | + curl -sSL "{{ nginx_key }}" | gpg --import - + touch .nginx-key-imported + args: + chdir: /opt/nginx + creates: .nginx-key-imported + + - name: Verifying application + shell: | + gpg --batch --verify nginx-"{{ nginx_version }}"-tar.gz nginx-"{{ nginx_version }}".tar.gz.asc + touch .nginx-"{{ nginx_version }}"-verified + args: + chdir: /opt/nginx + creates: .nginx-"{{ nginx_version }}"-verified + + |