]> git.somenet.org - root/pub/somesible.git/blob - roles/server/nginx/server/tasks/main.yml
SomeNet / public repos / root / pub / somesible.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[roles/server/nginx/server] install nginx server
[root/pub/somesible.git] / roles / server / nginx / server / tasks / main.yml
1 #####################################
2 ### someone's ansible provisioner ###
3 #####################################
4 # Part of: https://git.somenet.org/root/pub/somesible.git
5 # 2017-2026 by someone <someone@somenet.org>
6 #
7
8 - name: install web-server
9   apt:
10     pkg:
11     - nginx-full
12     - libwww-perl
13     state: present
14     policy_rc_d: 101
15   tags: "online"
16   ignore_errors: "{{ignore_online_errors | bool}}"
17
18
19 - name: copy nginx.conf
20   copy:
21     src: "{{item}}"
22     dest: "/etc/nginx/nginx.conf"
23     mode: 0644
24     owner: "root"
25     group: "root"
26   with_first_found:
27     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/nginx.conf"
28     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/nginx.conf"
29     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/nginx.conf"
30     - "default/nginx.conf"
31   notify: restart nginx.service
32
33
34 - name: copy default vhost
35   copy:
36     src: "{{item}}"
37     dest: "/etc/nginx/sites-enabled/000-default.vhost"
38     mode: 0644
39     owner: "root"
40     group: "root"
41   with_first_found:
42     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/000-default.vhost"
43     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/000-default.vhost"
44     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/000-default.vhost"
45     - "default/000-default.vhost"
46   register: temp_result
47
48
49 - name: enable and restart nginx.service when default vhost changes
50   systemd:
51     name: nginx.service
52     daemon_reload: yes
53     enabled: yes
54     state: restarted
55   when: temp_result.changed
56
57
58 - name: copy default robots.txt
59   copy:
60     src: "{{item}}"
61     dest: "/var/www/html/robots.txt"
62     mode: 0644
63     owner: "root"
64     group: "root"
65   with_first_found:
66     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/robots.txt"
67     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/robots.txt"
68     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/robots.txt"
69     - "default/robots.txt"
70   notify: restart nginx.service
71
72
73 - name: copy default maintenance.html
74   copy:
75     src: "{{item}}"
76     dest: "/var/www/maintenance.html.dis"
77     mode: 0644
78     owner: "root"
79     group: "root"
80   with_first_found:
81     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/maintenance.html"
82     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/maintenance.html"
83     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/maintenance.html"
84     - "default/maintenance.html"
85   notify: restart nginx.service
86
87
88 - name: fix permissions of /var/www/
89   file:
90     path: "/var/www/"
91     state: directory
92     mode: 0755
93     owner: "root"
94     group: "root"
95
96
97 - name: fix permissions of /var/www/html/
98   file:
99     path: "/var/www/html"
100     state: directory
101     mode: 0755
102     owner: "root"
103     group: "root"
104
105
106 - name: enable and start nginx.service
107   include_role: name="base/systemd/enable-and-start"
108   vars:
109     service_name: nginx.service
110
111
112 ###########
113 # AWSTATS #
114 ###########
115 - name: install awstats
116   apt:
117     pkg:
118     - fcgiwrap
119     - awstats
120     - geoip-database
121     - libgeo-ip-perl
122     - libnet-dns-perl
123     - libnet-ip-perl
124     state: present
125     policy_rc_d: 101
126   tags: "online"
127   ignore_errors: "{{ignore_online_errors | bool}}"
128
129
130 - name: remove broken awstats directory
131   file:
132     path: "/etc/logrotate.d/httpd-prerotate/awstats"
133     state: absent
134
135
136 - name: disable periodic update by cron
137   copy:
138     content: "# disabled by someone's ansible provisioner"
139     dest: "/etc/cron.d/awstats"
140     mode: 0640
141     owner: "root"
142     group: "root"
143
144
145 - name: copy awstats "default" vhost config
146   copy:
147     src: "{{item}}"
148     dest: "/etc/awstats/awstats.conf.local"
149     mode: 0644
150     owner: "root"
151     group: "root"
152   with_first_found:
153     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/awstats.conf.local"
154     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/awstats.conf.local"
155     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/awstats.conf.local"
156     - "default/awstats.conf.local"
157
158
159 - name: copy awstats logrotate script
160   copy:
161     src: "{{item}}"
162     dest: "/etc/logrotate.d/httpd-prerotate/awstats-logrotate-script"
163     mode: 0750
164     owner: "root"
165     group: "root"
166   with_first_found:
167     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/awstats-logrotate-script"
168     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/awstats-logrotate-script"
169     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/awstats-logrotate-script"
170     - "default/awstats-logrotate-script"
171
172
173 - name: nginx logrotate zzz config
174   copy:
175     src: "{{item}}"
176     dest: "/etc/logrotate.d/zzz_nginx"
177     mode: 0644
178     owner: "root"
179     group: "root"
180   with_first_found:
181     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/nginx.logrotate"
182     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/nginx.logrotate"
183     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/nginx.logrotate"
184     - "default/nginx.logrotate"
185
186
187 - name: nginx logrotate empty config
188   copy:
189     src: "{{item}}"
190     dest: "/etc/logrotate.d/nginx"
191     mode: 0644
192     owner: "root"
193     group: "root"
194   with_first_found:
195     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/nginx.empty.logrotate"
196     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/nginx.empty.logrotate"
197     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/nginx.empty.logrotate"
198     - "default/nginx.empty.logrotate"
199
200
201 - name: nginx-awstats pam.d config
202   copy:
203     src: "{{item}}"
204     dest: "/etc/pam.d/nginx-awstats"
205     mode: 0644
206     owner: "root"
207     group: "root"
208   with_first_found:
209     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/nginx-awstats.pam"
210     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/nginx-awstats.pam"
211     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/nginx-awstats.pam"
212     - "default/nginx-awstats.pam"
213
214
215 - name: enable and start fcgiwrap.socket
216   include_role: name="base/systemd/enable-and-start"
217   vars:
218     service_name: fcgiwrap.socket