diff --git a/provisioning/requirements.yml b/provisioning/requirements.yml index 7748257fb..fa1105477 100644 --- a/provisioning/requirements.yml +++ b/provisioning/requirements.yml @@ -39,7 +39,7 @@ roles: - name: geerlingguy.mysql version: 3.3.0 - name: geerlingguy.nginx - version: 2.8.0 + version: 3.0.0 - name: geerlingguy.nodejs version: 5.1.1 - name: geerlingguy.php diff --git a/provisioning/roles/geerlingguy.nginx/.ansible-lint b/provisioning/roles/geerlingguy.nginx/.ansible-lint new file mode 100644 index 000000000..acc82551f --- /dev/null +++ b/provisioning/roles/geerlingguy.nginx/.ansible-lint @@ -0,0 +1,3 @@ +skip_list: + - 'yaml' + - 'role-name' diff --git a/provisioning/roles/geerlingguy.nginx/.github/workflows/ci.yml b/provisioning/roles/geerlingguy.nginx/.github/workflows/ci.yml new file mode 100644 index 000000000..ff706f0f0 --- /dev/null +++ b/provisioning/roles/geerlingguy.nginx/.github/workflows/ci.yml @@ -0,0 +1,68 @@ +--- +name: CI +'on': + pull_request: + push: + branches: + - master + schedule: + - cron: "0 6 * * 3" + +defaults: + run: + working-directory: 'geerlingguy.nginx' + +jobs: + + lint: + name: Lint + runs-on: ubuntu-latest + steps: + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: 'geerlingguy.nginx' + + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: '3.x' + + - name: Install test dependencies. + run: pip3 install yamllint + + - name: Lint code. + run: | + yamllint . + + molecule: + name: Molecule + runs-on: ubuntu-latest + strategy: + matrix: + distro: + - centos8 + - ubuntu2004 + - ubuntu1804 + - debian10 + + steps: + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: 'geerlingguy.nginx' + + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: '3.x' + + - name: Install test dependencies. + run: pip3 install ansible molecule[docker] docker + + - name: Run Molecule tests. + run: molecule test + env: + PY_COLORS: '1' + ANSIBLE_FORCE_COLOR: '1' + MOLECULE_DISTRO: ${{ matrix.distro }} diff --git a/provisioning/roles/geerlingguy.nginx/.github/workflows/release.yml b/provisioning/roles/geerlingguy.nginx/.github/workflows/release.yml new file mode 100644 index 000000000..de16921ba --- /dev/null +++ b/provisioning/roles/geerlingguy.nginx/.github/workflows/release.yml @@ -0,0 +1,38 @@ +--- +# This workflow requires a GALAXY_API_KEY secret present in the GitHub +# repository or organization. +# +# See: https://github.com/marketplace/actions/publish-ansible-role-to-galaxy +# See: https://github.com/ansible/galaxy/issues/46 + +name: Release +'on': + push: + tags: + - '*' + +defaults: + run: + working-directory: 'geerlingguy.nginx' + +jobs: + + release: + name: Release + runs-on: ubuntu-latest + steps: + - name: Check out the codebase. + uses: actions/checkout@v2 + with: + path: 'geerlingguy.nginx' + + - name: Set up Python 3. + uses: actions/setup-python@v2 + with: + python-version: '3.x' + + - name: Install Ansible. + run: pip3 install ansible-base + + - name: Trigger a new import on Galaxy. + run: ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }} $(echo ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository }} | cut -d/ -f2) diff --git a/provisioning/roles/geerlingguy.nginx/.gitignore b/provisioning/roles/geerlingguy.nginx/.gitignore index f56f5b578..8840c8f02 100644 --- a/provisioning/roles/geerlingguy.nginx/.gitignore +++ b/provisioning/roles/geerlingguy.nginx/.gitignore @@ -1,3 +1,5 @@ *.retry */__pycache__ *.pyc +.cache + diff --git a/provisioning/roles/geerlingguy.nginx/.travis.yml b/provisioning/roles/geerlingguy.nginx/.travis.yml deleted file mode 100644 index 67fd08d80..000000000 --- a/provisioning/roles/geerlingguy.nginx/.travis.yml +++ /dev/null @@ -1,29 +0,0 @@ ---- -language: python -services: docker - -env: - global: - - ROLE_NAME: nginx - matrix: - - MOLECULE_DISTRO: centos8 - - MOLECULE_DISTRO: ubuntu2004 - - MOLECULE_DISTRO: ubuntu1804 - - MOLECULE_DISTRO: debian10 - -install: - # Install test dependencies. - - pip install molecule yamllint ansible-lint docker - -before_script: - # Use actual Ansible Galaxy role name for the project directory. - - cd ../ - - mv ansible-role-$ROLE_NAME geerlingguy.$ROLE_NAME - - cd geerlingguy.$ROLE_NAME - -script: - # Run tests. - - molecule test - -notifications: - webhooks: https://galaxy.ansible.com/api/v1/notifications/ diff --git a/provisioning/roles/geerlingguy.nginx/.yamllint b/provisioning/roles/geerlingguy.nginx/.yamllint index a3dbc38ee..f2033dd21 100644 --- a/provisioning/roles/geerlingguy.nginx/.yamllint +++ b/provisioning/roles/geerlingguy.nginx/.yamllint @@ -1,6 +1,11 @@ --- extends: default + rules: line-length: max: 120 level: warning + +ignore: | + .github/stale.yml + .travis.yml diff --git a/provisioning/roles/geerlingguy.nginx/README.md b/provisioning/roles/geerlingguy.nginx/README.md index e28557142..d418aaacf 100644 --- a/provisioning/roles/geerlingguy.nginx/README.md +++ b/provisioning/roles/geerlingguy.nginx/README.md @@ -1,6 +1,6 @@ # Ansible Role: Nginx -[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-nginx.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-nginx) +[![CI](https://github.com/geerlingguy/ansible-role-nginx/workflows/CI/badge.svg?event=push)](https://github.com/geerlingguy/ansible-role-nginx/actions?query=workflow%3ACI) **Note:** Please consider using the official [NGINX Ansible role](https://github.com/nginxinc/ansible-role-nginx) from NGINX, Inc. @@ -16,6 +16,11 @@ None. Available variables are listed below, along with default values (see `defaults/main.yml`): + + nginx_listen_ipv6: true + +Whether or not to listen on IPv6 (applied to all vhosts managed by this role). + nginx_vhosts: [] A list of vhost definitions (server blocks) for Nginx virtual hosts. Each entry will create a separate config file named by `server_name`. If left empty, you will need to supply your own virtual host configuration. See the commented example in `defaults/main.yml` for available server options. If you have a large number of customizations required for your server definition(s), you're likely better off managing the vhost configuration file yourself, leaving this variable set to `[]`. diff --git a/provisioning/roles/geerlingguy.nginx/defaults/main.yml b/provisioning/roles/geerlingguy.nginx/defaults/main.yml index 0509dbed5..fa4a15363 100644 --- a/provisioning/roles/geerlingguy.nginx/defaults/main.yml +++ b/provisioning/roles/geerlingguy.nginx/defaults/main.yml @@ -57,6 +57,10 @@ nginx_extra_http_options: "" # proxy_set_header Host $http_host; nginx_remove_default_vhost: false + +# Listen on IPv6 (default: true) +nginx_listen_ipv6: true + nginx_vhosts: [] # Example vhost below, showing all available options: # - listen: "80" # default: "80" diff --git a/provisioning/roles/geerlingguy.nginx/meta/main.yml b/provisioning/roles/geerlingguy.nginx/meta/main.yml index aaff40d4c..0033d24cb 100644 --- a/provisioning/roles/geerlingguy.nginx/meta/main.yml +++ b/provisioning/roles/geerlingguy.nginx/meta/main.yml @@ -11,7 +11,6 @@ galaxy_info: platforms: - name: EL versions: - - 6 - 7 - 8 - name: Debian diff --git a/provisioning/roles/geerlingguy.nginx/molecule/default/molecule.yml b/provisioning/roles/geerlingguy.nginx/molecule/default/molecule.yml index 2da47dd1f..74907107f 100644 --- a/provisioning/roles/geerlingguy.nginx/molecule/default/molecule.yml +++ b/provisioning/roles/geerlingguy.nginx/molecule/default/molecule.yml @@ -3,10 +3,6 @@ dependency: name: galaxy driver: name: docker -lint: | - set -e - yamllint . - ansible-lint platforms: - name: instance image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos7}-ansible:latest" diff --git a/provisioning/roles/geerlingguy.nginx/tasks/setup-FreeBSD.yml b/provisioning/roles/geerlingguy.nginx/tasks/setup-FreeBSD.yml index f4614f630..637c5202d 100644 --- a/provisioning/roles/geerlingguy.nginx/tasks/setup-FreeBSD.yml +++ b/provisioning/roles/geerlingguy.nginx/tasks/setup-FreeBSD.yml @@ -14,3 +14,4 @@ file: path: /var/log/nginx state: directory + mode: 0755 diff --git a/provisioning/roles/geerlingguy.nginx/tasks/setup-OpenBSD.yml b/provisioning/roles/geerlingguy.nginx/tasks/setup-OpenBSD.yml index c660301ce..c75c27e4d 100644 --- a/provisioning/roles/geerlingguy.nginx/tasks/setup-OpenBSD.yml +++ b/provisioning/roles/geerlingguy.nginx/tasks/setup-OpenBSD.yml @@ -8,3 +8,4 @@ file: path: /var/log/nginx state: directory + mode: 0755 diff --git a/provisioning/roles/geerlingguy.nginx/tasks/setup-Ubuntu.yml b/provisioning/roles/geerlingguy.nginx/tasks/setup-Ubuntu.yml index 5e08aff0e..c608d25b9 100644 --- a/provisioning/roles/geerlingguy.nginx/tasks/setup-Ubuntu.yml +++ b/provisioning/roles/geerlingguy.nginx/tasks/setup-Ubuntu.yml @@ -4,7 +4,7 @@ name: dirmngr state: present -- name: Add PPA for Nginx. +- name: Add PPA for Nginx (if configured). apt_repository: repo: 'ppa:nginx/{{ nginx_ppa_version }}' state: present diff --git a/provisioning/roles/geerlingguy.nginx/tasks/vhosts.yml b/provisioning/roles/geerlingguy.nginx/tasks/vhosts.yml index 7e2995ecc..8f990fb00 100644 --- a/provisioning/roles/geerlingguy.nginx/tasks/vhosts.yml +++ b/provisioning/roles/geerlingguy.nginx/tasks/vhosts.yml @@ -10,6 +10,7 @@ file: path: "{{ nginx_vhost_path }}" state: directory + mode: 0755 notify: reload nginx - name: Add managed vhost config files. diff --git a/provisioning/roles/geerlingguy.nginx/templates/vhost.j2 b/provisioning/roles/geerlingguy.nginx/templates/vhost.j2 index 0feb60299..f419a0a02 100644 --- a/provisioning/roles/geerlingguy.nginx/templates/vhost.j2 +++ b/provisioning/roles/geerlingguy.nginx/templates/vhost.j2 @@ -2,6 +2,9 @@ {% if item.server_name_redirect is defined %} server { listen {{ item.listen | default('80') }}; +{% if nginx_listen_ipv6 %} + listen [::]:{{item.listen | default('80') }}; +{% endif %} server_name {{ item.server_name_redirect }}; return 301 $scheme://{{ item.server_name.split(' ')[0] }}$request_uri; } @@ -13,6 +16,9 @@ server { {% block server_basic -%} listen {{ item.listen | default('80') }}; +{% if nginx_listen_ipv6 %} + listen [::]:{{item.listen | default('80') }}; +{% endif %} {% if item.server_name is defined %} server_name {{ item.server_name }};