Skip to content

superrare/ansible-role-nginx-config

 
 

Ansible Galaxy Molecule CI/CD License

👾 Help make the NGINX config Ansible role better by participating in our survey! 👾

Ansible NGINX Configuration Role

This role configures NGINX Open Source and NGINX Plus on your target host.

Note: This role is still in active development. There may be unidentified issues and the role variables may change as development continues.

Requirements

Ansible

  • This role is developed and tested with maintained versions of Ansible core (above 2.11).

  • When using Ansible core, you will also need to install the following collections:

    ---
    collections:
      - name: community.general
        version: 4.6.1
      - name: ansible.posix
        version: 1.3.0
      - name: community.docker  # Only required if you plan to use Molecule (see below)
        version: 2.2.1

    Note: You can alternatively install the Ansible community distribution (what is known as the "old" Ansible) if you don't want to manage individual collections.

  • Instructions on how to install Ansible can be found in the Ansible website.

Jinja2

  • This role uses Jinja2 templates. Ansible core installs Jinja2 by default, but depending on your install and/or upgrade path, you might be running an outdated version of Jinja2. The minimum version of Jinja2 required for the role to properly function is 2.11.
  • Instructions on how to install Jinja2 can be found in the Jinja2 website.

Molecule (Optional)

  • Molecule is used to test the various functionalities of the role. The recommended version of Molecule to test this role is 3.3.
  • Instructions on how to install Molecule can be found in the Molecule website. You will also need to install the Molecule Docker driver.
  • To run the NGINX Plus/App Protect config Molecule tests, you must copy your NGINX Plus/App Protect license to the role's files/license folder.

You can alternatively add your NGINX Plus/App Protect repository certificate and key to the local environment. Run the following commands to export these files as base64-encoded variables and execute the Molecule tests:

export NGINX_CRT=$( cat <path to your certificate file> | base64 )
export NGINX_KEY=$( cat <path to your key file> | base64 )
molecule test -s plus

Installation

Ansible Galaxy

Use ansible-galaxy install nginxinc.nginx_config to install the latest stable release of the role on your system.

Git

Use git clone https://github.com/nginxinc/ansible-role-nginx-config.git to pull the latest edge commit of the role from GitHub.

Platforms

The NGINX config Ansible role supports all platforms supported by NGINX Open Source and NGINX Plus:

NGINX Open Source

Alpine:
  - 3.11
  - 3.12
  - 3.13
  - 3.14
Amazon Linux:
  - 2
CentOS:
  - 7.4+
  - 8
Debian:
  - buster (10)
  - bullseye (11)
Red Hat:
  - 7.4+
  - 8
SUSE/SLES:
  - 12
  - 15
Ubuntu:
  - bionic (18.04)
  - focal (20.04)
  - hirsute (21.04)

NGINX Plus

Alpine:
  - 3.11
  - 3.12
  - 3.13
  - 3.14
Amazon Linux 2:
  - any
CentOS:
  - 7.4+
  - 8
Debian:
  - buster (10)
  - bullseye (11)
FreeBSD:
  - 12.1+
  - 13
Oracle Linux:
  - 7.4+
Red Hat:
  - 7.4+
  - 8
SUSE/SLES:
  - 12
  - 15
Ubuntu:
  - bionic (18.04)
  - focal (20.04)

Role Variables

This role has multiple variables. The descriptions and defaults for all these variables can be found in the defaults/main/ folder in the following files:

Name Description
main.yml NGINX simple config variables
selinux.yml Set up SELinux to allow the necessary connections to your NGINX setup
template.yml NGINX config template variables
upload.yml NGINX config/HTML/SSL upload variables

Example Playbooks

Working functional playbook examples can be found in the molecule/ folder in the following files:

Name Description
cleanup_module/converge.yml Cleanup an NGINX config and configure NGINX supported modules
default/converge.yml Use the NGINX config templating variables to create an NGINX config
plus/converge.yml Use the NGINX config templating variables to create an NGINX Plus config
stable_push/converge.yml Install NGINX using the stable branch and push a preexisting config from your system to your NGINX instance

Do note that if you install this repository via Ansible Galaxy, you will have to replace the role variable in the sample playbooks from ansible-role-nginx-config to nginxinc.nginx_config.

Other NGINX Ansible Collections and Roles

You can find the Ansible NGINX Core collection of roles to install and configure NGINX Open Source, NGINX Plus, and NGINX App Protect here.

You can find the Ansible NGINX role to install NGINX OSS and NGINX Plus here.

You can find the Ansible NGINX App Protect role to install and configure NGINX App Protect WAF and NGINX App Protect DoS here.

You can find the Ansible NGINX Controller collection of roles to install and configure NGINX Controller here.

You can find the Ansible NGINX Unit role to install NGINX Unit here.

License

Apache License, Version 2.0

Author Information

Alessandro Fael Garcia

© F5 Networks, Inc. 2020 - 2022

Packages

No packages published

Languages

  • Jinja 94.6%
  • HTML 5.4%