Installs nginx on Debian/Ubuntu linux servers.
None
Available variables are listed below, along with default values (see defaults/main.yml
):
nginx_package: nginx-full
nginx_package_state: 'latest'
Variables in nginx.conf can be set by
nginx_owner: www-data
nginx_group: www-data
nginx_worker_processes: '{{ ansible_processor_cores * ansible_processor_count }}'
nginx_worker_connections: '{{ 768 if ansible_processor_count == 1 else 2048 }}'
nginx_pid_file: '/run/nginx.pid'
nginx_multi_accept: 'on'
Furhter configration settings can be defined by
nginx_extra_http_options: |
server_names_hash_bucket_size 64;
server_name_in_redirect off;
Default vhost can be kept or removed by
nginx_remove_default_vhost: true
nginx_vhosts:
example.com:
- server_name: www.example.com
listen: 80
root: '/var/www/example.com/html'
access_log: '/var/www/example.com/logs/nginx-access.log'
error_log: '/var/www/example.com/logs/nginx-error.log'
extra_parameters: |
include {{ nginx_additional_templates.0.dest }};
- server_name: example.com
listen: 80
return: '301 http://www.example.com$request_uri;'
secure-example.com:
- server_name: www.secure-example.com
listen: '444 spdy'
ssl_certificate: '/etc/nginx/ssl/secure-example.com/certificate.crt'
ssl_certificate_key: '/etc/nginx/ssl/secure-example.com/certificate.key'
access_log: '/var/www/secure-example.com/logs/nginx-access.log'
error_log: '/var/www/secure-example.com/logs/nginx-error.log'
root: '/var/www/secure-example.com/html/'
extra_parameters: |
include {{ nginx_additional_templates.1.dest }};
- server_name: secure-example.com
listen: 80
return: '301 http://www.example.com$request_uri;'
Additional templates can be uploaded and included in your vhost:
nginx_additional_templates:
- src: 'nginx/magento.conf'
dest: '/etc/nginx/snippets/example.magento.conf'
php_socket_file: '/run/php5-fpm-magento.socket'
- src: 'nginx/magento.conf'
dest: '/etc/nginx/snippets/secure-example.magento.conf'
php_socket_file: '/run/php5-fpm-magento.socket'
nginx_ssl_certificates:
- save_path: '/etc/nginx/ssl/secure-example.com/'
certificate_key: "{{ lookup('file', 'local/path/certificate.key') }}"
certificate: "{{ lookup('file', 'local/path/certificate.crt') }}"
intermediate_certificate: "{{ lookup('file', 'local/path/intermediate.crt') }}"
root_certificate: "{{ lookup('file', 'local/path/root.crt') }}"
save_path, certificate_key and certificate are required! intermediate_certificate and root_certificate is not required but highly recommended!
nginx_config_files:
- ssl.conf
- secure.conf
To install geoip the variable install_geoip
needs to be set.
# GeoIP
install_geoip: true
geoip_download_url: "http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz"
Upstreams can easily be defined:
nginx_upstreams:
- name: 'varnish'
servers:
- 'localhost:6081'
- 'localhost:8080 backup'
Dhparam key file is always generated but the filepath can be adjusted:
nginx_dhparam_file: '/etc/nginx/ssl/dhparam.pem'
None.
- hosts: server
roles:
- { role: tschifftner.nginx }
- Debian 9 (Stretch)
- Debian 8 (Jessie)
- Ubuntu 18.04 (Bionic Beaver)
- Ubuntu 16.04 (Xenial Xerus)
Ansible 2.5+