From 2b411efa3f4c429be23d92fdbf0afe3eeed74457 Mon Sep 17 00:00:00 2001
From: Jerry Vonau <jvonau3@gmail.com>
Date: Tue, 22 Oct 2019 06:05:06 -0500
Subject: [PATCH] rework - split to file

---
 roles/nginx/tasks/main.yml | 102 +++++++++++++++++++++----------------
 1 file changed, 57 insertions(+), 45 deletions(-)

diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
index 30054b654..6d31df6ad 100644
--- a/roles/nginx/tasks/main.yml
+++ b/roles/nginx/tasks/main.yml
@@ -1,10 +1,3 @@
-- name: Insure that apache2 is not running -- we may need port swap
-  service: 
-      name: apache2
-      enabled: False 
-      state: stopped
-  ignore_errors: True
-
 - name: Install nginx required  and helper packages
   package: name={{ item }} state=present
   with_items:
@@ -13,63 +6,82 @@
     - uwsgi-plugin-python
     - php-fpm
     - libnginx-mod-http-subs-filter
+  when: nginx_install | bool
 
 - name: Put the config file in place
   template: 
       src: '{{ item.src}}'  
       dest: '{{ item.dest }}'
   with_items:
-     - { src: "server.conf",dest: "/etc/nginx/" }
-     - { src: "nginx.conf",dest: "/etc/nginx/" }
-     - { src: "usb-lib.conf",dest: "/etc/nginx/conf.d/" }
-     - { src: "admin-console.ini",dest: "/etc/uwsgi/apps-enabled/" }
-     - { src: "uwsgi.unit",dest: "/etc/systemd/system/" }
-# optional services
-     - { src: "kiwix.conf",dest: "/etc/nginx/conf.d/" }
+    - { src: "server.conf",dest: "/etc/nginx/" }
+    - { src: "nginx.conf",dest: "/etc/nginx/" }
+    - { src: "usb-lib.conf",dest: "/etc/nginx/conf.d/" }
+    - { src: "admin-console.ini",dest: "/etc/uwsgi/apps-enabled/" }
+    - { src: "uwsgi.unit",dest: "/etc/systemd/system/" }
+    - { src: 'ports.conf' , dest: '/etc/{{ apache_service }}/' , mode: '0644' }
+  when: nginx_enabled | bool
 
 - name: Add http server  user to shadow group, so it can authenticate Admin Console
   user:
-      name: "{{ apache_user }}"
-      groups: shadow
+    name: "{{ apache_user }}"
+    groups: shadow
+  when: nginx_install | bool
 
 - name: Remove the nginx default config
-  file: path=/etc/nginx/sites-enabled/default state=absent
+  file:
+    path: /etc/nginx/sites-enabled/default
+    state: absent
+  when: nginx_install | bool
 
+- name: Insure that apache2 is not running -- we may need port swap
+  systemd:
+    name: apache2
+    enabled: False
+    state: stopped
+
+# optional services
 - name: Install config for Admin Console
   template: 
-        src: admin-console-nginx.conf
+    src: admin-console-nginx.conf
 # Comment one or the other to revert from nginx back to apache2, if required
-#        src: admin-console-apache.conf
-        dest: /etc/nginx/conf.d/admin-console.conf
-  when: admin_console_enabled | bool
+#    src: admin-console-apache.conf
+    dest: /etc/nginx/conf.d/admin-console.conf
+  when: admin_console_enabled | bool and nginx_enabled | bool
 
 - name: Enable the uwsgi systemd service
-  service:
-      name: uwsgi
-      state: started
-      enabled: True
-- name: Install ports.conf when nginx_enabled, from templates
-  template:
-    src: "{{ item.src }}"
-    dest: "{{ item.dest }}"
-    owner: root
-    group: root
-    mode: 0644
-  with_items:
-    - { src: 'ports.conf' , dest: '/etc/{{ apache_service }}/' , mode: '0644' }
-  when: is_debuntu | bool and nginx_enabled | bool
+  systemd:
+    name: uwsgi
+    state: started
+    enabled: True
+  when: admin_console_enabled | bool and nginx_enabled | bool
 
-- name: Install proxpass to apache running on localhost
+- name: Disable apache port  {{ apache_port }} localhost only
+  file:
+    path: /etc/{{ apache_service }}/ports.conf
+    state: absent
+  when: not nginx_enabled | bool
+
+# the below slides in nginx's proxypass config files for apache on localhost
+# via the ports.conf file installed above
+- name: Install proxpass to apache running on localhost port {{ apache_port }}
   include_tasks: uses_apache.yml
 
-- name: Make sure nginx picks up the config 
-  service: 
-      name: nginx 
-      state: restarted
-  when: nginx_enabled | bool
-          
-# it might not be installed yet, so ignore errors
+# the below task contains the same logic contained in the playbooks to enable
+# 'runrole nginx' to do the right thing.
+- name: Install proxpass to apache running on localhost
+  include_tasks: only_nginx.yml
+
 - name: Since we stopped apache2, start it again
-  service: name=apache2 state=started enabled=True
+  systemd:
+    name: apache2
+    state: restarted
+    daemon_reload: yes
   when: apache_enabled | bool
-  ignore_errors: True
+
+- name: Restart nginx to pick up the config files installed
+  systemd:
+    name: nginx
+    state: restarted
+    enabled: true
+    daemon_reload: yes
+  when: nginx_enabled | bool