From 2e6017405d06378068b997b5240b8b1acd957989 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 28 Jun 2021 16:29:44 -0500 Subject: [PATCH 01/18] default_vars soft nginx path --- vars/default_vars.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 4e8b9f2bc..89bae515c 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -280,7 +280,8 @@ nginx_install: True nginx_enabled: True nginx_port: 80 nginx_interface: 0.0.0.0 -nginx_conf_dir: /etc/nginx/conf.d +nginx_dir: /etc/nginx +nginx_conf_dir: "{{ nginx_dir }}/conf.d" nginx_log_dir: /var/log/nginx # SEE BELOW: nginx_high_php_limits, apache_allow_sudo From 2e109bf096962ac64df1fdf17d1b510b0ff20b70 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 28 Jun 2021 16:34:55 -0500 Subject: [PATCH 02/18] nginx softcoding --- roles/nginx/tasks/install.yml | 27 +++++++++++++++++++++++---- roles/nginx/templates/server.conf.j2 | 3 ++- 2 files changed, 25 insertions(+), 5 deletions(-) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index d9f3c4dda..ff909b193 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -38,6 +38,11 @@ # append: yes +- name: Insure alternate nginx path is present + file: + state: directory + path: "{{ nginx_conf_dir }}" + - name: Remove NGINX default config /etc/nginx/sites-enabled/default file: path: /etc/nginx/sites-enabled/default @@ -48,9 +53,9 @@ src: "{{ item.src }}" dest: "{{ item.dest }}" with_items: - - { src: 'server.conf.j2', dest: '/etc/nginx/server.conf' } - - { src: 'nginx.conf.j2', dest: '/etc/nginx/nginx.conf' } - - { src: 'mime.types.j2', dest: '/etc/nginx/mime.types' } + - { src: 'server.conf.j2', dest: '{{ nginx_dir }}/server.conf' } + - { src: 'nginx.conf.j2', dest: '{{ nginx_dir }}/nginx.conf' } + - { src: 'mime.types.j2', dest: '{{ nginx_dir }}/mime.types' } # - { src: 'ports.conf', dest: '/etc/{{ apache_service }}/ports.conf' } # 2021-08-09: Restored from enable-or-disable.yml then moved to roles/pbx/tasks/apache.yml # - { src: 'iiab.conf.j2', dest: "{{ nginx_conf_dir }}/iiab.conf" } # Moved into homepage.yml, invoked later by roles/www_options/tasks/main.yml (see below!) @@ -58,12 +63,26 @@ msg: roles/nginx/tasks/homepage.yml will run LATER (invoked by roles/www_options/tasks/main.yml) SO THAT NGINX CAN REDIRECT http://box TO http://box{{ iiab_home_url }} (based on var iiab_home_url) # - include_tasks: roles/nginx/tasks/homepage.yml +#ubuntu@box:/opt/iiab/iiab$ grep -r 'fastcgi_pass' roles +#roles/awstats/templates/awstats-nginx.conf: fastcgi_pass php; +#roles/nextcloud/templates/nextcloud-nginx.conf.j2: fastcgi_pass php; +#roles/moodle/templates/moodle-nginx.conf.j2: fastcgi_pass php; +#roles/osm-vector-maps/templates/osm-vector-maps-nginx.conf.j2: fastcgi_pass php; +#roles/pbx/templates/freepbx-nginx.conf.j2: fastcgi_pass unix:/run/php/php-asterisk.sock; +#roles/mediawiki/templates/mediawiki-nginx.conf.j2: fastcgi_pass php; # or whatever port your PHP-FPM listens on +#roles/mediawiki/templates/mediawiki-nginx.conf.j2:# fastcgi_pass 127.0.0.1:9000; # or whatever port your PHP-FPM listens on +#roles/wordpress/templates/wordpress-nginx.conf.j2: fastcgi_pass php; +#roles/wordpress/templates/wordpress-nginx.conf.j2: fastcgi_pass php; +#roles/nginx/templates/admin-console-nginx.conf.unused: fastcgi_pass php; + +# should really be 'state: stopped' 'enabled: no' and each role should enable and restart as needed to keep system resources in check when +# php{{ php_version }}-fpm is not required by any selected roles. + - name: Restart php{{ php_version }}-fpm systemd service systemd: name: "php{{ php_version }}-fpm" state: restarted - # RECORD NGINX AS INSTALLED - name: "Set 'nginx_installed: True'" diff --git a/roles/nginx/templates/server.conf.j2 b/roles/nginx/templates/server.conf.j2 index 84413f4e7..51e43e47d 100644 --- a/roles/nginx/templates/server.conf.j2 +++ b/roles/nginx/templates/server.conf.j2 @@ -3,7 +3,7 @@ server { server_name $hostname; # e.g. box.lan, set dynamically when NGINX starts #server_name {{ iiab_hostname }}.{{ iiab_domain }}; #server_name {{ iiab_hostname }}; - listen 80; + listen {{ nginx_port }}; index index.php index.html index.htm; @@ -19,6 +19,7 @@ server { # let individual services drop location blocks in conf.d include {{ nginx_conf_dir }}/*; + # why is everything below here even present? location ~ .*\.php$ { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; From 88eebd31da2a7d058bf49c13822ac6742e57fc1d Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 28 Jun 2021 16:47:20 -0500 Subject: [PATCH 03/18] don't delete default nginx site if is_guest --- roles/nginx/tasks/install.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index ff909b193..020a3881c 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -47,6 +47,7 @@ file: path: /etc/nginx/sites-enabled/default state: absent + when: not is_guest - name: 'Install 3 (of 5) files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/nginx/mime.types' template: From f5320913a40798882f42665613f9d1db22736497 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 28 Jun 2021 17:14:24 -0500 Subject: [PATCH 04/18] nginx softcoding2 --- roles/nginx/tasks/install.yml | 8 +++++++- roles/nginx/templates/nginx.conf.j2 | 8 ++++---- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 020a3881c..8f76d98df 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -40,8 +40,14 @@ - name: Insure alternate nginx path is present file: + path: "{{ item }}" state: directory - path: "{{ nginx_conf_dir }}" + with_items: + - "{{ nginx_conf_dir }}" + - "{{ nginx_dir }}/modules-available" + - "{{ nginx_dir }}/modules-enabled" + - "{{ nginx_dir }}/sites-available" + - "{{ nginx_dir }}/sites-enabled" - name: Remove NGINX default config /etc/nginx/sites-enabled/default file: diff --git a/roles/nginx/templates/nginx.conf.j2 b/roles/nginx/templates/nginx.conf.j2 index 5e440a9ff..8f94b7426 100644 --- a/roles/nginx/templates/nginx.conf.j2 +++ b/roles/nginx/templates/nginx.conf.j2 @@ -5,7 +5,7 @@ user www-data; worker_processes auto; pid /run/nginx.pid; -include /etc/nginx/modules-enabled/*.conf; +include {{ nginx_dir }}/modules-enabled/*.conf; events { worker_connections 768; @@ -29,7 +29,7 @@ http { server_names_hash_bucket_size 64; # server_name_in_redirect off; - include /etc/nginx/mime.types; + include {{ nginx_dir }}/mime.types; default_type text/html; ## @@ -91,10 +91,10 @@ http { ## # include a server file which in turn includes conf.d/* - include /etc/nginx/server.conf; + include {{ nginx_dir }}/server.conf; # include other sites - include /etc/nginx/sites-enabled/*.conf; + include {{ nginx_dir }}/sites-enabled/*.conf; # define the upstream backend fastcgi for php upstream php { From 38bead2f4ebc0d293ef72b583895adb80accb894 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 28 Jun 2021 22:30:48 -0500 Subject: [PATCH 05/18] down and dirty for testing gives nice warning to use lineinfile.... haha regexp need work still --- roles/nginx/tasks/install.yml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 8f76d98df..51f93a362 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -66,6 +66,34 @@ # - { src: 'ports.conf', dest: '/etc/{{ apache_service }}/ports.conf' } # 2021-08-09: Restored from enable-or-disable.yml then moved to roles/pbx/tasks/apache.yml # - { src: 'iiab.conf.j2', dest: "{{ nginx_conf_dir }}/iiab.conf" } # Moved into homepage.yml, invoked later by roles/www_options/tasks/main.yml (see below!) +# start block +- block: + - name: Grab stock unit file + copy: + force: yes + src: /lib/systemd/system/nginx.service + dest: /etc/systemd/system/iiab-nginx.service + + - name: shove {{ nginx_dir }}/nginx.conf into unit file + command: sed -i 's|/usr/sbin/nginx|/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf|' /etc/systemd/system/nginx.service +# lineinfile: +# path: /etc/systemd/system/nginx.service +# state: present +# regexp: "{{ item.regexp }}" +# line: "{{ item.line }}" +# with_items: +# - { regexp: '^ExecStartPre=/usr/sbin/nginx' , line: 'ExecStartPre=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } +# - { regexp: '^ExecStart=/usr/sbin/nginx', line: 'ExecStart=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } +# - { regexp: '^ExecReload=/usr/sbin/nginx', line: 'ExecReload=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } + - name: start iiab-nginx on port {{ nginx_port }} + systemd: + daemon_reload: yes + name: iiab-nginx.service + state: restarted + +# end block + when: is_guest or nginx_dir != "/etc/nginx" + - debug: msg: roles/nginx/tasks/homepage.yml will run LATER (invoked by roles/www_options/tasks/main.yml) SO THAT NGINX CAN REDIRECT http://box TO http://box{{ iiab_home_url }} (based on var iiab_home_url) # - include_tasks: roles/nginx/tasks/homepage.yml From a7d179bb30d7d15a2597c833dd1f27de78221622 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Mon, 28 Jun 2021 22:50:50 -0500 Subject: [PATCH 06/18] tuck the alternate path creation into conditional block --- roles/nginx/tasks/install.yml | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 51f93a362..8266cb3b8 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -38,17 +38,6 @@ # append: yes -- name: Insure alternate nginx path is present - file: - path: "{{ item }}" - state: directory - with_items: - - "{{ nginx_conf_dir }}" - - "{{ nginx_dir }}/modules-available" - - "{{ nginx_dir }}/modules-enabled" - - "{{ nginx_dir }}/sites-available" - - "{{ nginx_dir }}/sites-enabled" - - name: Remove NGINX default config /etc/nginx/sites-enabled/default file: path: /etc/nginx/sites-enabled/default @@ -68,6 +57,21 @@ # start block - block: + - name: Insure alternate nginx path is present + file: + path: "{{ item }}" + state: directory + with_items: + - "{{ nginx_conf_dir }}" + - "{{ nginx_dir }}/sites-available" + - "{{ nginx_dir }}/sites-enabled" + + - name: Link {{ nginx_dir }}/modules-enabled + file: + src: /etc/nginx/modules-enabled + path: "{{ nginx_dir }}/modules-enabled" + state: link + - name: Grab stock unit file copy: force: yes @@ -75,7 +79,7 @@ dest: /etc/systemd/system/iiab-nginx.service - name: shove {{ nginx_dir }}/nginx.conf into unit file - command: sed -i 's|/usr/sbin/nginx|/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf|' /etc/systemd/system/nginx.service + command: sed -i 's|/usr/sbin/nginx|/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf|' /etc/systemd/system/iiab-nginx.service # lineinfile: # path: /etc/systemd/system/nginx.service # state: present @@ -85,14 +89,14 @@ # - { regexp: '^ExecStartPre=/usr/sbin/nginx' , line: 'ExecStartPre=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } # - { regexp: '^ExecStart=/usr/sbin/nginx', line: 'ExecStart=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } # - { regexp: '^ExecReload=/usr/sbin/nginx', line: 'ExecReload=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } + - name: start iiab-nginx on port {{ nginx_port }} systemd: daemon_reload: yes name: iiab-nginx.service state: restarted - # end block - when: is_guest or nginx_dir != "/etc/nginx" + when: nginx_port|int != 80 or nginx_dir != "/etc/nginx" - debug: msg: roles/nginx/tasks/homepage.yml will run LATER (invoked by roles/www_options/tasks/main.yml) SO THAT NGINX CAN REDIRECT http://box TO http://box{{ iiab_home_url }} (based on var iiab_home_url) From c27a77c4a2a7c11d7f2cfd2556cc0be468c98ac2 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 29 Jun 2021 01:36:44 -0500 Subject: [PATCH 07/18] restart iiab-nginx at end --- roles/9-local-addons/tasks/main.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index d63d5b8c1..b5cc5caea 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -37,6 +37,13 @@ name: pbx when: pbx_install +- name: start iiab-nginx on port {{ nginx_port }} + systemd: + daemon_reload: yes + name: iiab-nginx.service + state: restarted + when: nginx_port|int != 80 or nginx_dir != "/etc/nginx" + - name: Recording STAGE 9 HAS COMPLETED ==================== lineinfile: path: "{{ iiab_env_file }}" From 0ae30131d13d34846fec915b37c1709d559798f3 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Tue, 29 Jun 2021 23:37:54 -0500 Subject: [PATCH 08/18] link to packaged files - move restart --- roles/nginx/tasks/enable-or-disable.yml | 6 ++++ roles/nginx/tasks/install.yml | 45 ++++++++++++++----------- 2 files changed, 32 insertions(+), 19 deletions(-) diff --git a/roles/nginx/tasks/enable-or-disable.yml b/roles/nginx/tasks/enable-or-disable.yml index 0ef223866..e519f330d 100644 --- a/roles/nginx/tasks/enable-or-disable.yml +++ b/roles/nginx/tasks/enable-or-disable.yml @@ -25,6 +25,12 @@ # enabled: true # when: apache_installed is defined and apache_enabled # or not nginx_enabled +- name: Start iiab-nginx on port {{ nginx_port }} + systemd: + daemon_reload: yes + name: iiab-nginx.service + state: restarted + when: nginx_port|int != 80 or nginx_dir != "/etc/nginx" - name: Enable & (Re)Start 'nginx' systemd service, if nginx_enabled systemd: diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 8266cb3b8..98ac48e96 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -44,17 +44,6 @@ state: absent when: not is_guest -- name: 'Install 3 (of 5) files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/nginx/mime.types' - template: - src: "{{ item.src }}" - dest: "{{ item.dest }}" - with_items: - - { src: 'server.conf.j2', dest: '{{ nginx_dir }}/server.conf' } - - { src: 'nginx.conf.j2', dest: '{{ nginx_dir }}/nginx.conf' } - - { src: 'mime.types.j2', dest: '{{ nginx_dir }}/mime.types' } - # - { src: 'ports.conf', dest: '/etc/{{ apache_service }}/ports.conf' } # 2021-08-09: Restored from enable-or-disable.yml then moved to roles/pbx/tasks/apache.yml - # - { src: 'iiab.conf.j2', dest: "{{ nginx_conf_dir }}/iiab.conf" } # Moved into homepage.yml, invoked later by roles/www_options/tasks/main.yml (see below!) - # start block - block: - name: Insure alternate nginx path is present @@ -66,11 +55,23 @@ - "{{ nginx_dir }}/sites-available" - "{{ nginx_dir }}/sites-enabled" - - name: Link {{ nginx_dir }}/modules-enabled + - name: Link {{ nginx_dir }}/ files file: - src: /etc/nginx/modules-enabled - path: "{{ nginx_dir }}/modules-enabled" + src: /etc/nginx/{{ item }} + path: "{{ nginx_dir }}/{{ item }}" state: link + with_items: + - modules-available + - modules-enabled + - snippets + - fastcgi.conf + - fastcgi_params + - koi-win + - koi-utf + - proxy_params + - scgi_params + - uwsgi_params + - win-utf - name: Grab stock unit file copy: @@ -90,14 +91,20 @@ # - { regexp: '^ExecStart=/usr/sbin/nginx', line: 'ExecStart=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } # - { regexp: '^ExecReload=/usr/sbin/nginx', line: 'ExecReload=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } - - name: start iiab-nginx on port {{ nginx_port }} - systemd: - daemon_reload: yes - name: iiab-nginx.service - state: restarted # end block when: nginx_port|int != 80 or nginx_dir != "/etc/nginx" +- name: 'Install 3 (of 5) files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/nginx/mime.types' + template: + src: "{{ item.src }}" + dest: "{{ item.dest }}" + with_items: + - { src: 'server.conf.j2', dest: '{{ nginx_dir }}/server.conf' } + - { src: 'nginx.conf.j2', dest: '{{ nginx_dir }}/nginx.conf' } + - { src: 'mime.types.j2', dest: '{{ nginx_dir }}/mime.types' } + # - { src: 'ports.conf', dest: '/etc/{{ apache_service }}/ports.conf' } # 2021-08-09: Restored from enable-or-disable.yml then moved to roles/pbx/tasks/apache.yml + # - { src: 'iiab.conf.j2', dest: "{{ nginx_conf_dir }}/iiab.conf" } # Moved into homepage.yml, invoked later by roles/www_options/tasks/main.yml (see below!) + - debug: msg: roles/nginx/tasks/homepage.yml will run LATER (invoked by roles/www_options/tasks/main.yml) SO THAT NGINX CAN REDIRECT http://box TO http://box{{ iiab_home_url }} (based on var iiab_home_url) # - include_tasks: roles/nginx/tasks/homepage.yml From 5c8bb3c06f58131835c72d7bdc5fcfb876b08731 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 11 Aug 2021 11:00:57 -0500 Subject: [PATCH 09/18] drop .service and save a daemon_reload call --- roles/9-local-addons/tasks/main.yml | 4 ++-- roles/nginx/tasks/enable-or-disable.yml | 14 +++++++------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index b5cc5caea..dec65b67a 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -37,10 +37,10 @@ name: pbx when: pbx_install -- name: start iiab-nginx on port {{ nginx_port }} +- name: Restart iiab-nginx on port {{ nginx_port }} systemd: daemon_reload: yes - name: iiab-nginx.service + name: iiab-nginx state: restarted when: nginx_port|int != 80 or nginx_dir != "/etc/nginx" diff --git a/roles/nginx/tasks/enable-or-disable.yml b/roles/nginx/tasks/enable-or-disable.yml index e519f330d..15f1c70b5 100644 --- a/roles/nginx/tasks/enable-or-disable.yml +++ b/roles/nginx/tasks/enable-or-disable.yml @@ -25,13 +25,6 @@ # enabled: true # when: apache_installed is defined and apache_enabled # or not nginx_enabled -- name: Start iiab-nginx on port {{ nginx_port }} - systemd: - daemon_reload: yes - name: iiab-nginx.service - state: restarted - when: nginx_port|int != 80 or nginx_dir != "/etc/nginx" - - name: Enable & (Re)Start 'nginx' systemd service, if nginx_enabled systemd: name: nginx @@ -40,6 +33,13 @@ state: restarted when: nginx_enabled +- name: Start iiab-nginx on port {{ nginx_port }} + systemd: + name: iiab-nginx + enabled: yes + state: restarted + when: nginx_port|int != 80 or nginx_dir != "/etc/nginx" + - name: Disable & Stop 'nginx' systemd service, if not nginx_enabled systemd: name: nginx From 15f0f87d138381d2a26165332e6acf6211a030a7 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 8 Dec 2021 20:21:54 -0600 Subject: [PATCH 10/18] soft-code service unit name grep -rlZ 'name: nginx' . | xargs -0 sed -i 's/name: nginx/name: {{ systemd_unit_name }}/g' --- roles/0-DEPRECATED-ROLES/dokuwiki/tasks/enable.yml | 2 +- roles/0-DEPRECATED-ROLES/elgg/tasks/nginx.yml | 2 +- roles/awstats/tasks/nginx.yml | 2 +- roles/calibre-web/tasks/enable-or-disable.yml | 2 +- roles/cups/tasks/nginx.yml | 2 +- roles/gitea/tasks/enable-or-disable.yml | 2 +- roles/internetarchive/tasks/enable-or-disable.yml | 2 +- roles/jupyterhub/tasks/enable-or-disable.yml | 2 +- roles/kiwix/tasks/nginx.yml | 2 +- roles/kolibri/tasks/enable-or-disable.yml | 2 +- roles/lokole/tasks/nginx.yml | 2 +- roles/mediawiki/tasks/nginx.yml | 2 +- roles/moodle/tasks/enable-or-disable.yml | 2 +- roles/munin/tasks/enable-or-disable.yml | 2 +- roles/nginx/tasks/enable-or-disable.yml | 4 ++-- roles/nginx/tasks/install.yml | 6 +++++- roles/nodered/tasks/enable-or-disable.yml | 2 +- roles/osm-vector-maps/tasks/nginx.yml | 2 +- roles/pbx/tasks/enable-or-disable.yml | 2 +- roles/sugarizer/tasks/enable-or-disable.yml | 2 +- roles/usb_lib/tasks/nginx.yml | 2 +- roles/wordpress/tasks/nginx.yml | 2 +- roles/www_options/tasks/main.yml | 2 +- vars/default_vars.yml | 1 + 24 files changed, 29 insertions(+), 24 deletions(-) diff --git a/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/enable.yml b/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/enable.yml index 094312866..0189bbaa6 100644 --- a/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/enable.yml +++ b/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/enable.yml @@ -30,7 +30,7 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted when: nginx_enabled diff --git a/roles/0-DEPRECATED-ROLES/elgg/tasks/nginx.yml b/roles/0-DEPRECATED-ROLES/elgg/tasks/nginx.yml index 3a4a302d1..5b36b4fc9 100644 --- a/roles/0-DEPRECATED-ROLES/elgg/tasks/nginx.yml +++ b/roles/0-DEPRECATED-ROLES/elgg/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/awstats/tasks/nginx.yml b/roles/awstats/tasks/nginx.yml index 810348fb0..35b36c5d9 100644 --- a/roles/awstats/tasks/nginx.yml +++ b/roles/awstats/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/calibre-web/tasks/enable-or-disable.yml b/roles/calibre-web/tasks/enable-or-disable.yml index b196176f9..f5388a672 100644 --- a/roles/calibre-web/tasks/enable-or-disable.yml +++ b/roles/calibre-web/tasks/enable-or-disable.yml @@ -31,5 +31,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/cups/tasks/nginx.yml b/roles/cups/tasks/nginx.yml index 886a15c14..13b618dd3 100644 --- a/roles/cups/tasks/nginx.yml +++ b/roles/cups/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/gitea/tasks/enable-or-disable.yml b/roles/gitea/tasks/enable-or-disable.yml index 3401c3fdd..2251cff37 100644 --- a/roles/gitea/tasks/enable-or-disable.yml +++ b/roles/gitea/tasks/enable-or-disable.yml @@ -28,5 +28,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/internetarchive/tasks/enable-or-disable.yml b/roles/internetarchive/tasks/enable-or-disable.yml index 47cebe214..c95b92a77 100644 --- a/roles/internetarchive/tasks/enable-or-disable.yml +++ b/roles/internetarchive/tasks/enable-or-disable.yml @@ -28,5 +28,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/jupyterhub/tasks/enable-or-disable.yml b/roles/jupyterhub/tasks/enable-or-disable.yml index b8a504589..bb4d32d3d 100644 --- a/roles/jupyterhub/tasks/enable-or-disable.yml +++ b/roles/jupyterhub/tasks/enable-or-disable.yml @@ -29,5 +29,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/kiwix/tasks/nginx.yml b/roles/kiwix/tasks/nginx.yml index 0fd9c674a..00452b924 100644 --- a/roles/kiwix/tasks/nginx.yml +++ b/roles/kiwix/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/kolibri/tasks/enable-or-disable.yml b/roles/kolibri/tasks/enable-or-disable.yml index 8204b3aee..aaeec6046 100644 --- a/roles/kolibri/tasks/enable-or-disable.yml +++ b/roles/kolibri/tasks/enable-or-disable.yml @@ -28,5 +28,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/lokole/tasks/nginx.yml b/roles/lokole/tasks/nginx.yml index 9ba756bf8..a07c97a24 100644 --- a/roles/lokole/tasks/nginx.yml +++ b/roles/lokole/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/mediawiki/tasks/nginx.yml b/roles/mediawiki/tasks/nginx.yml index 85c4e1429..9b5d50154 100644 --- a/roles/mediawiki/tasks/nginx.yml +++ b/roles/mediawiki/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/moodle/tasks/enable-or-disable.yml b/roles/moodle/tasks/enable-or-disable.yml index 687d6db1e..8339e5f05 100644 --- a/roles/moodle/tasks/enable-or-disable.yml +++ b/roles/moodle/tasks/enable-or-disable.yml @@ -27,5 +27,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/munin/tasks/enable-or-disable.yml b/roles/munin/tasks/enable-or-disable.yml index 1b0d3ac28..3561f4397 100644 --- a/roles/munin/tasks/enable-or-disable.yml +++ b/roles/munin/tasks/enable-or-disable.yml @@ -28,5 +28,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/nginx/tasks/enable-or-disable.yml b/roles/nginx/tasks/enable-or-disable.yml index 15f1c70b5..66cb61403 100644 --- a/roles/nginx/tasks/enable-or-disable.yml +++ b/roles/nginx/tasks/enable-or-disable.yml @@ -27,7 +27,7 @@ - name: Enable & (Re)Start 'nginx' systemd service, if nginx_enabled systemd: - name: nginx + name: "{{ systemd_unit_name }}" daemon_reload: yes enabled: yes state: restarted @@ -42,7 +42,7 @@ - name: Disable & Stop 'nginx' systemd service, if not nginx_enabled systemd: - name: nginx + name: "{{ systemd_unit_name }}" enabled: no state: stopped when: not nginx_enabled diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 98ac48e96..1ae4e37ba 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -73,11 +73,15 @@ - uwsgi_params - win-utf + - name: Alter systemd_unit_name to be iiab-nginx.service from nginx.service + set_fact: + systemd_unit_name: iiab-nginx + - name: Grab stock unit file copy: force: yes src: /lib/systemd/system/nginx.service - dest: /etc/systemd/system/iiab-nginx.service + dest: /etc/systemd/system/"{{ systemd_unit_name }}".service - name: shove {{ nginx_dir }}/nginx.conf into unit file command: sed -i 's|/usr/sbin/nginx|/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf|' /etc/systemd/system/iiab-nginx.service diff --git a/roles/nodered/tasks/enable-or-disable.yml b/roles/nodered/tasks/enable-or-disable.yml index 87a1c8d2a..63d41aa7b 100644 --- a/roles/nodered/tasks/enable-or-disable.yml +++ b/roles/nodered/tasks/enable-or-disable.yml @@ -28,5 +28,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/osm-vector-maps/tasks/nginx.yml b/roles/osm-vector-maps/tasks/nginx.yml index 15c281db8..e1db6d2ce 100644 --- a/roles/osm-vector-maps/tasks/nginx.yml +++ b/roles/osm-vector-maps/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Reload 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: reloaded diff --git a/roles/pbx/tasks/enable-or-disable.yml b/roles/pbx/tasks/enable-or-disable.yml index 2abc11405..f27e44172 100644 --- a/roles/pbx/tasks/enable-or-disable.yml +++ b/roles/pbx/tasks/enable-or-disable.yml @@ -98,7 +98,7 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/sugarizer/tasks/enable-or-disable.yml b/roles/sugarizer/tasks/enable-or-disable.yml index 8abccd61b..243bfe9ae 100644 --- a/roles/sugarizer/tasks/enable-or-disable.yml +++ b/roles/sugarizer/tasks/enable-or-disable.yml @@ -28,5 +28,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/usb_lib/tasks/nginx.yml b/roles/usb_lib/tasks/nginx.yml index 7e572142a..55420b78b 100644 --- a/roles/usb_lib/tasks/nginx.yml +++ b/roles/usb_lib/tasks/nginx.yml @@ -30,5 +30,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/wordpress/tasks/nginx.yml b/roles/wordpress/tasks/nginx.yml index c55d1223e..71c03bc54 100644 --- a/roles/wordpress/tasks/nginx.yml +++ b/roles/wordpress/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted diff --git a/roles/www_options/tasks/main.yml b/roles/www_options/tasks/main.yml index 90f5cc6b6..737c3ac3e 100644 --- a/roles/www_options/tasks/main.yml +++ b/roles/www_options/tasks/main.yml @@ -167,7 +167,7 @@ - name: (Re)Start 'nginx' systemd service, if nginx_enabled systemd: - name: nginx + name: "{{ systemd_unit_name }}" state: restarted when: nginx_enabled diff --git a/vars/default_vars.yml b/vars/default_vars.yml index 89bae515c..a28e05419 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -283,6 +283,7 @@ nginx_interface: 0.0.0.0 nginx_dir: /etc/nginx nginx_conf_dir: "{{ nginx_dir }}/conf.d" nginx_log_dir: /var/log/nginx +systemd_unit_name: nginx # SEE BELOW: nginx_high_php_limits, apache_allow_sudo # roles/www_base runs here (mandatory) From f783caf5dd51837c3e4e3806df06b17d58e62352 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 9 Dec 2021 03:16:23 -0600 Subject: [PATCH 11/18] un-needed now --- roles/nginx/tasks/enable-or-disable.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/roles/nginx/tasks/enable-or-disable.yml b/roles/nginx/tasks/enable-or-disable.yml index 66cb61403..3131dc781 100644 --- a/roles/nginx/tasks/enable-or-disable.yml +++ b/roles/nginx/tasks/enable-or-disable.yml @@ -33,13 +33,6 @@ state: restarted when: nginx_enabled -- name: Start iiab-nginx on port {{ nginx_port }} - systemd: - name: iiab-nginx - enabled: yes - state: restarted - when: nginx_port|int != 80 or nginx_dir != "/etc/nginx" - - name: Disable & Stop 'nginx' systemd service, if not nginx_enabled systemd: name: "{{ systemd_unit_name }}" From 8936d019d10c0168c38c041fc8a0b9f69ca3de78 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 9 Dec 2021 08:48:50 -0600 Subject: [PATCH 12/18] let the enduser name the service --- roles/nginx/tasks/install.yml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 1ae4e37ba..b6625a98c 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -73,18 +73,14 @@ - uwsgi_params - win-utf - - name: Alter systemd_unit_name to be iiab-nginx.service from nginx.service - set_fact: - systemd_unit_name: iiab-nginx - - name: Grab stock unit file copy: force: yes src: /lib/systemd/system/nginx.service - dest: /etc/systemd/system/"{{ systemd_unit_name }}".service + dest: /etc/systemd/system/{{ systemd_unit_name }}.service - name: shove {{ nginx_dir }}/nginx.conf into unit file - command: sed -i 's|/usr/sbin/nginx|/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf|' /etc/systemd/system/iiab-nginx.service + command: sed -i 's|/usr/sbin/nginx|/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf|' /etc/systemd/system/{{ systemd_unit_name }}.service # lineinfile: # path: /etc/systemd/system/nginx.service # state: present @@ -96,7 +92,7 @@ # - { regexp: '^ExecReload=/usr/sbin/nginx', line: 'ExecReload=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } # end block - when: nginx_port|int != 80 or nginx_dir != "/etc/nginx" + when: systemd_unit_name != "nginx" or nginx_dir != "/etc/nginx" - name: 'Install 3 (of 5) files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/nginx/mime.types' template: From 46861cbfec0d58582899aaf9e0b38a59c6c33ef8 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 10 Dec 2021 19:09:24 -0600 Subject: [PATCH 13/18] split the pid files --- roles/nginx/tasks/install.yml | 3 +++ roles/nginx/templates/nginx.conf.j2 | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index b6625a98c..c174390ba 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -91,6 +91,9 @@ # - { regexp: '^ExecStart=/usr/sbin/nginx', line: 'ExecStart=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } # - { regexp: '^ExecReload=/usr/sbin/nginx', line: 'ExecReload=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } + - name: Alter PIDFile= to match {{ systemd_unit_name }} in unit file. + command: sed -i 's|PIDFile=/run/nginx.pid|PIDFile=/run/{{ systemd_unit_name }}.pid|' /etc/systemd/system/{{ systemd_unit_name }}.service + # end block when: systemd_unit_name != "nginx" or nginx_dir != "/etc/nginx" diff --git a/roles/nginx/templates/nginx.conf.j2 b/roles/nginx/templates/nginx.conf.j2 index 8f94b7426..f7659bed0 100644 --- a/roles/nginx/templates/nginx.conf.j2 +++ b/roles/nginx/templates/nginx.conf.j2 @@ -4,7 +4,7 @@ user www-data; worker_processes auto; -pid /run/nginx.pid; +pid /run/{{ systemd_unit_name }}.pid; include {{ nginx_dir }}/modules-enabled/*.conf; events { From 0bfab81d3571de41a8a4de3146f38738b43c4183 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Fri, 10 Dec 2021 19:14:26 -0600 Subject: [PATCH 14/18] split the pid files2 --- roles/nginx/tasks/install.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index c174390ba..6e71a133c 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -80,7 +80,7 @@ dest: /etc/systemd/system/{{ systemd_unit_name }}.service - name: shove {{ nginx_dir }}/nginx.conf into unit file - command: sed -i 's|/usr/sbin/nginx|/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf|' /etc/systemd/system/{{ systemd_unit_name }}.service + command: sed -i 's|/usr/sbin/nginx|/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf|g' /etc/systemd/system/{{ systemd_unit_name }}.service # lineinfile: # path: /etc/systemd/system/nginx.service # state: present @@ -91,8 +91,8 @@ # - { regexp: '^ExecStart=/usr/sbin/nginx', line: 'ExecStart=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } # - { regexp: '^ExecReload=/usr/sbin/nginx', line: 'ExecReload=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } - - name: Alter PIDFile= to match {{ systemd_unit_name }} in unit file. - command: sed -i 's|PIDFile=/run/nginx.pid|PIDFile=/run/{{ systemd_unit_name }}.pid|' /etc/systemd/system/{{ systemd_unit_name }}.service + - name: Alter /run/nginx.pid to be /run/{{ systemd_unit_name }}.pid in unit file. + command: sed -i 's|/run/nginx.pid|/run/{{ systemd_unit_name }}.pid|g' /etc/systemd/system/{{ systemd_unit_name }}.service # end block when: systemd_unit_name != "nginx" or nginx_dir != "/etc/nginx" From 55a36a42ba3803e744e0d6e9ff2e4e67557ded1d Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 6 Apr 2022 01:34:22 -0500 Subject: [PATCH 15/18] grep -rlZ 'systemd_unit_name' | xargs -0 sed -i 's/systemd_unit_name/nginx_systemd_name/g' --- roles/0-DEPRECATED-ROLES/dokuwiki/tasks/enable.yml | 2 +- roles/0-DEPRECATED-ROLES/elgg/tasks/nginx.yml | 2 +- roles/awstats/tasks/nginx.yml | 2 +- roles/calibre-web/tasks/enable-or-disable.yml | 2 +- roles/cups/tasks/nginx.yml | 2 +- roles/gitea/tasks/enable-or-disable.yml | 2 +- roles/internetarchive/tasks/enable-or-disable.yml | 2 +- roles/jupyterhub/tasks/enable-or-disable.yml | 2 +- roles/kiwix/tasks/nginx.yml | 2 +- roles/kolibri/tasks/enable-or-disable.yml | 2 +- roles/lokole/tasks/nginx.yml | 2 +- roles/mediawiki/tasks/nginx.yml | 2 +- roles/moodle/tasks/enable-or-disable.yml | 2 +- roles/munin/tasks/enable-or-disable.yml | 2 +- roles/nginx/tasks/enable-or-disable.yml | 4 ++-- roles/nginx/tasks/install.yml | 10 +++++----- roles/nginx/templates/nginx.conf.j2 | 2 +- roles/nodered/tasks/enable-or-disable.yml | 2 +- roles/osm-vector-maps/tasks/nginx.yml | 2 +- roles/pbx/tasks/enable-or-disable.yml | 2 +- roles/sugarizer/tasks/enable-or-disable.yml | 2 +- roles/usb_lib/tasks/nginx.yml | 2 +- roles/wordpress/tasks/nginx.yml | 2 +- roles/www_options/tasks/main.yml | 2 +- vars/default_vars.yml | 2 +- 25 files changed, 30 insertions(+), 30 deletions(-) diff --git a/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/enable.yml b/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/enable.yml index 0189bbaa6..559ed9f37 100644 --- a/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/enable.yml +++ b/roles/0-DEPRECATED-ROLES/dokuwiki/tasks/enable.yml @@ -30,7 +30,7 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted when: nginx_enabled diff --git a/roles/0-DEPRECATED-ROLES/elgg/tasks/nginx.yml b/roles/0-DEPRECATED-ROLES/elgg/tasks/nginx.yml index 5b36b4fc9..db9d5982f 100644 --- a/roles/0-DEPRECATED-ROLES/elgg/tasks/nginx.yml +++ b/roles/0-DEPRECATED-ROLES/elgg/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/awstats/tasks/nginx.yml b/roles/awstats/tasks/nginx.yml index 35b36c5d9..43aa3c88a 100644 --- a/roles/awstats/tasks/nginx.yml +++ b/roles/awstats/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/calibre-web/tasks/enable-or-disable.yml b/roles/calibre-web/tasks/enable-or-disable.yml index f5388a672..8f6926a5d 100644 --- a/roles/calibre-web/tasks/enable-or-disable.yml +++ b/roles/calibre-web/tasks/enable-or-disable.yml @@ -31,5 +31,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/cups/tasks/nginx.yml b/roles/cups/tasks/nginx.yml index 13b618dd3..8aa75ff47 100644 --- a/roles/cups/tasks/nginx.yml +++ b/roles/cups/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/gitea/tasks/enable-or-disable.yml b/roles/gitea/tasks/enable-or-disable.yml index 2251cff37..0f1cecf55 100644 --- a/roles/gitea/tasks/enable-or-disable.yml +++ b/roles/gitea/tasks/enable-or-disable.yml @@ -28,5 +28,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/internetarchive/tasks/enable-or-disable.yml b/roles/internetarchive/tasks/enable-or-disable.yml index c95b92a77..10a7164b5 100644 --- a/roles/internetarchive/tasks/enable-or-disable.yml +++ b/roles/internetarchive/tasks/enable-or-disable.yml @@ -28,5 +28,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/jupyterhub/tasks/enable-or-disable.yml b/roles/jupyterhub/tasks/enable-or-disable.yml index bb4d32d3d..621287930 100644 --- a/roles/jupyterhub/tasks/enable-or-disable.yml +++ b/roles/jupyterhub/tasks/enable-or-disable.yml @@ -29,5 +29,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/kiwix/tasks/nginx.yml b/roles/kiwix/tasks/nginx.yml index 00452b924..54a1e7628 100644 --- a/roles/kiwix/tasks/nginx.yml +++ b/roles/kiwix/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/kolibri/tasks/enable-or-disable.yml b/roles/kolibri/tasks/enable-or-disable.yml index aaeec6046..8177f97a1 100644 --- a/roles/kolibri/tasks/enable-or-disable.yml +++ b/roles/kolibri/tasks/enable-or-disable.yml @@ -28,5 +28,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/lokole/tasks/nginx.yml b/roles/lokole/tasks/nginx.yml index a07c97a24..3de3f2a20 100644 --- a/roles/lokole/tasks/nginx.yml +++ b/roles/lokole/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/mediawiki/tasks/nginx.yml b/roles/mediawiki/tasks/nginx.yml index 9b5d50154..c4cc5785c 100644 --- a/roles/mediawiki/tasks/nginx.yml +++ b/roles/mediawiki/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/moodle/tasks/enable-or-disable.yml b/roles/moodle/tasks/enable-or-disable.yml index 8339e5f05..4306dc02e 100644 --- a/roles/moodle/tasks/enable-or-disable.yml +++ b/roles/moodle/tasks/enable-or-disable.yml @@ -27,5 +27,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/munin/tasks/enable-or-disable.yml b/roles/munin/tasks/enable-or-disable.yml index 3561f4397..6afe781b6 100644 --- a/roles/munin/tasks/enable-or-disable.yml +++ b/roles/munin/tasks/enable-or-disable.yml @@ -28,5 +28,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/nginx/tasks/enable-or-disable.yml b/roles/nginx/tasks/enable-or-disable.yml index 3131dc781..ae028a23f 100644 --- a/roles/nginx/tasks/enable-or-disable.yml +++ b/roles/nginx/tasks/enable-or-disable.yml @@ -27,7 +27,7 @@ - name: Enable & (Re)Start 'nginx' systemd service, if nginx_enabled systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" daemon_reload: yes enabled: yes state: restarted @@ -35,7 +35,7 @@ - name: Disable & Stop 'nginx' systemd service, if not nginx_enabled systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" enabled: no state: stopped when: not nginx_enabled diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 6e71a133c..9e5d514c7 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -77,10 +77,10 @@ copy: force: yes src: /lib/systemd/system/nginx.service - dest: /etc/systemd/system/{{ systemd_unit_name }}.service + dest: /etc/systemd/system/{{ nginx_systemd_name }}.service - name: shove {{ nginx_dir }}/nginx.conf into unit file - command: sed -i 's|/usr/sbin/nginx|/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf|g' /etc/systemd/system/{{ systemd_unit_name }}.service + command: sed -i 's|/usr/sbin/nginx|/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf|g' /etc/systemd/system/{{ nginx_systemd_name }}.service # lineinfile: # path: /etc/systemd/system/nginx.service # state: present @@ -91,11 +91,11 @@ # - { regexp: '^ExecStart=/usr/sbin/nginx', line: 'ExecStart=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } # - { regexp: '^ExecReload=/usr/sbin/nginx', line: 'ExecReload=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' } - - name: Alter /run/nginx.pid to be /run/{{ systemd_unit_name }}.pid in unit file. - command: sed -i 's|/run/nginx.pid|/run/{{ systemd_unit_name }}.pid|g' /etc/systemd/system/{{ systemd_unit_name }}.service + - name: Alter /run/nginx.pid to be /run/{{ nginx_systemd_name }}.pid in unit file. + command: sed -i 's|/run/nginx.pid|/run/{{ nginx_systemd_name }}.pid|g' /etc/systemd/system/{{ nginx_systemd_name }}.service # end block - when: systemd_unit_name != "nginx" or nginx_dir != "/etc/nginx" + when: nginx_systemd_name != "nginx" or nginx_dir != "/etc/nginx" - name: 'Install 3 (of 5) files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/nginx/mime.types' template: diff --git a/roles/nginx/templates/nginx.conf.j2 b/roles/nginx/templates/nginx.conf.j2 index f7659bed0..bd2b18936 100644 --- a/roles/nginx/templates/nginx.conf.j2 +++ b/roles/nginx/templates/nginx.conf.j2 @@ -4,7 +4,7 @@ user www-data; worker_processes auto; -pid /run/{{ systemd_unit_name }}.pid; +pid /run/{{ nginx_systemd_name }}.pid; include {{ nginx_dir }}/modules-enabled/*.conf; events { diff --git a/roles/nodered/tasks/enable-or-disable.yml b/roles/nodered/tasks/enable-or-disable.yml index 63d41aa7b..5893d30e0 100644 --- a/roles/nodered/tasks/enable-or-disable.yml +++ b/roles/nodered/tasks/enable-or-disable.yml @@ -28,5 +28,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/osm-vector-maps/tasks/nginx.yml b/roles/osm-vector-maps/tasks/nginx.yml index e1db6d2ce..b16031320 100644 --- a/roles/osm-vector-maps/tasks/nginx.yml +++ b/roles/osm-vector-maps/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Reload 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: reloaded diff --git a/roles/pbx/tasks/enable-or-disable.yml b/roles/pbx/tasks/enable-or-disable.yml index f27e44172..c0798294d 100644 --- a/roles/pbx/tasks/enable-or-disable.yml +++ b/roles/pbx/tasks/enable-or-disable.yml @@ -98,7 +98,7 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/sugarizer/tasks/enable-or-disable.yml b/roles/sugarizer/tasks/enable-or-disable.yml index 243bfe9ae..da72d935d 100644 --- a/roles/sugarizer/tasks/enable-or-disable.yml +++ b/roles/sugarizer/tasks/enable-or-disable.yml @@ -28,5 +28,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/usb_lib/tasks/nginx.yml b/roles/usb_lib/tasks/nginx.yml index 55420b78b..7cb0d2289 100644 --- a/roles/usb_lib/tasks/nginx.yml +++ b/roles/usb_lib/tasks/nginx.yml @@ -30,5 +30,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/wordpress/tasks/nginx.yml b/roles/wordpress/tasks/nginx.yml index 71c03bc54..66c1e6277 100644 --- a/roles/wordpress/tasks/nginx.yml +++ b/roles/wordpress/tasks/nginx.yml @@ -12,5 +12,5 @@ - name: Restart 'nginx' systemd service systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted diff --git a/roles/www_options/tasks/main.yml b/roles/www_options/tasks/main.yml index 737c3ac3e..e2027b35c 100644 --- a/roles/www_options/tasks/main.yml +++ b/roles/www_options/tasks/main.yml @@ -167,7 +167,7 @@ - name: (Re)Start 'nginx' systemd service, if nginx_enabled systemd: - name: "{{ systemd_unit_name }}" + name: "{{ nginx_systemd_name }}" state: restarted when: nginx_enabled diff --git a/vars/default_vars.yml b/vars/default_vars.yml index a28e05419..8d5fb6b23 100644 --- a/vars/default_vars.yml +++ b/vars/default_vars.yml @@ -283,7 +283,7 @@ nginx_interface: 0.0.0.0 nginx_dir: /etc/nginx nginx_conf_dir: "{{ nginx_dir }}/conf.d" nginx_log_dir: /var/log/nginx -systemd_unit_name: nginx +nginx_systemd_name: nginx # SEE BELOW: nginx_high_php_limits, apache_allow_sudo # roles/www_base runs here (mandatory) From 3040dea46a210f0dc1495e0f2ac68c0d10400f20 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Wed, 6 Apr 2022 17:30:57 -0500 Subject: [PATCH 16/18] Revert "don't delete default nginx site if is_guest" This reverts commit c18c7ff3778812fe4da5f5c590a9f4d50f5559c2. --- roles/nginx/tasks/install.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 9e5d514c7..86d148a31 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -42,7 +42,6 @@ file: path: /etc/nginx/sites-enabled/default state: absent - when: not is_guest # start block - block: From fbc78d6444938e7ff2b8e4a920967120edd45a41 Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 7 Apr 2022 08:41:32 -0500 Subject: [PATCH 17/18] Should do what is_guest did, avoid touching the default site file when needed --- roles/nginx/tasks/install.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/nginx/tasks/install.yml b/roles/nginx/tasks/install.yml index 86d148a31..8f55ca50e 100644 --- a/roles/nginx/tasks/install.yml +++ b/roles/nginx/tasks/install.yml @@ -38,9 +38,9 @@ # append: yes -- name: Remove NGINX default config /etc/nginx/sites-enabled/default +- name: Remove NGINX default config {{ nginx_dir }}/sites-enabled/default file: - path: /etc/nginx/sites-enabled/default + path: "{{ nginx_dir }}/sites-enabled/default" state: absent # start block From 3d8448f0927a9c207a49c7e4398ea732722ac05e Mon Sep 17 00:00:00 2001 From: Jerry Vonau Date: Thu, 7 Apr 2022 08:46:22 -0500 Subject: [PATCH 18/18] softcode in remove workaround --- roles/9-local-addons/tasks/main.yml | 7 ------- 1 file changed, 7 deletions(-) diff --git a/roles/9-local-addons/tasks/main.yml b/roles/9-local-addons/tasks/main.yml index dec65b67a..d63d5b8c1 100644 --- a/roles/9-local-addons/tasks/main.yml +++ b/roles/9-local-addons/tasks/main.yml @@ -37,13 +37,6 @@ name: pbx when: pbx_install -- name: Restart iiab-nginx on port {{ nginx_port }} - systemd: - daemon_reload: yes - name: iiab-nginx - state: restarted - when: nginx_port|int != 80 or nginx_dir != "/etc/nginx" - - name: Recording STAGE 9 HAS COMPLETED ==================== lineinfile: path: "{{ iiab_env_file }}"