mirror of
https://github.com/iiab/iiab.git
synced 2025-03-09 15:40:17 +00:00
Merge 3d8448f092 into 5e818c9fd1
This commit is contained in:
Jerry Vonau
GitHub
commit
41933cfa38
26 changed files with 106 additions and 37 deletions
|
|
@ -30,7 +30,7 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
when: nginx_enabled
|
||||
|
||||
|
|
|
|||
|
|
@ -12,5 +12,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -12,5 +12,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -48,5 +48,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -12,5 +12,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -28,5 +28,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -28,5 +28,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -29,5 +29,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -12,5 +12,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -28,5 +28,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -12,5 +12,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -12,5 +12,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -27,5 +27,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -40,5 +40,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -25,10 +25,9 @@
|
|||
# enabled: true
|
||||
# when: apache_installed is defined and apache_enabled # or not nginx_enabled
|
||||
|
||||
|
||||
- name: Enable & (Re)Start 'nginx' systemd service, if nginx_enabled
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
daemon_reload: yes
|
||||
enabled: yes
|
||||
state: restarted
|
||||
|
|
@ -36,7 +35,7 @@
|
|||
|
||||
- name: Disable & Stop 'nginx' systemd service, if not nginx_enabled
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
enabled: no
|
||||
state: stopped
|
||||
when: not nginx_enabled
|
||||
|
|
|
|||
|
|
@ -43,19 +43,72 @@
|
|||
# append: yes
|
||||
|
||||
|
||||
- name: Remove NGINX default config /etc/nginx/sites-enabled/default
|
||||
- name: Remove NGINX default config {{ nginx_dir }}/sites-enabled/default
|
||||
file:
|
||||
path: /etc/nginx/sites-enabled/default
|
||||
path: "{{ nginx_dir }}/sites-enabled/default"
|
||||
state: absent
|
||||
|
||||
# start block
|
||||
- block:
|
||||
- name: Insure alternate nginx path is present
|
||||
file:
|
||||
path: "{{ item }}"
|
||||
state: directory
|
||||
with_items:
|
||||
- "{{ nginx_conf_dir }}"
|
||||
- "{{ nginx_dir }}/sites-available"
|
||||
- "{{ nginx_dir }}/sites-enabled"
|
||||
|
||||
- name: Link {{ nginx_dir }}/ files
|
||||
file:
|
||||
src: /etc/nginx/{{ item }}
|
||||
path: "{{ nginx_dir }}/{{ item }}"
|
||||
state: link
|
||||
with_items:
|
||||
- modules-available
|
||||
- modules-enabled
|
||||
- snippets
|
||||
- fastcgi.conf
|
||||
- fastcgi_params
|
||||
- koi-win
|
||||
- koi-utf
|
||||
- proxy_params
|
||||
- scgi_params
|
||||
- uwsgi_params
|
||||
- win-utf
|
||||
|
||||
- name: Grab stock unit file
|
||||
copy:
|
||||
force: yes
|
||||
src: /lib/systemd/system/nginx.service
|
||||
dest: /etc/systemd/system/{{ nginx_systemd_name }}.service
|
||||
|
||||
- name: shove {{ nginx_dir }}/nginx.conf into unit file
|
||||
command: sed -i 's|/usr/sbin/nginx|/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf|g' /etc/systemd/system/{{ nginx_systemd_name }}.service
|
||||
# lineinfile:
|
||||
# path: /etc/systemd/system/nginx.service
|
||||
# state: present
|
||||
# regexp: "{{ item.regexp }}"
|
||||
# line: "{{ item.line }}"
|
||||
# with_items:
|
||||
# - { regexp: '^ExecStartPre=/usr/sbin/nginx' , line: 'ExecStartPre=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' }
|
||||
# - { regexp: '^ExecStart=/usr/sbin/nginx', line: 'ExecStart=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' }
|
||||
# - { regexp: '^ExecReload=/usr/sbin/nginx', line: 'ExecReload=/usr/sbin/nginx -c {{ nginx_dir }}/nginx.conf' }
|
||||
|
||||
- name: Alter /run/nginx.pid to be /run/{{ nginx_systemd_name }}.pid in unit file.
|
||||
command: sed -i 's|/run/nginx.pid|/run/{{ nginx_systemd_name }}.pid|g' /etc/systemd/system/{{ nginx_systemd_name }}.service
|
||||
|
||||
# end block
|
||||
when: nginx_systemd_name != "nginx" or nginx_dir != "/etc/nginx"
|
||||
|
||||
- name: 'Install 3 (of 5) files from template: /etc/nginx/server.conf, /etc/nginx/nginx.conf, /etc/nginx/mime.types'
|
||||
template:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ item.dest }}"
|
||||
with_items:
|
||||
- { src: 'server.conf.j2', dest: '/etc/nginx/server.conf' }
|
||||
- { src: 'nginx.conf.j2', dest: '/etc/nginx/nginx.conf' }
|
||||
- { src: 'mime.types.j2', dest: '/etc/nginx/mime.types' }
|
||||
- { src: 'server.conf.j2', dest: '{{ nginx_dir }}/server.conf' }
|
||||
- { src: 'nginx.conf.j2', dest: '{{ nginx_dir }}/nginx.conf' }
|
||||
- { src: 'mime.types.j2', dest: '{{ nginx_dir }}/mime.types' }
|
||||
# - { src: 'ports.conf', dest: '/etc/{{ apache_service }}/ports.conf' } # 2021-08-09: Restored from enable-or-disable.yml then moved to roles/pbx/tasks/apache.yml
|
||||
# - { src: 'iiab.conf.j2', dest: "{{ nginx_conf_dir }}/iiab.conf" } # Moved into homepage.yml, invoked later by roles/www_options/tasks/main.yml (see below!)
|
||||
|
||||
|
|
@ -63,12 +116,26 @@
|
|||
msg: roles/nginx/tasks/homepage.yml will run LATER (invoked by roles/www_options/tasks/main.yml) SO THAT NGINX CAN REDIRECT http://box TO http://box{{ iiab_home_url }} (based on var iiab_home_url)
|
||||
# - include_tasks: roles/nginx/tasks/homepage.yml
|
||||
|
||||
#ubuntu@box:/opt/iiab/iiab$ grep -r 'fastcgi_pass' roles
|
||||
#roles/awstats/templates/awstats-nginx.conf: fastcgi_pass php;
|
||||
#roles/nextcloud/templates/nextcloud-nginx.conf.j2: fastcgi_pass php;
|
||||
#roles/moodle/templates/moodle-nginx.conf.j2: fastcgi_pass php;
|
||||
#roles/osm-vector-maps/templates/osm-vector-maps-nginx.conf.j2: fastcgi_pass php;
|
||||
#roles/pbx/templates/freepbx-nginx.conf.j2: fastcgi_pass unix:/run/php/php-asterisk.sock;
|
||||
#roles/mediawiki/templates/mediawiki-nginx.conf.j2: fastcgi_pass php; # or whatever port your PHP-FPM listens on
|
||||
#roles/mediawiki/templates/mediawiki-nginx.conf.j2:# fastcgi_pass 127.0.0.1:9000; # or whatever port your PHP-FPM listens on
|
||||
#roles/wordpress/templates/wordpress-nginx.conf.j2: fastcgi_pass php;
|
||||
#roles/wordpress/templates/wordpress-nginx.conf.j2: fastcgi_pass php;
|
||||
#roles/nginx/templates/admin-console-nginx.conf.unused: fastcgi_pass php;
|
||||
|
||||
# should really be 'state: stopped' 'enabled: no' and each role should enable and restart as needed to keep system resources in check when
|
||||
# php{{ php_version }}-fpm is not required by any selected roles.
|
||||
|
||||
- name: Restart php{{ php_version }}-fpm systemd service
|
||||
systemd:
|
||||
name: "php{{ php_version }}-fpm"
|
||||
state: restarted
|
||||
|
||||
|
||||
# RECORD NGINX AS INSTALLED
|
||||
|
||||
- name: Record (final) disk space used
|
||||
|
|
|
|||
|
|
@ -4,8 +4,8 @@
|
|||
|
||||
user www-data;
|
||||
worker_processes auto;
|
||||
pid /run/nginx.pid;
|
||||
include /etc/nginx/modules-enabled/*.conf;
|
||||
pid /run/{{ nginx_systemd_name }}.pid;
|
||||
include {{ nginx_dir }}/modules-enabled/*.conf;
|
||||
|
||||
events {
|
||||
worker_connections 768;
|
||||
|
|
@ -29,7 +29,7 @@ http {
|
|||
server_names_hash_bucket_size 64;
|
||||
# server_name_in_redirect off;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
include {{ nginx_dir }}/mime.types;
|
||||
default_type text/html;
|
||||
|
||||
##
|
||||
|
|
@ -91,10 +91,10 @@ http {
|
|||
##
|
||||
|
||||
# include a server file which in turn includes conf.d/*
|
||||
include /etc/nginx/server.conf;
|
||||
include {{ nginx_dir }}/server.conf;
|
||||
|
||||
# include other sites
|
||||
include /etc/nginx/sites-enabled/*.conf;
|
||||
include {{ nginx_dir }}/sites-enabled/*.conf;
|
||||
|
||||
# define the upstream backend fastcgi for php
|
||||
upstream php {
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ server {
|
|||
server_name $hostname; # e.g. box.lan, set dynamically when NGINX starts
|
||||
#server_name {{ iiab_hostname }}.{{ iiab_domain }};
|
||||
#server_name {{ iiab_hostname }};
|
||||
listen 80;
|
||||
listen {{ nginx_port }};
|
||||
|
||||
index index.php index.html index.htm;
|
||||
|
||||
|
|
@ -19,6 +19,7 @@ server {
|
|||
# let individual services drop location blocks in conf.d
|
||||
include {{ nginx_conf_dir }}/*;
|
||||
|
||||
# why is everything below here even present?
|
||||
location ~ .*\.php$ {
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
|
|
|
|||
|
|
@ -28,5 +28,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -12,5 +12,5 @@
|
|||
|
||||
- name: Reload 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: reloaded
|
||||
|
|
|
|||
|
|
@ -97,7 +97,7 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -28,5 +28,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -30,5 +30,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -12,5 +12,5 @@
|
|||
|
||||
- name: Restart 'nginx' systemd service
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
|
|
|
|||
|
|
@ -125,7 +125,7 @@
|
|||
|
||||
- name: (Re)Start 'nginx' systemd service, if nginx_enabled
|
||||
systemd:
|
||||
name: nginx
|
||||
name: "{{ nginx_systemd_name }}"
|
||||
state: restarted
|
||||
when: nginx_enabled
|
||||
|
||||
|
|
|
|||
|
|
@ -272,8 +272,10 @@ nginx_install: True
|
|||
nginx_enabled: True
|
||||
nginx_port: 80
|
||||
nginx_interface: 0.0.0.0
|
||||
nginx_conf_dir: /etc/nginx/conf.d
|
||||
nginx_dir: /etc/nginx
|
||||
nginx_conf_dir: "{{ nginx_dir }}/conf.d"
|
||||
nginx_log_dir: /var/log/nginx
|
||||
nginx_systemd_name: nginx
|
||||
# SEE BELOW: nginx_high_php_limits, apache_allow_sudo
|
||||
|
||||
# roles/www_base runs here (mandatory)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue