mirror of
https://github.com/iiab/iiab.git
synced 2025-02-13 03:32:12 +00:00
104 lines
3.2 KiB
YAML
104 lines
3.2 KiB
YAML
- name: Install nginx required and helper packages
|
|
package: name={{ item }} state=present
|
|
with_items:
|
|
- nginx-extras
|
|
- uwsgi
|
|
- uwsgi-plugin-python3
|
|
- php-fpm
|
|
- libnginx-mod-http-subs-filter
|
|
when: nginx_install | bool
|
|
|
|
- name: Put the config file in place
|
|
template:
|
|
src: '{{ item.src}}'
|
|
dest: '{{ item.dest }}'
|
|
with_items:
|
|
- { src: "server.conf",dest: "/etc/nginx/" }
|
|
- { src: "nginx.conf",dest: "/etc/nginx/" }
|
|
- { src: "usb-lib.conf",dest: "/etc/nginx/conf.d/" }
|
|
- { src: "admin-console.ini",dest: "/etc/uwsgi/apps-enabled/" }
|
|
# the above should be enough once uwsgi is started
|
|
# - { src: "uwsgi.unit",dest: "/etc/systemd/system/uwsgi.socket" }
|
|
- { src: 'ports.conf' , dest: '/etc/{{ apache_service }}/' , mode: '0644' }
|
|
when: nginx_enabled | bool
|
|
|
|
- name: Add http server user to shadow group, so it can authenticate Admin Console
|
|
user:
|
|
name: "{{ apache_user }}"
|
|
groups: shadow
|
|
when: nginx_install | bool
|
|
|
|
- name: Remove the nginx default config
|
|
file:
|
|
path: /etc/nginx/sites-enabled/default
|
|
state: absent
|
|
when: nginx_install | bool
|
|
|
|
- name: Insure that apache2 is not running -- we may need port swap
|
|
systemd:
|
|
name: apache2
|
|
state: stopped
|
|
|
|
# optional services
|
|
- name: Install config for Admin Console
|
|
template:
|
|
src: admin-console-nginx.conf
|
|
# Comment one or the other to revert from nginx back to apache2, if required
|
|
# src: admin-console-apache.conf
|
|
dest: /etc/nginx/conf.d/admin-console.conf
|
|
when: admin_console_enabled | bool and nginx_enabled | bool
|
|
|
|
- name: Enable the uwsgi systemd service
|
|
systemd:
|
|
name: uwsgi
|
|
state: started
|
|
enabled: True
|
|
when: admin_console_enabled | bool and nginx_enabled | bool
|
|
|
|
# the below slides in nginx's proxypass config files for apache on localhost
|
|
# via the ports.conf file installed above
|
|
- name: Install proxpass to apache running on localhost port {{ apache_port }}
|
|
include_tasks: uses_apache.yml
|
|
when: nginx_enabled | bool
|
|
|
|
# the below task contains the same logic contained in the playbooks to enable
|
|
# 'runrole nginx' to do the right thing but with the 'src' path set to role's
|
|
# templates path ie roles/<rolename>/template/
|
|
|
|
- name: Install proxpass to other services 'dual mode' roles
|
|
include_tasks: only_nginx.yml
|
|
when: nginx_enabled | bool
|
|
|
|
- name: Stop and disable nginx when not nginx_enabled
|
|
systemd:
|
|
name: nginx
|
|
state: stopped
|
|
enabled: false
|
|
when: not nginx_enabled | bool
|
|
|
|
- name: Disable apache port {{ apache_port }} localhost only
|
|
template:
|
|
dest: /etc/{{ apache_service }}/ports.conf
|
|
src: stock-apache-ports.conf
|
|
when: not nginx_enabled | bool
|
|
|
|
# should have the logic to handle both modes in the playbook
|
|
- name: Rerun 'dual mode' roles by calling role's main.yml file when ngix is disabled
|
|
include_tasks: disable.yml
|
|
when: not nginx_enabled | bool
|
|
|
|
- name: Since we stopped apache2, start it again
|
|
systemd:
|
|
name: apache2
|
|
state: restarted
|
|
enabled: true
|
|
daemon_reload: yes
|
|
when: apache_enabled | bool
|
|
|
|
- name: Restart nginx to pick up the config files installed
|
|
systemd:
|
|
name: nginx
|
|
state: restarted
|
|
enabled: true
|
|
daemon_reload: yes
|
|
when: nginx_enabled | bool
|