ansible-infra/roles/nginx/tasks/main/04_config_deploy.yaml

- name: Check, if a save of a previous `nginx.conf` is present
  ansible.builtin.stat:
    path: /etc/nginx/nginx.conf.ansiblesave
  register: nginx__nginx_conf_ansiblesave_stat

- name: Handle the case, where a custom `nginx.conf` is to be used
  when: nginx__use_custom_nginx_conf
  block:
    - name: When no `nginx.conf.ansiblesave` is present, save the current `nginx.conf`
      when: not nginx__nginx_conf_ansiblesave_stat.stat.exists
      ansible.builtin.copy:
        force: true
        dest: /etc/nginx/nginx.conf.ansiblesave
        mode: "0644"
        owner: root
        group: root
        remote_src: true
        src: /etc/nginx/nginx.conf
      become: true

    - name: Ensure the custom `nginx.conf` is deployed
      ansible.builtin.copy:
        content: "{{ nginx__custom_nginx_conf }}"
        dest: "/etc/nginx/nginx.conf"
        mode: "0644"
        owner: root
        group: root
      become: true
      notify: Restart nginx

- name: Handle the case, where no custom `nginx.conf` is to be used
  when: not nginx__use_custom_nginx_conf
  block:
    - name: When a `nginx.conf.ansiblesave` is present, copy it to `nginx.conf`
      when: nginx__nginx_conf_ansiblesave_stat.stat.exists
      ansible.builtin.copy:
        force: true
        dest: /etc/nginx/nginx.conf
        mode: "0644"
        owner: root
        group: root
        remote_src: true
        src: /etc/nginx/nginx.conf.ansiblesave
      become: true
      notify: Restart nginx

    - name: Ensure no `nginx.conf.ansiblesave` is present
      when: nginx__nginx_conf_ansiblesave_stat.stat.exists
      ansible.builtin.file:
        path: /etc/nginx/nginx.conf.ansiblesave
        state: absent
      become: true

- name: Ensure mozilla dhparam is deployed
  ansible.builtin.get_url:
    force: true
    dest: /etc/nginx-mozilla-dhparam
    mode: "0644"
    url: https://ssl-config.mozilla.org/ffdhe2048.txt
  become: true
  notify: Restart nginx

- name: Set `nginx__config_files_to_exist` fact initially to an empty list
  ansible.builtin.set_fact:
    nginx__config_files_to_exist: [ ]

- name: Handle the case, where tls.conf should be deployed
  when: nginx__deploy_tls_conf
  block:
    - name: Ensure tls.conf is deployed
      ansible.builtin.copy:
        force: true
        dest: /etc/nginx/conf.d/tls.conf
        mode: "0644"
        owner: root
        group: root
        src: tls.conf
      become: true
      notify: Restart nginx

    - name: Add tls.conf to nginx__config_files_to_exist
      ansible.builtin.set_fact:
        nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ 'tls.conf' ] }}"  # noqa: jinja[spacing]

- name: Handle the case, where redirect.conf should be deployed
  when: nginx__deploy_redirect_conf
  block:
    - name: Ensure redirect.conf is deployed
      ansible.builtin.copy:
        force: true
        dest: /etc/nginx/conf.d/redirect.conf
        mode: "0644"
        owner: root
        group: root
        src: redirect.conf
      become: true
      notify: Restart nginx

    - name: Add redirect.conf to nginx__config_files_to_exist
      ansible.builtin.set_fact:
        nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ 'redirect.conf' ] }}"  # noqa: jinja[spacing]

- name: Handle the case, where logging.conf should be deployed
  when: nginx__deploy_logging_conf
  block:
    - name: Ensure logging.conf is deployed
      ansible.builtin.copy:
        force: true
        dest: /etc/nginx/conf.d/logging.conf
        mode: "0644"
        owner: root
        group: root
        src: logging.conf
      become: true
      notify: Restart nginx

    - name: Add logging.conf to nginx__config_files_to_exist
      ansible.builtin.set_fact:
        nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ 'logging.conf' ] }}"  # noqa: jinja[spacing]

- name: Ensure all given configuration files are deployed
  ansible.builtin.copy:
    content: "{{ item.content }}"
    dest: "/etc/nginx/conf.d/{{ item.name }}.conf"
    mode: "0644"
    owner: root
    group: root
  become: true
  loop: "{{ nginx__configurations }}"
  loop_control:
    label: "{{ item.name }}"
  notify: Restart nginx

- name: Add names with suffixes from `nginx__configurations` to `nginx__config_files_to_exist` fact
  ansible.builtin.set_fact:
    nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ item.name + '.conf' ] }}"  # noqa: jinja[spacing]
  loop: "{{ nginx__configurations }}"
  loop_control:
    label: "{{ item.name }}"

- name: Find configuration files to remove
  ansible.builtin.find:
    paths: /etc/nginx/conf.d/
    recurse: false
    excludes: "{{ nginx__config_files_to_exist }}"
  register: nginx__config_files_to_remove

- name: Remove all configuration file, which should be removed
  ansible.builtin.file:
    path: "{{ item.path }}"
    state: absent
  become: true
  loop: "{{ nginx__config_files_to_remove.files }}"
  loop_control:
    label: "{{ item.path | ansible.builtin.basename }}"
  notify: Restart nginx
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			- name: Check, if a save of a previous `nginx.conf` is present
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.stat:`
			`path: /etc/nginx/nginx.conf.ansiblesave`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`register: nginx__nginx_conf_ansiblesave_stat`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			- name: Handle the case, where a custom `nginx.conf` is to be used
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`when: nginx__use_custom_nginx_conf`
			`block:`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			- name: When no `nginx.conf.ansiblesave` is present, save the current `nginx.conf`
			`when: not nginx__nginx_conf_ansiblesave_stat.stat.exists`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.copy:`
			`force: true`
			`dest: /etc/nginx/nginx.conf.ansiblesave`
fix all ansible-lint yaml errors (except for line-length) 2024-11-23 02:49:23 +01:00			`mode: "0644"`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`owner: root`
			`group: root`
			`remote_src: true`
			`src: /etc/nginx/nginx.conf`
			`become: true`

nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			- name: Ensure the custom `nginx.conf` is deployed
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.copy:`
			`content: "{{ nginx__custom_nginx_conf }}"`
			`dest: "/etc/nginx/nginx.conf"`
fix all ansible-lint yaml errors (except for line-length) 2024-11-23 02:49:23 +01:00			`mode: "0644"`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`owner: root`
			`group: root`
			`become: true`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`notify: Restart nginx`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			- name: Handle the case, where no custom `nginx.conf` is to be used
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`when: not nginx__use_custom_nginx_conf`
			`block:`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			- name: When a `nginx.conf.ansiblesave` is present, copy it to `nginx.conf`
			`when: nginx__nginx_conf_ansiblesave_stat.stat.exists`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.copy:`
			`force: true`
			`dest: /etc/nginx/nginx.conf`
fix all ansible-lint yaml errors (except for line-length) 2024-11-23 02:49:23 +01:00			`mode: "0644"`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`owner: root`
			`group: root`
			`remote_src: true`
			`src: /etc/nginx/nginx.conf.ansiblesave`
			`become: true`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`notify: Restart nginx`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			- name: Ensure no `nginx.conf.ansiblesave` is present
			`when: nginx__nginx_conf_ansiblesave_stat.stat.exists`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.file:`
			`path: /etc/nginx/nginx.conf.ansiblesave`
			`state: absent`
			`become: true`

nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`- name: Ensure mozilla dhparam is deployed`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.get_url:`
			`force: true`
			`dest: /etc/nginx-mozilla-dhparam`
fix all ansible-lint yaml errors (except for line-length) 2024-11-23 02:49:23 +01:00			`mode: "0644"`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`url: https://ssl-config.mozilla.org/ffdhe2048.txt`
			`become: true`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`notify: Restart nginx`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			- name: Set `nginx__config_files_to_exist` fact initially to an empty list
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.set_fact:`
			`nginx__config_files_to_exist: [ ]`

nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`- name: Handle the case, where tls.conf should be deployed`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`when: nginx__deploy_tls_conf`
			`block:`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`- name: Ensure tls.conf is deployed`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.copy:`
			`force: true`
			`dest: /etc/nginx/conf.d/tls.conf`
fix all ansible-lint yaml errors (except for line-length) 2024-11-23 02:49:23 +01:00			`mode: "0644"`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`owner: root`
			`group: root`
			`src: tls.conf`
			`become: true`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`notify: Restart nginx`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`- name: Add tls.conf to nginx__config_files_to_exist`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.set_fact:`
			`nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ 'tls.conf' ] }}" # noqa: jinja[spacing]`

nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`- name: Handle the case, where redirect.conf should be deployed`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`when: nginx__deploy_redirect_conf`
			`block:`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`- name: Ensure redirect.conf is deployed`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.copy:`
			`force: true`
			`dest: /etc/nginx/conf.d/redirect.conf`
fix all ansible-lint yaml errors (except for line-length) 2024-11-23 02:49:23 +01:00			`mode: "0644"`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`owner: root`
			`group: root`
			`src: redirect.conf`
			`become: true`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`notify: Restart nginx`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`- name: Add redirect.conf to nginx__config_files_to_exist`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.set_fact:`
			`nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ 'redirect.conf' ] }}" # noqa: jinja[spacing]`

nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`- name: Handle the case, where logging.conf should be deployed`
set nginx logging to use journald 2025-01-19 20:30:53 +01:00			`when: nginx__deploy_logging_conf`
			`block:`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`- name: Ensure logging.conf is deployed`
set nginx logging to use journald 2025-01-19 20:30:53 +01:00			`ansible.builtin.copy:`
			`force: true`
			`dest: /etc/nginx/conf.d/logging.conf`
			`mode: "0644"`
			`owner: root`
			`group: root`
			`src: logging.conf`
			`become: true`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`notify: Restart nginx`
set nginx logging to use journald 2025-01-19 20:30:53 +01:00
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`- name: Add logging.conf to nginx__config_files_to_exist`
set nginx logging to use journald 2025-01-19 20:30:53 +01:00			`ansible.builtin.set_fact:`
			`nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ 'logging.conf' ] }}" # noqa: jinja[spacing]`

nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`- name: Ensure all given configuration files are deployed`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.copy:`
			`content: "{{ item.content }}"`
			`dest: "/etc/nginx/conf.d/{{ item.name }}.conf"`
fix all ansible-lint yaml errors (except for line-length) 2024-11-23 02:49:23 +01:00			`mode: "0644"`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`owner: root`
			`group: root`
			`become: true`
			`loop: "{{ nginx__configurations }}"`
nginx(role): make loop output manageable using loop_control label 2025-02-18 06:07:47 +01:00			`loop_control:`
			`label: "{{ item.name }}"`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`notify: Restart nginx`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			- name: Add names with suffixes from `nginx__configurations` to `nginx__config_files_to_exist` fact
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.set_fact:`
			`nginx__config_files_to_exist: "{{ nginx__config_files_to_exist + [ item.name + '.conf' ] }}" # noqa: jinja[spacing]`
			`loop: "{{ nginx__configurations }}"`
nginx(role): make loop output manageable using loop_control label 2025-02-18 06:07:47 +01:00			`loop_control:`
			`label: "{{ item.name }}"`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`- name: Find configuration files to remove`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.find:`
			`paths: /etc/nginx/conf.d/`
			`recurse: false`
			`excludes: "{{ nginx__config_files_to_exist }}"`
			`register: nginx__config_files_to_remove`

nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`- name: Remove all configuration file, which should be removed`
Use nginx role with custom `nginx.conf` support 2023-04-15 18:13:22 +02:00			`ansible.builtin.file:`
			`path: "{{ item.path }}"`
			`state: absent`
			`become: true`
			`loop: "{{ nginx__config_files_to_remove.files }}"`
nginx(role): make loop output manageable using loop_control label 2025-02-18 06:07:47 +01:00			`loop_control:`
			`label: "{{ item.path \| ansible.builtin.basename }}"`
nginx(role): use better naming, wording and file structure 2025-02-18 04:07:07 +01:00			`notify: Restart nginx`
No results found.