| defaults | ||
| handlers | ||
| meta | ||
| tasks | ||
| templates | ||
| vars | ||
| .gitignore | ||
| LICENSE | ||
| README.md | ||
ansible-roles-nginx
This role is designed to provide a reverse proxy in conjuction with another role based deployment such as a metrics stack
Task Configuration
- name: Setup nginx
hosts: somehost
become: true
roles:
- role: nginx
nginx_sites:
- name: lmer2-frontend
url: lmer2.20c.com
upstream: http://localhost:8001
ssl: false
- role: firewalld
firewalld_services:
- http
- https
firewalld_ports:
- 8100/tcp # dashboard insecure mode
firewalld_forwards:
- port: 80
to: 8080
- port: 443
to: 8443
ssl can have a few different meaningful values
- undfefined will skip ssl entirely including its inclusion in the templates
- true, lets encrypt will request a cert
- false, lets encrypt will not request a cert but the template will assume a cert exists
ssl_barrow can be set to the url of an existing cert to piggy back on another existing cert
Deployment and Removal
Sometimes you need to manually stop the running containers to get a clean run when re-deploying Services must be stopped as the respecitve user or another means to aquire the correct user scope for systemd
systemctl --user stop container-nginx.service
Deploy
ansible-playbook -i hosts site.yml --tags=firewalld,nginx --limit=somehost
Remove
ansible-playbook -i hosts site.yml --tags=firewalld,nginx --extra-vars "container_state=absent firewall_action=remove" --limit=somehost