mirror of https://github.com/de-it-krachten/ansible-role-nginx synced 2026-05-14 11:51:48 +00:00

No description

Jinja 100%

Find a file

Mark van Huijstee ce3b8ef1e9 Merge pull request #31 from de-it-krachten/dev Update supported platforms & CI (2026-03-14)		2026-03-15 12:39:05 +01:00
.github/workflows	Update supported platforms & CI	2026-03-14 19:46:29 +01:00
defaults	Fix CI	2025-08-06 23:25:57 +02:00
handlers	feat: Move to FQCN	2022-10-08 14:20:08 +02:00
meta	Update CI	2026-03-06 22:53:37 +01:00
molecule/default	Update supported platforms & CI	2026-03-14 15:06:17 +01:00
tasks	fix: Fix loop label to string	2023-09-03 19:49:09 +02:00
templates	fix: Save webserver info for other playbooks/roles to use	2022-09-25 01:57:04 +02:00
.ansible-lint	feat: Update CI to latest standards	2022-10-08 14:20:30 +02:00
.cicd	Update CI	2026-03-06 22:53:37 +01:00
.cicd.overwrite	Update CI	2026-03-06 22:53:37 +01:00
.collections	feat: Add support for Ubuntu 24.04 LTS + Fedora 40	2024-05-31 23:28:49 +02:00
.gitignore	feat: Update supported platforms & CI	2024-12-29 11:35:22 +01:00
.releaserc.yml	Update CI	2025-10-13 22:15:18 +02:00
.roles	feat: Update CI to latest standards	2022-10-08 14:20:30 +02:00
.yamllint	feat: Update supported platforms & CI	2024-12-29 11:35:22 +01:00
CHANGELOG.md	chore(release): 1.12.1 [skip ci]	2025-12-06 23:43:13 +00:00
README.md	Update CI	2026-03-06 22:53:37 +01:00

README.md

ansible-role-nginx

Install/configure/manage nginx

Dependencies

Roles

None

Collections

ansible.posix

Platforms

Supported platforms

Red Hat Enterprise Linux 8¹
Red Hat Enterprise Linux 9¹
Red Hat Enterprise Linux 10¹
RockyLinux 8
RockyLinux 9
RockyLinux 10
OracleLinux 8
OracleLinux 9
OracleLinux 10
AlmaLinux 8
AlmaLinux 9
AlmaLinux 10
Debian 11 (Bullseye)
Debian 12 (Bookworm)
Debian 13 (Trixie)
Ubuntu 22.04 LTS
Ubuntu 24.04 LTS
Fedora 42
Fedora 43

Note: ¹ : no automated testing is performed on these platforms

Role Variables

defaults/main.yml


# Directory to put drop-in config files into
nginx_confd_path: /etc/nginx/conf.d

# Directory to put certificates & keys into
nginx_certs_path: /etc/nginx/certs

# list of drop-in config templates
nginx_confd_templates: []

# Create default server (port 80)
nginx_default_server: false

# should the firewall be managed by this role
nginx_manage_firewall: false

# Default firewall ports
nginx_fw_ports:
  - { port: 80, proto: tcp }
  - { port: 443, proto: tcp }

# Should vhosts be created
nginx_create_vhosts: true

# nginx service
nginx_service: nginx

defaults/family-Debian.yml


# nginx packages
nginx_packages:
  - nginx
  - python3-passlib

# nginx pip packages
nginx_pip_packages: []

# Default private key location
nginx_ssl_key_path: /etc/ssl/private

# Default certificate location
nginx_ssl_crt_path: /etc/ssl/certs

# php socket
nginx_php_socket: /etc/alternatives/php-fpm.sock

# default nginx user/group
nginx_user: www-data
nginx_group: www-data

defaults/family-RedHat-10.yml


# nginx packages
nginx_packages:
  - nginx
  # - python3-passlib  # For RHEL 10.0, package not yet in EPEL

# nginx pip packages
nginx_pip_packages:
  - passlib

defaults/family-RedHat-7.yml


# nginx packages
nginx_packages:
  - nginx
  - python-passlib

defaults/family-RedHat.yml


# nginx packages
nginx_packages:
  - nginx
  - python3-passlib

# nginx pip packages
nginx_pip_packages: []

# Default private key location
nginx_ssl_key_path: /etc/pki/tls/private

# Default certificate location
nginx_ssl_crt_path: /etc/pki/tls/certs

# default nginx user/group
nginx_user: nginx
nginx_group: nginx

defaults/family-Suse.yml


# nginx packages
nginx_packages:
  - nginx
  - python3-passlib

# nginx pip packages
nginx_pip_packages: []

# Default private key location
nginx_ssl_key_path: /etc/ssl/private

# Default certificate location
nginx_ssl_crt_path: /etc/ssl/certs

# default nginx user/group
nginx_user: nginx
nginx_group: nginx

defaults/Fedora.yml


# nginx packages
nginx_packages:
  - nginx
  - python3-passlib

# nginx pip packages
nginx_pip_packages: []

# Default private key location
nginx_ssl_key_path: /etc/pki/tls/private

# Default certificate location
nginx_ssl_crt_path: /etc/pki/tls/certs

# default nginx user/group
nginx_user: nginx
nginx_group: nginx

Example Playbook

molecule/default/converge.yml


- name: sample playbook for role 'nginx'
  hosts: all
  become: 'yes'
  vars:
    molecule_driver: '{{ lookup(''env'', ''MOLECULE_DRIVER_NAME'') }}'
    ansible_python_interpreter: /usr/bin/python3
    python_package_install_optional: true
    openssl_fqdn: server.example.com
    openssl_fqdn_additional:
      - vhost1.example.com
      - vhost2.example.com
    nginx_confd_templates:
      - server_name: test.example.com
        template: templates/test.conf.j2
        ssl_key: files/test.key
        ssl_crt: files/test.crt
        root: /var/www/test.example.com/html
        logdir: /var/www/test.example.com/logs
      - name: www.example.com
        server_name:
          - www.example.com
          - foo.example.com
        template: templates/test.conf.j2
        ssl_key: files/test.key
        ssl_crt: files/test.crt
        root: /var/www/www.example.com/html
  roles:
    - deitkrachten.python
    - deitkrachten.openssl
  tasks:
    - name: Include role 'nginx'
      ansible.builtin.include_role:
        name: nginx