diff options
| -rw-r--r-- | galaxy.yml | 2 | ||||
| -rw-r--r-- | roles/nginx_reverse_proxy/Readme.md | 12 | ||||
| -rw-r--r-- | roles/nginx_reverse_proxy/defaults/main.yml | 6 | ||||
| -rw-r--r-- | roles/nginx_reverse_proxy/handlers/main.yml | 7 | ||||
| -rw-r--r-- | roles/nginx_reverse_proxy/tasks/main.yml | 21 | ||||
| -rw-r--r-- | roles/nginx_reverse_proxy/templates/nginx.conf.j2 | 12 |
6 files changed, 59 insertions, 1 deletions
@@ -1,6 +1,6 @@ namespace: kompetenzbolzen name: stuff -version: 0.16.1 +version: 0.17.1 readme: README.md authors: - Jonas Gunz <himself@jonasgunz.de> diff --git a/roles/nginx_reverse_proxy/Readme.md b/roles/nginx_reverse_proxy/Readme.md new file mode 100644 index 0000000..8c3c735 --- /dev/null +++ b/roles/nginx_reverse_proxy/Readme.md @@ -0,0 +1,12 @@ +# nginx_reverse_proxy + +Small reverse proxy for local HTTPS proxieing. + +```yml +--- +nginx_reverse_proxy: + cert: '/etc/ssl/certs/{{ ansible_facts.fqdn }}.pem' + key: '/etc/ssl/private/{{ ansible_facts.fqdn }}.key' + proxy_address: 'http://localhost:8080' + server_name: '{{ ansible_facts.fqdn }}' +``` diff --git a/roles/nginx_reverse_proxy/defaults/main.yml b/roles/nginx_reverse_proxy/defaults/main.yml new file mode 100644 index 0000000..ffe53ab --- /dev/null +++ b/roles/nginx_reverse_proxy/defaults/main.yml @@ -0,0 +1,6 @@ +--- +nginx_reverse_proxy: + cert: '/etc/ssl/certs/{{ ansible_facts.fqdn }}.pem' + key: '/etc/ssl/private/{{ ansible_facts.fqdn }}.key' + proxy_address: 'http://localhost:8080' + server_name: '{{ ansible_facts.fqdn }}' diff --git a/roles/nginx_reverse_proxy/handlers/main.yml b/roles/nginx_reverse_proxy/handlers/main.yml new file mode 100644 index 0000000..eb42f9a --- /dev/null +++ b/roles/nginx_reverse_proxy/handlers/main.yml @@ -0,0 +1,7 @@ +--- +- name: restart nginx + systemd: + name: nginx + enabled: yes + state: restarted + become: yes diff --git a/roles/nginx_reverse_proxy/tasks/main.yml b/roles/nginx_reverse_proxy/tasks/main.yml new file mode 100644 index 0000000..975bf71 --- /dev/null +++ b/roles/nginx_reverse_proxy/tasks/main.yml @@ -0,0 +1,21 @@ +--- +- name: Install packages + apt: + name: + - nginx + become: yes + +- name: Check for changed cert + command: /bin/true + when: + - '{{ cert_changed | default(False) }}' + notify: + - Restart nginx + +- name: Install nginx config + template: + src: nginx.conf.j2 + dest: /etc/nginx/sites-available/default + become: yes + notify: + - restart nginx diff --git a/roles/nginx_reverse_proxy/templates/nginx.conf.j2 b/roles/nginx_reverse_proxy/templates/nginx.conf.j2 new file mode 100644 index 0000000..4c8ed3a --- /dev/null +++ b/roles/nginx_reverse_proxy/templates/nginx.conf.j2 @@ -0,0 +1,12 @@ +# vi: ft=nginx +server { + listen 443 ssl; + server_name {{ nginx_reverse_proxy.server_name }} ; + + ssl_certificate {{ nginx_reverse_proxy.cert }}; + ssl_certificate_key {{ nginx_reverse_proxy.key }}; + + location / { + proxy_pass {{ nginx_reverse_proxy.proxy_address }}; + } +} |