From ddb37640468bc941c0c411a51e1faaf945e6f2af Mon Sep 17 00:00:00 2001 From: Kris Lamoureux Date: Sat, 8 May 2021 02:23:57 -0400 Subject: [PATCH] Divide nginx role into proxy and webserver tasks --- roles/nginx/tasks/main.yml | 42 +++++---------------------------- roles/nginx/tasks/proxy.yml | 0 roles/nginx/tasks/webserver.yml | 37 +++++++++++++++++++++++++++++ 3 files changed, 43 insertions(+), 36 deletions(-) create mode 100644 roles/nginx/tasks/proxy.yml create mode 100644 roles/nginx/tasks/webserver.yml diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml index 2afcf1c..15bdbd8 100644 --- a/roles/nginx/tasks/main.yml +++ b/roles/nginx/tasks/main.yml @@ -1,37 +1,7 @@ -- name: Create nginx root - file: - path: "{{ nginx_root }}" - state: directory +- import_tasks: proxy.yml + tags: proxy + when: proxy is defined -- name: Generate deploy keys - openssh_keypair: - path: "{{ nginx_repo_key }}" - state: present - -- name: Clone static website files - git: - repo: "{{ nginx_repo_url }}" - dest: "{{ nginx_html }}" - version: "{{ nginx_repo_branch }}" - key_file: "{{ nginx_repo_key }}" - separate_git_dir: "{{ nginx_repo_dest }}" - -- name: Start nginx container - docker_container: - name: "{{ nginx_name }}" - image: nginx:{{ nginx_version }} - state: started - restart_policy: always - networks_cli_compatible: true - networks: - - name: traefik - volumes: - - "{{ nginx_html }}:/usr/share/nginx/html:ro" - labels: - traefik.http.routers.nginx.rule: "Host(`{{ nginx_domain }}`)" - traefik.http.middlewares.nginxauth.basicauth.users: "{{ nginx_auth }}" - traefik.http.routers.nginx.entrypoints: websecure - traefik.http.routers.nginx.tls.certresolver: letsencrypt - traefik.http.routers.nginx.middlewares: "securehttps@file,nginxauth" - traefik.docker.network: traefik - traefik.enable: "true" +- import_tasks: webserver.yml + tags: nginx + when: nginx_domain is defined diff --git a/roles/nginx/tasks/proxy.yml b/roles/nginx/tasks/proxy.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/nginx/tasks/webserver.yml b/roles/nginx/tasks/webserver.yml new file mode 100644 index 0000000..2afcf1c --- /dev/null +++ b/roles/nginx/tasks/webserver.yml @@ -0,0 +1,37 @@ +- name: Create nginx root + file: + path: "{{ nginx_root }}" + state: directory + +- name: Generate deploy keys + openssh_keypair: + path: "{{ nginx_repo_key }}" + state: present + +- name: Clone static website files + git: + repo: "{{ nginx_repo_url }}" + dest: "{{ nginx_html }}" + version: "{{ nginx_repo_branch }}" + key_file: "{{ nginx_repo_key }}" + separate_git_dir: "{{ nginx_repo_dest }}" + +- name: Start nginx container + docker_container: + name: "{{ nginx_name }}" + image: nginx:{{ nginx_version }} + state: started + restart_policy: always + networks_cli_compatible: true + networks: + - name: traefik + volumes: + - "{{ nginx_html }}:/usr/share/nginx/html:ro" + labels: + traefik.http.routers.nginx.rule: "Host(`{{ nginx_domain }}`)" + traefik.http.middlewares.nginxauth.basicauth.users: "{{ nginx_auth }}" + traefik.http.routers.nginx.entrypoints: websecure + traefik.http.routers.nginx.tls.certresolver: letsencrypt + traefik.http.routers.nginx.middlewares: "securehttps@file,nginxauth" + traefik.docker.network: traefik + traefik.enable: "true"