forked from evolix/ansible-roles
197 lines
5 KiB
YAML
197 lines
5 KiB
YAML
---
|
|
- name: Install Varnish
|
|
ansible.builtin.apt:
|
|
name: varnish
|
|
state: present
|
|
tags:
|
|
- varnish
|
|
|
|
- name: Fetch packages
|
|
ansible.builtin.package_facts:
|
|
manager: auto
|
|
check_mode: no
|
|
tags:
|
|
- varnish
|
|
- config
|
|
- update-config
|
|
|
|
- ansible.builtin.set_fact:
|
|
varnish_package_facts: "{{ ansible_facts.packages['varnish'] | first }}"
|
|
check_mode: no
|
|
tags:
|
|
- varnish
|
|
- config
|
|
- update-config
|
|
|
|
# - debug:
|
|
# var: varnish_package_facts
|
|
# check_mode: no
|
|
# tags:
|
|
# - varnish
|
|
# - config
|
|
# - update-config
|
|
|
|
- name: Remove default varnish configuration files
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
state: absent
|
|
loop:
|
|
- /etc/default/varnish
|
|
- /etc/default/varnishncsa
|
|
- /etc/default/varnishlog
|
|
notify: reload varnish
|
|
tags:
|
|
- varnish
|
|
- config
|
|
|
|
- name: Copy Custom Varnish ExecReload script (Debian < 10)
|
|
ansible.builtin.template:
|
|
src: "reload-vcl.sh.j2"
|
|
dest: "/etc/varnish/reload-vcl.sh"
|
|
mode: "0700"
|
|
owner: root
|
|
group: root
|
|
when: ansible_distribution_major_version is version('10', '<')
|
|
notify: reload varnish
|
|
tags:
|
|
- varnish
|
|
|
|
- name: Create a system config directory for systemd overrides
|
|
ansible.builtin.file:
|
|
path: /etc/systemd/system/varnish.service.d
|
|
state: directory
|
|
tags:
|
|
- varnish
|
|
- config
|
|
|
|
- name: Remove legacy systemd override
|
|
ansible.builtin.file:
|
|
path: /etc/systemd/system/varnish.service.d/evolinux.conf
|
|
state: absent
|
|
notify:
|
|
- reload systemd
|
|
tags:
|
|
- varnish
|
|
- config
|
|
|
|
- name: Varnish systemd override template (Varnish 4 and 5)
|
|
ansible.builtin.set_fact:
|
|
varnish_systemd_override_template: override.conf.varnish4.j2
|
|
when:
|
|
- varnish_package_facts['version'] is version('4', '>=')
|
|
- varnish_package_facts['version'] is version('6', '<')
|
|
- varnish_systemd_override_template is none or varnish_systemd_override_template | length == 0
|
|
tags:
|
|
- varnish
|
|
- config
|
|
- update-config
|
|
|
|
- name: Varnish systemd override template (Varnish 6)
|
|
ansible.builtin.set_fact:
|
|
varnish_systemd_override_template: override.conf.varnish6.j2
|
|
when:
|
|
- varnish_package_facts['version'] is version('6', '>=')
|
|
- varnish_package_facts['version'] is version('7', '<')
|
|
- varnish_systemd_override_template is none or varnish_systemd_override_template | length == 0
|
|
tags:
|
|
- varnish
|
|
- config
|
|
- update-config
|
|
|
|
- name: Varnish systemd override template (Varnish 7 and later)
|
|
ansible.builtin.set_fact:
|
|
varnish_systemd_override_template: override.conf.varnish7.j2
|
|
when:
|
|
- varnish_package_facts['version'] is version('7', '>=')
|
|
- varnish_systemd_override_template is none or varnish_systemd_override_template | length == 0
|
|
tags:
|
|
- varnish
|
|
- config
|
|
- update-config
|
|
|
|
- name: Override Varnish systemd unit
|
|
ansible.builtin.template:
|
|
src: "{{ varnish_systemd_override_template }}"
|
|
dest: /etc/systemd/system/varnish.service.d/override.conf
|
|
force: true
|
|
notify:
|
|
- reload systemd
|
|
- restart varnish
|
|
tags:
|
|
- varnish
|
|
- config
|
|
- update-config
|
|
|
|
- name: Patch logrotate conf
|
|
ansible.builtin.replace:
|
|
name: /etc/logrotate.d/varnish
|
|
regexp: '^(\s+)(/usr/sbin/invoke-rc.d {{ item }}.*)'
|
|
replace: '\1systemctl -q is-active {{ item }} && \2'
|
|
loop:
|
|
- varnishlog
|
|
- varnishncsa
|
|
tags:
|
|
- varnish
|
|
- logrotate
|
|
|
|
- name: Copy Varnish configuration
|
|
ansible.builtin.template:
|
|
src: "{{ item }}"
|
|
dest: "{{ varnish_config_file }}"
|
|
mode: "0644"
|
|
force: true
|
|
when: varnish_update_config | bool
|
|
loop: "{{ query('first_found', templates) }}"
|
|
vars:
|
|
templates:
|
|
- "templates/varnish/varnish.{{ inventory_hostname }}.vcl.j2"
|
|
- "templates/varnish/default.{{ inventory_hostname }}.vcl.j2"
|
|
- "templates/varnish/varnish.{{ host_group | default('all') }}.vcl.j2"
|
|
- "templates/varnish/default.{{ host_group | default('all') }}.vcl.j2"
|
|
- "templates/varnish/varnish.default.vcl.j2"
|
|
- "templates/varnish/default.default.vcl.j2"
|
|
- "templates/varnish.vcl.j2"
|
|
- "templates/default.vcl.j2"
|
|
notify: reload varnish
|
|
tags:
|
|
- varnish
|
|
- config
|
|
- update-config
|
|
|
|
- name: Create Varnish config dir
|
|
ansible.builtin.file:
|
|
path: /etc/varnish/conf.d
|
|
state: directory
|
|
mode: "0755"
|
|
tags:
|
|
- varnish
|
|
- config
|
|
- update-config
|
|
|
|
- name: Copy included Varnish config
|
|
ansible.builtin.template:
|
|
src: "{{ item }}"
|
|
dest: /etc/varnish/conf.d/
|
|
force: true
|
|
mode: "0644"
|
|
with_fileglob:
|
|
- "templates/varnish/conf.d/*.vcl"
|
|
notify: reload varnish
|
|
tags:
|
|
- varnish
|
|
- config
|
|
- update-config
|
|
|
|
# To validate the configuration, we must use a tmp directory that is mounted as exec
|
|
# We usually use /vat/tmp-cache then validate the syntax with this command:
|
|
# sudo -u vcache TMPDIR=/var/tmp-vcache varnishd -Cf /etc/varnish/default.vcl > /dev/null
|
|
- name: Special tmp directory
|
|
ansible.builtin.file:
|
|
path: "{{ varnish_tmp_dir }}"
|
|
state: directory
|
|
owner: vcache
|
|
group: varnish
|
|
mode: "0750"
|
|
|
|
- ansible.builtin.include: munin.yml
|