Merge branch 'server-status-suffix' into unstable
This commit is contained in:
commit
316fabeabe
|
@ -12,6 +12,7 @@ apache_evolinux_default_ssl_cert: /etc/ssl/certs/ssl-cert-snakeoil.pem
|
||||||
apache_evolinux_default_ssl_key: /etc/ssl/private/ssl-cert-snakeoil.key
|
apache_evolinux_default_ssl_key: /etc/ssl/private/ssl-cert-snakeoil.key
|
||||||
|
|
||||||
apache_serverstatus_suffix: ""
|
apache_serverstatus_suffix: ""
|
||||||
|
apache_serverstatus_suffix_file: "/etc/evolinux/apache_serverstatus_suffix"
|
||||||
|
|
||||||
apache_log2mail_include: True
|
apache_log2mail_include: True
|
||||||
apache_munin_include: True
|
apache_munin_include: True
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
mode: "0640"
|
mode: "0640"
|
||||||
force: no
|
force: no
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: add IP addresses to private IP whitelist
|
- name: add IP addresses to private IP whitelist
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -19,7 +19,7 @@
|
||||||
with_items: "{{ apache_ipaddr_whitelist_present }}"
|
with_items: "{{ apache_ipaddr_whitelist_present }}"
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: remove IP addresses from private IP whitelist
|
- name: remove IP addresses from private IP whitelist
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -29,7 +29,7 @@
|
||||||
with_items: "{{ apache_ipaddr_whitelist_absent }}"
|
with_items: "{{ apache_ipaddr_whitelist_absent }}"
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: include private IP whitelist for server-status
|
- name: include private IP whitelist for server-status
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -38,7 +38,7 @@
|
||||||
insertafter: 'SetHandler server-status'
|
insertafter: 'SetHandler server-status'
|
||||||
state: present
|
state: present
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: Copy private_htpasswd
|
- name: Copy private_htpasswd
|
||||||
copy:
|
copy:
|
||||||
|
@ -50,7 +50,7 @@
|
||||||
force: no
|
force: no
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: add user:pwd to private htpasswd
|
- name: add user:pwd to private htpasswd
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -60,7 +60,7 @@
|
||||||
with_items: "{{ apache_private_htpasswd_present }}"
|
with_items: "{{ apache_private_htpasswd_present }}"
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: remove user:pwd from private htpasswd
|
- name: remove user:pwd from private htpasswd
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -70,4 +70,4 @@
|
||||||
with_items: "{{ apache_private_htpasswd_absent }}"
|
with_items: "{{ apache_private_htpasswd_absent }}"
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
|
@ -4,6 +4,8 @@
|
||||||
apt:
|
apt:
|
||||||
name: log2mail
|
name: log2mail
|
||||||
state: present
|
state: present
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
||||||
- name: Add log2mail config for Apache segfaults
|
- name: Add log2mail config for Apache segfaults
|
||||||
template:
|
template:
|
||||||
|
@ -13,3 +15,5 @@
|
||||||
group: adm
|
group: adm
|
||||||
mode: "0644"
|
mode: "0644"
|
||||||
force: no
|
force: no
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
|
@ -5,14 +5,14 @@
|
||||||
name: '{{ item }}'
|
name: '{{ item }}'
|
||||||
state: present
|
state: present
|
||||||
with_items:
|
with_items:
|
||||||
- apache2
|
- apache2
|
||||||
- libapache2-mpm-itk
|
- libapache2-mpm-itk
|
||||||
- libapache2-mod-evasive
|
- libapache2-mod-evasive
|
||||||
- apachetop
|
- apachetop
|
||||||
- libwww-perl
|
- libwww-perl
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
- packages
|
- packages
|
||||||
when: ansible_distribution_major_version | version_compare('9', '>=')
|
when: ansible_distribution_major_version | version_compare('9', '>=')
|
||||||
|
|
||||||
- name: packages are installed (jessie)
|
- name: packages are installed (jessie)
|
||||||
|
@ -20,13 +20,13 @@
|
||||||
name: '{{ item }}'
|
name: '{{ item }}'
|
||||||
state: present
|
state: present
|
||||||
with_items:
|
with_items:
|
||||||
- apache2-mpm-itk
|
- apache2-mpm-itk
|
||||||
- libapache2-mod-evasive
|
- libapache2-mod-evasive
|
||||||
- apachetop
|
- apachetop
|
||||||
- libwww-perl
|
- libwww-perl
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
- packages
|
- packages
|
||||||
when: ansible_distribution_release == "jessie"
|
when: ansible_distribution_release == "jessie"
|
||||||
|
|
||||||
- name: basic modules are enabled
|
- name: basic modules are enabled
|
||||||
|
@ -34,17 +34,21 @@
|
||||||
name: '{{ item }}'
|
name: '{{ item }}'
|
||||||
state: present
|
state: present
|
||||||
with_items:
|
with_items:
|
||||||
- rewrite
|
- rewrite
|
||||||
- expires
|
- expires
|
||||||
- headers
|
- headers
|
||||||
- cgi
|
- cgi
|
||||||
- ssl
|
- ssl
|
||||||
- include
|
- include
|
||||||
- negotiation
|
- negotiation
|
||||||
- alias
|
- alias
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
|
- include: server_status.yml
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
||||||
- name: Copy Apache defaults config file
|
- name: Copy Apache defaults config file
|
||||||
copy:
|
copy:
|
||||||
|
@ -75,19 +79,23 @@
|
||||||
dest: /etc/apache2/mods-enabled/status.conf
|
dest: /etc/apache2/mods-enabled/status.conf
|
||||||
state: absent
|
state: absent
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
||||||
- name: Ensure Apache config files are enabled
|
- name: Ensure Apache config files are enabled
|
||||||
command: "a2enconf {{ item }}"
|
command: "a2enconf {{ item }}"
|
||||||
register: command_result
|
register: command_result
|
||||||
changed_when: "'Enabling' in command_result.stderr"
|
changed_when: "'Enabling' in command_result.stderr"
|
||||||
with_items:
|
with_items:
|
||||||
- z-evolinux-defaults.conf
|
- z-evolinux-defaults.conf
|
||||||
- zzz-evolinux-custom.conf
|
- zzz-evolinux-custom.conf
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- include: auth.yml
|
- include: auth.yml
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
||||||
- name: default vhost is installed
|
- name: default vhost is installed
|
||||||
template:
|
template:
|
||||||
|
@ -97,7 +105,7 @@
|
||||||
force: no
|
force: no
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: default vhost is enabled
|
- name: default vhost is enabled
|
||||||
file:
|
file:
|
||||||
|
@ -108,7 +116,7 @@
|
||||||
notify: reload apache
|
notify: reload apache
|
||||||
when: apache_evolinux_default_enabled
|
when: apache_evolinux_default_enabled
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: is umask already present?
|
- name: is umask already present?
|
||||||
command: "grep -E '^umask ' /etc/apache2/envvars"
|
command: "grep -E '^umask ' /etc/apache2/envvars"
|
||||||
|
@ -117,7 +125,7 @@
|
||||||
register: envvar_grep_umask
|
register: envvar_grep_umask
|
||||||
check_mode: no
|
check_mode: no
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: Add a mark in envvars for umask
|
- name: Add a mark in envvars for umask
|
||||||
blockinfile:
|
blockinfile:
|
||||||
|
@ -129,12 +137,12 @@
|
||||||
umask 007
|
umask 007
|
||||||
when: envvar_grep_umask.rc != 0
|
when: envvar_grep_umask.rc != 0
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- include_role:
|
- include_role:
|
||||||
name: remount-usr
|
name: remount-usr
|
||||||
tags:
|
tags:
|
||||||
- apache
|
- apache
|
||||||
|
|
||||||
- name: "Install save_apache_status.sh"
|
- name: "Install save_apache_status.sh"
|
||||||
copy:
|
copy:
|
||||||
|
@ -142,9 +150,15 @@
|
||||||
dest: /usr/share/scripts/save_apache_status.sh
|
dest: /usr/share/scripts/save_apache_status.sh
|
||||||
mode: "0755"
|
mode: "0755"
|
||||||
force: no
|
force: no
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
||||||
- include: log2mail.yml
|
- include: log2mail.yml
|
||||||
when: apache_log2mail_include
|
when: apache_log2mail_include
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
||||||
- include: munin.yml
|
- include: munin.yml
|
||||||
when: apache_munin_include
|
when: apache_munin_include
|
||||||
|
tags:
|
||||||
|
- apache
|
||||||
|
|
29
apache/tasks/server_status.yml
Normal file
29
apache/tasks/server_status.yml
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: set apache serverstatus suffix if provided
|
||||||
|
shell: "echo {{ apache_serverstatus_suffix }} > {{ apache_serverstatus_suffix_file }}"
|
||||||
|
when: apache_serverstatus_suffix != ""
|
||||||
|
|
||||||
|
- name: generate random string for server-status suffix
|
||||||
|
shell: "apg -a 1 -M N -n 1 > {{ apache_serverstatus_suffix_file }}"
|
||||||
|
args:
|
||||||
|
creates: "{{ apache_serverstatus_suffix_file }}"
|
||||||
|
|
||||||
|
- name: read apache server status suffix
|
||||||
|
command: "tail -n 1 {{ apache_serverstatus_suffix_file }}"
|
||||||
|
changed_when: False
|
||||||
|
check_mode: no
|
||||||
|
register: new_apache_serverstatus_suffix
|
||||||
|
|
||||||
|
- name: overwrite apache_serverstatus_suffix
|
||||||
|
set_fact:
|
||||||
|
apache_serverstatus_suffix: "{{ new_apache_serverstatus_suffix.stdout }}"
|
||||||
|
|
||||||
|
- debug:
|
||||||
|
var: apache_serverstatus_suffix
|
||||||
|
|
||||||
|
- name: replace server-status suffix in default site index
|
||||||
|
replace:
|
||||||
|
dest: /var/www/index.html
|
||||||
|
regexp: '__SERVERSTATUS_SUFFIX__'
|
||||||
|
replace: "{{ apache_serverstatus_suffix }}"
|
|
@ -53,7 +53,7 @@
|
||||||
</Location>
|
</Location>
|
||||||
|
|
||||||
<IfModule mod_status.c>
|
<IfModule mod_status.c>
|
||||||
<Location /server-status>
|
<Location /server-status-{{ apache_serverstatus_suffix | mandatory }}>
|
||||||
SetHandler server-status
|
SetHandler server-status
|
||||||
include /etc/apache2/ipaddr_whitelist.conf
|
include /etc/apache2/ipaddr_whitelist.conf
|
||||||
Require local
|
Require local
|
||||||
|
@ -112,7 +112,7 @@
|
||||||
LogLevel warn
|
LogLevel warn
|
||||||
|
|
||||||
<IfModule mod_status.c>
|
<IfModule mod_status.c>
|
||||||
<Location /server-status>
|
<Location /server-status-{{ apache_serverstatus_suffix | mandatory }}>
|
||||||
SetHandler server-status
|
SetHandler server-status
|
||||||
include /etc/apache2/ipaddr_whitelist.conf
|
include /etc/apache2/ipaddr_whitelist.conf
|
||||||
Require local
|
Require local
|
||||||
|
|
|
@ -21,6 +21,10 @@ evolinux_apt_public_sources: True
|
||||||
evolinux_apt_upgrade: True
|
evolinux_apt_upgrade: True
|
||||||
evolinux_apt_remove_aptitude: True
|
evolinux_apt_remove_aptitude: True
|
||||||
|
|
||||||
|
# etc-evolinux
|
||||||
|
|
||||||
|
evolinux_etcevolinux_include: True
|
||||||
|
|
||||||
# etc-git
|
# etc-git
|
||||||
|
|
||||||
evolinux_etcgit_include: True
|
evolinux_etcgit_include: True
|
||||||
|
|
9
evolinux-base/tasks/etc-evolinux.yml
Normal file
9
evolinux-base/tasks/etc-evolinux.yml
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: /etc/evolinux exists
|
||||||
|
file:
|
||||||
|
dest: /etc/evolinux
|
||||||
|
owner: root
|
||||||
|
group: root
|
||||||
|
mode: "0700"
|
||||||
|
state: directory
|
|
@ -19,6 +19,10 @@
|
||||||
name: etc-git
|
name: etc-git
|
||||||
when: evolinux_etcgit_include
|
when: evolinux_etcgit_include
|
||||||
|
|
||||||
|
- name: /etc/evolinux base
|
||||||
|
include: etc-evolinux.yml
|
||||||
|
when: evolinux_etcevolinux_include
|
||||||
|
|
||||||
- name: Hostname
|
- name: Hostname
|
||||||
include: hostname.yml
|
include: hostname.yml
|
||||||
when: evolinux_hostname_include
|
when: evolinux_hostname_include
|
||||||
|
|
|
@ -58,7 +58,7 @@
|
||||||
|
|
||||||
<ul id="evolinks">
|
<ul id="evolinks">
|
||||||
<li><a href="/munin/{{ ansible_domain }}/{{ ansible_fqdn }}/">Stats système</a></li>
|
<li><a href="/munin/{{ ansible_domain }}/{{ ansible_fqdn }}/">Stats système</a></li>
|
||||||
<li><a href="/server-status">Server Status</a></li>
|
<li><a href="/server-status-__SERVERSTATUS_SUFFIX__">Server Status</a></li>
|
||||||
<!-- <li><a href="/phpmyadmin-__PHPMYADMIN_SUFFIX__/">Accès PhpMyAdmin</a></li> -->
|
<!-- <li><a href="/phpmyadmin-__PHPMYADMIN_SUFFIX__/">Accès PhpMyAdmin</a></li> -->
|
||||||
<!-- <li><a href="/mysqlreport.html">Dernier rapport MySQL Tuner</a></li> -->
|
<!-- <li><a href="/mysqlreport.html">Dernier rapport MySQL Tuner</a></li> -->
|
||||||
<!-- <li><a href="/cgi-bin/awstats.pl">Stats web</a></li> -->
|
<!-- <li><a href="/cgi-bin/awstats.pl">Stats web</a></li> -->
|
||||||
|
|
|
@ -16,4 +16,6 @@ nginx_default_redirect_url: "http://evolix.fr"
|
||||||
nginx_evolinux_default_enabled: True
|
nginx_evolinux_default_enabled: True
|
||||||
|
|
||||||
# nginx_phpmyadmin_suffix: ""
|
# nginx_phpmyadmin_suffix: ""
|
||||||
# nginx_serverstatus_suffix: ""
|
|
||||||
|
nginx_serverstatus_suffix: ""
|
||||||
|
nginx_serverstatus_suffix_file: "/etc/evolinux/nginx_serverstatus_suffix"
|
||||||
|
|
|
@ -1,6 +1,10 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
- name: logrotate configuration
|
- name: logrotate configuration
|
||||||
copy:
|
copy:
|
||||||
src: logrotate_nginx
|
src: logrotate_nginx
|
||||||
dest: /etc/logrotate.d/nginx
|
dest: /etc/logrotate.d/nginx
|
||||||
force: no
|
force: no
|
||||||
|
tags:
|
||||||
|
- nginx
|
||||||
|
- logrotate
|
||||||
|
|
|
@ -16,7 +16,7 @@
|
||||||
line: ' worker_connections 1024;'
|
line: ' worker_connections 1024;'
|
||||||
insertafter: 'events \{'
|
insertafter: 'events \{'
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: use epoll
|
- name: use epoll
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -25,7 +25,7 @@
|
||||||
line: ' use epoll;'
|
line: ' use epoll;'
|
||||||
insertafter: 'events \{'
|
insertafter: 'events \{'
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: Install Nginx http configuration
|
- name: Install Nginx http configuration
|
||||||
copy:
|
copy:
|
||||||
|
@ -35,7 +35,7 @@
|
||||||
# force: yes
|
# force: yes
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
# TODO: verify that those permissions are correct :
|
# TODO: verify that those permissions are correct :
|
||||||
# not too strict for ipaddr_whitelist
|
# not too strict for ipaddr_whitelist
|
||||||
|
@ -52,7 +52,7 @@
|
||||||
force: no
|
force: no
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: add IP addresses to private IP whitelist
|
- name: add IP addresses to private IP whitelist
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -62,7 +62,7 @@
|
||||||
with_items: "{{ nginx_ipaddr_whitelist_present }}"
|
with_items: "{{ nginx_ipaddr_whitelist_present }}"
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: remove IP addresses from private IP whitelist
|
- name: remove IP addresses from private IP whitelist
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -72,7 +72,7 @@
|
||||||
with_items: "{{ nginx_ipaddr_whitelist_absent }}"
|
with_items: "{{ nginx_ipaddr_whitelist_absent }}"
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: Copy private_htpasswd
|
- name: Copy private_htpasswd
|
||||||
copy:
|
copy:
|
||||||
|
@ -85,7 +85,7 @@
|
||||||
force: no
|
force: no
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: add user:pwd to private htpasswd
|
- name: add user:pwd to private htpasswd
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -95,7 +95,7 @@
|
||||||
with_items: "{{ nginx_private_htpasswd_present }}"
|
with_items: "{{ nginx_private_htpasswd_present }}"
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: remove user:pwd from private htpasswd
|
- name: remove user:pwd from private htpasswd
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -105,7 +105,11 @@
|
||||||
with_items: "{{ nginx_private_htpasswd_absent }}"
|
with_items: "{{ nginx_private_htpasswd_absent }}"
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
|
- include: server_status.yml
|
||||||
|
tags:
|
||||||
|
- nginx
|
||||||
|
|
||||||
- name: nginx vhost is installed
|
- name: nginx vhost is installed
|
||||||
template:
|
template:
|
||||||
|
@ -115,7 +119,7 @@
|
||||||
force: no
|
force: no
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: default vhost is enabled
|
- name: default vhost is enabled
|
||||||
file:
|
file:
|
||||||
|
@ -126,7 +130,7 @@
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
when: nginx_evolinux_default_enabled
|
when: nginx_evolinux_default_enabled
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
# - block:
|
# - block:
|
||||||
# - name: generate random string for phpmyadmin suffix
|
# - name: generate random string for phpmyadmin suffix
|
||||||
|
@ -168,7 +172,7 @@
|
||||||
enabled: yes
|
enabled: yes
|
||||||
state: started
|
state: started
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: Check if Munin is installed
|
- name: Check if Munin is installed
|
||||||
stat:
|
stat:
|
||||||
|
@ -176,19 +180,19 @@
|
||||||
check_mode: no
|
check_mode: no
|
||||||
register: stat_munin_node
|
register: stat_munin_node
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- include: munin_vhost.yml
|
- include: munin_vhost.yml
|
||||||
when: stat_munin_node.stat.exists
|
when: stat_munin_node.stat.exists
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- include: munin_graphs.yml
|
- include: munin_graphs.yml
|
||||||
when: stat_munin_node.stat.exists
|
when: stat_munin_node.stat.exists
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- munin
|
- munin
|
||||||
|
|
||||||
- include: logrotate.yml
|
- include: logrotate.yml
|
||||||
|
|
|
@ -7,5 +7,5 @@
|
||||||
state: present
|
state: present
|
||||||
notify: restart nginx
|
notify: restart nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- packages
|
- packages
|
||||||
|
|
|
@ -4,8 +4,8 @@
|
||||||
name: apt
|
name: apt
|
||||||
tasks_from: backports.yml
|
tasks_from: backports.yml
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- packages
|
- packages
|
||||||
|
|
||||||
- name: Prefer Nginx packages from jessie-backports
|
- name: Prefer Nginx packages from jessie-backports
|
||||||
copy:
|
copy:
|
||||||
|
@ -15,13 +15,13 @@
|
||||||
mode: "0640"
|
mode: "0640"
|
||||||
register: nginx_apt_preferences
|
register: nginx_apt_preferences
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- packages
|
- packages
|
||||||
|
|
||||||
- name: update apt
|
- name: update apt
|
||||||
apt:
|
apt:
|
||||||
update_cache: yes
|
update_cache: yes
|
||||||
when: nginx_apt_preferences | changed
|
when: nginx_apt_preferences | changed
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
- packages
|
- packages
|
||||||
|
|
29
nginx/tasks/server_status.yml
Normal file
29
nginx/tasks/server_status.yml
Normal file
|
@ -0,0 +1,29 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: set nginx serverstatus suffix if provided
|
||||||
|
shell: "echo {{ nginx_serverstatus_suffix }} > {{ nginx_serverstatus_suffix_file }}"
|
||||||
|
when: nginx_serverstatus_suffix != ""
|
||||||
|
|
||||||
|
- name: generate random string for server-status suffix
|
||||||
|
shell: "apg -a 1 -M N -n 1 > {{ nginx_serverstatus_suffix_file }}"
|
||||||
|
args:
|
||||||
|
creates: "{{ nginx_serverstatus_suffix_file }}"
|
||||||
|
|
||||||
|
- name: read nginx server status suffix
|
||||||
|
command: "tail -n 1 {{ nginx_serverstatus_suffix_file }}"
|
||||||
|
changed_when: False
|
||||||
|
check_mode: no
|
||||||
|
register: new_nginx_serverstatus_suffix
|
||||||
|
|
||||||
|
- name: overwrite nginx_serverstatus_suffix
|
||||||
|
set_fact:
|
||||||
|
nginx_serverstatus_suffix: "{{ new_nginx_serverstatus_suffix.stdout }}"
|
||||||
|
|
||||||
|
- debug:
|
||||||
|
var: nginx_serverstatus_suffix
|
||||||
|
|
||||||
|
- name: replace server-status suffix in default site index
|
||||||
|
replace:
|
||||||
|
dest: /var/www/index.html
|
||||||
|
regexp: '__SERVERSTATUS_SUFFIX__'
|
||||||
|
replace: "{{ nginx_serverstatus_suffix }}"
|
|
@ -48,7 +48,7 @@ server {
|
||||||
listen 80;
|
listen 80;
|
||||||
server_name munin;
|
server_name munin;
|
||||||
|
|
||||||
location /nginx_status {
|
location /nginx_status-{{ nginx_serverstatus_suffix | mandatory }} {
|
||||||
stub_status on;
|
stub_status on;
|
||||||
access_log off;
|
access_log off;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue