forked from evolix/ansible-roles
Nginx: snippets are managed separately
This commit is contained in:
parent
27ca3e204a
commit
b33ae06ee6
|
@ -21,15 +21,15 @@
|
||||||
# not too strict for private_ipaddr_whitelist
|
# not too strict for private_ipaddr_whitelist
|
||||||
# and not too loose for private_htpasswd
|
# and not too loose for private_htpasswd
|
||||||
|
|
||||||
- name: Copy snippets
|
- name: Copy private_ipaddr_whitelist
|
||||||
copy:
|
copy:
|
||||||
src: nginx/snippets/
|
src: nginx/snippets/private_ipaddr_whitelist
|
||||||
dest: /etc/nginx/snippets/
|
dest: /etc/nginx/snippets/private_ipaddr_whitelist
|
||||||
owner: www-data
|
owner: www-data
|
||||||
group: www-data
|
group: www-data
|
||||||
directory_mode: 0640
|
directory_mode: 0640
|
||||||
mode: 0640
|
mode: 0640
|
||||||
# force: yes
|
force: no
|
||||||
notify: reload nginx
|
notify: reload nginx
|
||||||
tags:
|
tags:
|
||||||
- nginx
|
- nginx
|
||||||
|
@ -40,6 +40,7 @@
|
||||||
line: "allow {{ item }};"
|
line: "allow {{ item }};"
|
||||||
state: present
|
state: present
|
||||||
with_items: "{{ nginx_private_ipaddr_whitelist_present }}"
|
with_items: "{{ nginx_private_ipaddr_whitelist_present }}"
|
||||||
|
notify: reload nginx
|
||||||
|
|
||||||
- name: remove IP addresses from private IP whitelist
|
- name: remove IP addresses from private IP whitelist
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -47,6 +48,20 @@
|
||||||
line: "allow {{ item }};"
|
line: "allow {{ item }};"
|
||||||
state: absent
|
state: absent
|
||||||
with_items: "{{ nginx_private_ipaddr_whitelist_absent }}"
|
with_items: "{{ nginx_private_ipaddr_whitelist_absent }}"
|
||||||
|
notify: reload nginx
|
||||||
|
|
||||||
|
- name: Copy private_htpasswd
|
||||||
|
copy:
|
||||||
|
src: nginx/snippets/private_htpasswd
|
||||||
|
dest: /etc/nginx/snippets/private_htpasswd
|
||||||
|
owner: www-data
|
||||||
|
group: www-data
|
||||||
|
directory_mode: 0640
|
||||||
|
mode: 0640
|
||||||
|
force: no
|
||||||
|
notify: reload nginx
|
||||||
|
tags:
|
||||||
|
- nginx
|
||||||
|
|
||||||
- name: add user:pwd to private htpasswd
|
- name: add user:pwd to private htpasswd
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -54,6 +69,7 @@
|
||||||
line: "{{ item }}"
|
line: "{{ item }}"
|
||||||
state: present
|
state: present
|
||||||
with_items: "{{ nginx_private_htpasswd_present }}"
|
with_items: "{{ nginx_private_htpasswd_present }}"
|
||||||
|
notify: reload nginx
|
||||||
|
|
||||||
- name: remove user:pwd from private htpasswd
|
- name: remove user:pwd from private htpasswd
|
||||||
lineinfile:
|
lineinfile:
|
||||||
|
@ -61,6 +77,7 @@
|
||||||
line: "{{ item }}"
|
line: "{{ item }}"
|
||||||
state: absent
|
state: absent
|
||||||
with_items: "{{ nginx_private_htpasswd_absent }}"
|
with_items: "{{ nginx_private_htpasswd_absent }}"
|
||||||
|
notify: reload nginx
|
||||||
|
|
||||||
- name: Check if a certificate is present for default site
|
- name: Check if a certificate is present for default site
|
||||||
stat:
|
stat:
|
||||||
|
|
Loading…
Reference in a new issue