Create Nginx playbook

- Install nginx and passenger, add repos and key. - Configure gzip and Passenger for Nginx. - Map https connections in Nginx. Fixes #16 Closes #38
simbora · Apr 8, 2015 · e0ae1a0 · e0ae1a0
1 parent 3622e7b
commit e0ae1a0
Show file tree

Hide file tree

Showing 4 changed files with 52 additions and 0 deletions.
diff --git a/site.yml b/site.yml
@@ -15,6 +15,7 @@
     - include: web/fastcgi.yml
     - include: web/git.yml
     - include: web/mysql.yml
+    - include: web/nginx-passenger.yml
     - include: web/php.yml
     - include: web/postgresql.yml
     - include: web/ruby.yml
@@ -25,4 +26,5 @@
 
   handlers:
     - include: web/mysql-handlers.yml
+    - include: web/nginx-passenger-handlers.yml
     - include: web/postgresql-handlers.yml
diff --git a/web/nginx-passenger-handlers.yml b/web/nginx-passenger-handlers.yml
@@ -0,0 +1,4 @@
+---
+
+- name: Restart Nginx
+  service: name=nginx state=restarted
diff --git a/web/nginx-passenger.yml b/web/nginx-passenger.yml
@@ -0,0 +1,45 @@
+---
+
+- name: Add Passenger apt repo key
+  apt_key: keyserver=keyserver.ubuntu.com id=561F9B9CAC40B2F7
+
+- name: Add Passenger repo to apt
+  copy: src=web/nginx-passenger/nginx-passenger.list
+    dest=/etc/apt/sources.list.d/nginx-passenger.list
+    mode=0600
+  when: ansible_distribution_release == "trusty"
+
+- name: Install Nginx and passenger packages
+  apt: name={{ item }} update_cache=yes
+  with_items:
+    - nginx-extras
+    - passenger
+
+- name: Change Nginx user
+  lineinfile: regexp='^user' line='user deploy;'
+    dest=/etc/nginx/nginx.conf
+  notify: Restart Nginx
+
+- name: Configure Nginx gzip and enable passenger
+  lineinfile: backup=yes state=present dest='/etc/nginx/nginx.conf'
+    regexp='{{ item.regexp }}' backrefs=yes line='{{ item.line }}'
+  with_items:
+    - { regexp: '# gzip_vary', line: '        gzip_vary on;' }
+    - { regexp: '# gzip_proxied', line: '        gzip_proxied any;' }
+    - { regexp: '# gzip_comp_level', line: '        gzip_comp_level 6;' }
+    - { regexp: '# gzip_buffers', line: '        gzip_buffers 16 8k;' }
+    - { regexp: '# gzip_http_version', line: '        gzip_http_version 1.1;' }
+    - { regexp: '# gzip_types', line: '        gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;' }
+    - { regexp: '# passenger_root', line: '        passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;' }
+    - { regexp: '# passenger_ruby', line: '        passenger_ruby /usr/bin/ruby;' }
+  notify: Restart Nginx
+
+- name: Check if Map variable for ssl connection exists
+  shell: cat /etc/nginx/nginx.conf
+  register: nginx_conf_content
+
+- name: Map variable for ssl conection
+  lineinfile: "backup=yes state=present dest=/etc/nginx/nginx.conf
+    insertafter='http {' line='        # Detect when HTTPS is used\n        map $scheme $fastcgi_https {\n            default off;\n            https on;\n        }'"
+  when: '"Detect when HTTPS is used" not in nginx_conf_content.stdout'
+  notify: Restart Nginx
diff --git a/web/nginx-passenger/nginx-passenger.list b/web/nginx-passenger/nginx-passenger.list
@@ -0,0 +1 @@
+deb https://oss-binaries.phusionpassenger.com/apt/passenger trusty main
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		deb https://oss-binaries.phusionpassenger.com/apt/passenger trusty main