diff --git a/site.yml b/site.yml index f548ad3..b174361 100644 --- a/site.yml +++ b/site.yml @@ -15,6 +15,7 @@ - include: web/fastcgi.yml - include: web/git.yml - include: web/mysql.yml + - include: web/nginx-passenger.yml - include: web/php.yml - include: web/postgresql.yml - include: web/ruby.yml @@ -25,4 +26,5 @@ handlers: - include: web/mysql-handlers.yml + - include: web/nginx-passenger-handlers.yml - include: web/postgresql-handlers.yml diff --git a/web/nginx-passenger-handlers.yml b/web/nginx-passenger-handlers.yml new file mode 100644 index 0000000..4577e0e --- /dev/null +++ b/web/nginx-passenger-handlers.yml @@ -0,0 +1,4 @@ +--- + +- name: Restart Nginx + service: name=nginx state=restarted diff --git a/web/nginx-passenger.yml b/web/nginx-passenger.yml new file mode 100644 index 0000000..e858a88 --- /dev/null +++ b/web/nginx-passenger.yml @@ -0,0 +1,45 @@ +--- + +- name: Add Passenger apt repo key + apt_key: keyserver=keyserver.ubuntu.com id=561F9B9CAC40B2F7 + +- name: Add Passenger repo to apt + copy: src=web/nginx-passenger/nginx-passenger.list + dest=/etc/apt/sources.list.d/nginx-passenger.list + mode=0600 + when: ansible_distribution_release == "trusty" + +- name: Install Nginx and passenger packages + apt: name={{ item }} update_cache=yes + with_items: + - nginx-extras + - passenger + +- name: Change Nginx user + lineinfile: regexp='^user' line='user deploy;' + dest=/etc/nginx/nginx.conf + notify: Restart Nginx + +- name: Configure Nginx gzip and enable passenger + lineinfile: backup=yes state=present dest='/etc/nginx/nginx.conf' + regexp='{{ item.regexp }}' backrefs=yes line='{{ item.line }}' + with_items: + - { regexp: '# gzip_vary', line: ' gzip_vary on;' } + - { regexp: '# gzip_proxied', line: ' gzip_proxied any;' } + - { regexp: '# gzip_comp_level', line: ' gzip_comp_level 6;' } + - { regexp: '# gzip_buffers', line: ' gzip_buffers 16 8k;' } + - { regexp: '# gzip_http_version', line: ' gzip_http_version 1.1;' } + - { regexp: '# gzip_types', line: ' gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;' } + - { regexp: '# passenger_root', line: ' passenger_root /usr/lib/ruby/vendor_ruby/phusion_passenger/locations.ini;' } + - { regexp: '# passenger_ruby', line: ' passenger_ruby /usr/bin/ruby;' } + notify: Restart Nginx + +- name: Check if Map variable for ssl connection exists + shell: cat /etc/nginx/nginx.conf + register: nginx_conf_content + +- name: Map variable for ssl conection + lineinfile: "backup=yes state=present dest=/etc/nginx/nginx.conf + insertafter='http {' line=' # Detect when HTTPS is used\n map $scheme $fastcgi_https {\n default off;\n https on;\n }'" + when: '"Detect when HTTPS is used" not in nginx_conf_content.stdout' + notify: Restart Nginx diff --git a/web/nginx-passenger/nginx-passenger.list b/web/nginx-passenger/nginx-passenger.list new file mode 100644 index 0000000..49092b1 --- /dev/null +++ b/web/nginx-passenger/nginx-passenger.list @@ -0,0 +1 @@ +deb https://oss-binaries.phusionpassenger.com/apt/passenger trusty main