openstack/openstack-ansible-os_keystone
Code Issues Proposed changes
openstack-ansible-os_keystone/tasks/keystone_nginx.yml
Jonathan Rosser 0f2b8e16c9 Remove references to unsupported operating systems 
All references to Gentoo, SUSE, Debian stretch and Centos-7  are removed.
Conditional tasks, ternary operators and variables are simplified where possible
OS specific variables files are generalised where possible

Change-Id: I1624730385a7b54cf36a94d313cc298430129736
2021-03-10 12:16:38 +00:00

96 lines
2.8 KiB
YAML
Raw Blame History

---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Ensure Apache is not running
service:
name: "{{ keystone_system_service_name }}"
state: stopped
failed_when: false
when: ('horizon_all' in groups and inventory_hostname not in groups['horizon_all']) or ('horizon_all' not in groups)
- name: Disable default configuration
file:
path: /etc/nginx/sites-enabled/default
state: absent
notify:
- Manage LB
- Restart web server
- name: Remove default nginx config
file:
path: /etc/nginx/conf.d/default.conf
state: absent
notify:
- Manage LB
- Restart web server
- name: Ensure configuration directories exist
file:
path: "{{ item }}"
state: directory
with_items:
- "/etc/nginx/{{ keystone_nginx_conf_path }}"
- "/etc/nginx/conf.d"
- name: Configure custom nginx log format
copy:
# NOTE(odyssey4me):
# To cater for the situation where there are no containers, or
# nginx is shared in some way, it's better to add custom directives
# for nginx.conf into a conf.d file. That way it's never overwritten.
content: |
# Ansible managed
log_format custom '{{ keystone_nginx_access_log_format_combined }} {{ keystone_nginx_access_log_format_extras }}';
dest: "/etc/nginx/conf.d/custom_log.conf"
notify:
- Manage LB
- Restart web server
# Configure app
- name: Configure virtual hosts
template:
src: keystone_nginx.conf.j2
dest: "/etc/nginx/{{ keystone_nginx_conf_path }}/{{ item }}.conf"
with_items: "{{ keystone_services.keys() | list }}"
notify:
- Manage LB
- Restart web server
- name: Link to enable virtual hosts
file:
src: "/etc/nginx/sites-available/{{ item }}.conf"
path: "/etc/nginx/sites-enabled/{{ item }}.conf"
state: link
with_items: "{{ keystone_services.keys() | list }}"
when: ansible_facts['os_family'] == "Debian"
notify:
- Manage LB
- Restart web server
- name: Ensure nginx does not listen on 80 port
replace:
path: /etc/nginx/nginx.conf
regexp: "{{ item.regexp }}"
replace: "{{ item.replace }}"
validate: nginx -t -c %s
with_items:
- regexp: '(\s+listen\s+)[\[,\],:]+80'
replace: '\1 [::1]:8008'
- regexp: '(\s+listen\s+)80'
replace: '\1 127.0.0.1:8008'
notify:
- Manage LB
- Restart web server
View Git Blame Copy Permalink