openstack-ansible-os_keystone/tasks/keystone_nginx.yml
Matthew Thode f4bf2620fb
add gentoo support to keystone
need to drop our own nginx.conf, should probably be abstracted somewhere
other than keystone.

Change-Id: If2e8825d6d7a9a76853fd09fcba9148762d73c10
2019-02-26 09:04:07 -06:00

96 lines
2.7 KiB
YAML

---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
- name: Ensure Apache is not running
service:
name: "{{ keystone_system_service_name }}"
state: stopped
failed_when: false
- name: Disable default configuration
file:
path: /etc/nginx/sites-enabled/default
state: absent
notify:
- Manage LB
- Restart web server
# TODO(cloudnull):
# This is to cater for Q-R, R-S upgrades and can be removed in T
- name: Remove legacy nginx config
file:
path: /etc/nginx/sites-enabled/keystone-wsgi-admin.conf
state: absent
notify:
- Manage LB
- Restart web server
- name: Ensure configuration directories exist
file:
path: "{{ item }}"
state: directory
with_items:
- "/etc/nginx/{{ keystone_nginx_conf_path }}"
- "/etc/nginx/conf.d"
- name: Configure custom nginx log format
copy:
# NOTE(odyssey4me):
# To cater for the situation where there are no containers, or
# nginx is shared in some way, it's better to add custom directives
# for nginx.conf into a conf.d file. That way it's never overwritten.
content: |
# Ansible managed
log_format custom '{{ keystone_nginx_access_log_format_combined }} {{ keystone_nginx_access_log_format_extras }}';
dest: "/etc/nginx/conf.d/custom_log.conf"
notify:
- Manage LB
- Restart web server
# NOTE(prometheanfire): Nginx needs to be told to load configs from keystone_nginx_conf_path
- name: Configure nginx.conf
copy:
src: nginx.conf
dest: /etc/nginx/nginx.conf
mode: "0644"
group: root
owner: root
when:
- ansible_pkg_mgr == 'portage'
notify:
- Manage LB
- Restart web server
# Configure app
- name: Configure virtual hosts
template:
src: keystone_nginx.conf.j2
dest: "/etc/nginx/{{ keystone_nginx_conf_path }}/{{ item }}.conf"
with_items: "{{ keystone_services.keys() | list }}"
notify:
- Manage LB
- Restart web server
- name: Link to enable virtual hosts
file:
src: "/etc/nginx/sites-available/{{ item }}.conf"
path: "/etc/nginx/sites-enabled/{{ item }}.conf"
state: link
with_items: "{{ keystone_services.keys() | list }}"
when: ansible_os_family == "Debian"
notify:
- Manage LB
- Restart web server