aboutsummaryrefslogtreecommitdiffstats
path: root/roles/nginx
diff options
context:
space:
mode:
authorGravatar Chris Lovering <[email protected]>2023-06-01 22:40:36 +0100
committerGravatar ChrisJL <[email protected]>2023-07-24 14:42:09 +0100
commit0d8bb6829dfe9358ad29ac7f0bf9ef80fd553e3d (patch)
tree5b586b477335e08d5f8b6e9f62f59599c1c2cade /roles/nginx
parentRemove bad default fail2ban ignore IP (diff)
Re-add previous ansible roles
Co-authored-by: Hassan Abouelela <[email protected]> Co-authored-by: Johannes Christ <[email protected]> Co-authored-by: Joe Banks <[email protected]> Co-authored-by: MarkKoz <[email protected]>
Diffstat (limited to 'roles/nginx')
-rw-r--r--roles/nginx/README.md3
-rw-r--r--roles/nginx/files/default_server.conf24
-rw-r--r--roles/nginx/handlers/main.yml7
-rw-r--r--roles/nginx/tasks/main.yml21
4 files changed, 55 insertions, 0 deletions
diff --git a/roles/nginx/README.md b/roles/nginx/README.md
new file mode 100644
index 0000000..9961a69
--- /dev/null
+++ b/roles/nginx/README.md
@@ -0,0 +1,3 @@
+# Role "nginx"
+
+Installs nginx on target hosts and provides a handler for reloading nginx, for instance on configuration change.
diff --git a/roles/nginx/files/default_server.conf b/roles/nginx/files/default_server.conf
new file mode 100644
index 0000000..13e74a0
--- /dev/null
+++ b/roles/nginx/files/default_server.conf
@@ -0,0 +1,24 @@
+# Managed by Ansible
+server {
+ listen 443 ssl http2 default_server;
+
+ ssl_certificate /etc/letsencrypt/live/pydis.wtf/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/pydis.wtf/privkey.pem;
+
+ location / {
+ set_by_lua_block $url {
+ local urls = {
+ "https://fasterthanli.me/articles/i-want-off-mr-golangs-wild-ride",
+ "https://en.wikipedia.org/wiki/Tax_evasion",
+ "https://jchri.st/blog/apfs-sadness-on-macos-big-sur.html",
+ "https://cdn.discordapp.com/attachments/675756741417369640/852688961516077086/Screenshot_2021-06-11_at_00.21.22.png",
+ "https://news.ycombinator.com/",
+ "https://www.hertfordshire.gov.uk/latest/letchworth-webcam.jpg",
+ "https://media.discordapp.net/attachments/922169059175444501/952929630459924501/1svkf3xto3n61.png"
+ }
+ return urls [ math.random(#urls) ]
+ }
+
+ return 302 $url;
+ }
+}
diff --git a/roles/nginx/handlers/main.yml b/roles/nginx/handlers/main.yml
new file mode 100644
index 0000000..376d85a
--- /dev/null
+++ b/roles/nginx/handlers/main.yml
@@ -0,0 +1,7 @@
+---
+- name: reload the nginx service
+ service:
+ name: nginx
+ state: reloaded
+ tags:
+ - role::nginx
diff --git a/roles/nginx/tasks/main.yml b/roles/nginx/tasks/main.yml
new file mode 100644
index 0000000..3419cb3
--- /dev/null
+++ b/roles/nginx/tasks/main.yml
@@ -0,0 +1,21 @@
+---
+- name: Install NGINX & modules
+ package:
+ name:
+ - nginx
+ - libnginx-mod-http-lua
+ state: present
+ tags:
+ - role::nginx
+
+- name: Copy NGINX default config
+ copy:
+ src: default_server.conf
+ dest: /etc/nginx/conf.d/default_server.conf
+ group: root
+ owner: root
+ mode: 0644
+ tags:
+ - role::nginx
+ notify:
+ - reload the nginx service
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-26 23:16:59 +0000