Added third party nginx role

galaxy-roles/jdauphant.nginx/.gitignore

@@ -0,0 +1,2 @@
+### Vagrant ###
+.vagrant/

galaxy-roles/jdauphant.nginx/.travis.yml

@@ -0,0 +1,32 @@
+---
+language: python
+python: "2.7"
+before_install:
+ - sudo apt-get update -qq
+ - sudo apt-get install -qq python-apt python-pycurl
+install:
+  - pip install ansible
+  - ansible --version
+script:
+  - echo localhost > inventory
+  - ansible-playbook -i inventory --syntax-check --list-tasks test.yml -e "role_name=ansible-role-nginx" -e "hosts_group=hosts_group"
+  - ansible-playbook -i inventory --connection=local --sudo -vvvv test.yml -u root -e "role_name=ansible-role-nginx" -e "hosts_group=localhost"
+  - >
+      ansible-playbook -i inventory --connection=local --sudo -vvvv test.yml -u root -e "role_name=ansible-role-nginx" -e "hosts_group=localhost"
+      | grep -q 'changed=0.*failed=0'
+      && (echo 'Idempotence test: pass' && exit 0)
+      || (echo 'Idempotence test: fail' && exit 1)
+  - cat /etc/nginx/nginx.conf
+  - cat /etc/nginx/sites-enabled/default.conf
+  - cat /etc/nginx/sites-enabled/foo.conf
+  - cat /etc/nginx/sites-enabled/bar.conf
+  - cat /etc/nginx/conf.d/proxy.conf
+  - cat /etc/nginx/conf.d/upstream.conf
+  - cat /etc/nginx/conf.d/geo.conf
+  - cat /etc/nginx/conf.d/gzip.conf
+  - sudo cat /etc/nginx/auth_basic/demo
+  - sudo nginx -t
+after_script:
+  - ls /etc/nginx/auth_basic/
+  - ls /etc/nginx/conf.d/
+  - ls /etc/nginx/sites-enabled/

galaxy-roles/jdauphant.nginx/README.md

@@ -0,0 +1,240 @@
+nginx
+=====
+
+This role installs and configures the nginx web server. The user can specify
+any http configuration parameters they wish to apply their site. Any number of
+sites can be added with configurations of your choice.
+
+Requirements
+------------
+
+This role requires Ansible 1.4 or higher and platform requirements are listed
+in the metadata file.
+
+Role Variables
+--------------
+
+The variables that can be passed to this role and a brief description about
+them are as follows.
+
+```yaml
+# The user to run nginx
+nginx_user: "www-data"
+
+# A list of directives for the events section.
+nginx_events_params:
+ - worker_connections 512
+ - debug_connection 127.0.0.1
+ - use epoll
+ - multi_accept on
+
+# A list of hashs that define the servers for nginx,
+# as with http parameters. Any valid server parameters
+# can be defined here.
+nginx_sites:
+ default:
+     - listen 80
+     - server_name _
+     - root "/usr/share/nginx/html"
+     - index index.html
+ foo:
+     - listen 8080
+     - server_name localhost
+     - root "/tmp/site1"
+     - location / { try_files $uri $uri/ /index.html; }
+     - location /images/ { try_files $uri $uri/ /index.html; }
+ bar:
+     - listen 9090
+     - server_name ansible
+     - root "/tmp/site2"
+     - location / { try_files $uri $uri/ /index.html; }
+     - location /images/ {
+         try_files $uri $uri/ /index.html;
+         allow 127.0.0.1;
+         deny all;
+       }
+
+# A list of hashs that define additional configuration
+nginx_configs:
+  proxy:
+      - proxy_set_header X-Real-IP  $remote_addr
+      - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for
+  upstream:
+      - upstream foo { server 127.0.0.1:8080 weight=10; }
+  geo:
+      - geo $local {
+          default 0;
+          127.0.0.1 1;
+        }
+  gzip:
+      - gzip on
+      - gzip_disable msie6
+
+# A list of hashs that define user/password files
+nginx_auth_basic_files:
+   demo:
+     - foo:$apr1$mEJqnFmy$zioG2q1iDWvRxbHuNepIh0 # foo:demo , generated by : htpasswd -nb foo demo
+     - bar:$apr1$H2GihkSo$PwBeV8cVWFFQlnAJtvVCQ. # bar:demo , generated by : htpasswd -nb bar demo
+
+```
+
+Examples
+========
+
+1) Install nginx with HTTP directives of choices, but with no sites
+configured and no additionnal configuration:
+
+```yaml
+- hosts: all
+  roles:
+  - {role: nginx,
+     nginx_http_params: ["sendfile on", "access_log /var/log/nginx/access.log"]
+                          }
+```
+
+2) Install nginx with different HTTP directives than previous example, but no
+sites configured and no additionnal configuration.
+
+```yaml
+- hosts: all
+  roles:
+  - {role: nginx,
+     nginx_http_params: ["tcp_nodelay on", "error_log /var/log/nginx/error.log"]}
+```
+
+Note: Please make sure the HTTP directives passed are valid, as this role
+won't check for the validity of the directives. See the nginx documentation
+for details.
+
+3) Install nginx and add a site to the configuration.
+
+```yaml
+- hosts: all
+
+  roles:
+  - role: nginx
+    nginx_http_params:
+      - sendfile "on"
+      - access_log "/var/log/nginx/access.log"
+    nginx_sites:
+      bar:
+        - listen 8080
+        - location / { try_files $uri $uri/ /index.html; }
+        - location /images/ { try_files $uri $uri/ /index.html; }
+    nginx_configs:
+      proxy:
+        - proxy_set_header X-Real-IP  $remote_addr
+        - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for
+```
+
+Note: Each site added is represented by list of hashes, and the configurations
+generated are populated in /etc/nginx/site-available/, a link is from /etc/nginx/site-enable/ to /etc/nginx/site-available
+
+The file name for the specific site configurtaion is specified in the hash
+with the key "file_name", any valid server directives can be added to hash.
+Additional configuration are created in /etc/nginx/conf.d/
+
+4) Install Nginx , add 2 sites (different method) and add additional configuration
+
+```yaml
+---
+- hosts: all
+  roles:
+    - role: nginx
+      nginx_http_params:
+        - sendfile on
+        - access_log /var/log/nginx/access.log
+      nginx_sites:
+         foo:
+           - listen 8080
+           - server_name localhost
+           - root /tmp/site1
+           - location / { try_files $uri $uri/ /index.html; }
+           - location /images/ { try_files $uri $uri/ /index.html; }
+         bar:
+           - listen 9090
+           - server_name ansible
+           - root /tmp/site2
+           - location / { try_files $uri $uri/ /index.html; }
+           - location /images/ { try_files $uri $uri/ /index.html; }
+      nginx_configs:
+         proxy:
+            - proxy_set_header X-Real-IP  $remote_addr
+            - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for
+```
+
+5) Install Nginx , add 2 sites, add additional configuration and an upstream configuration block
+
+```yaml
+---
+- hosts: all
+  roles:
+    - role: nginx
+      nginx_http_params:
+        - sendfile on
+        - access_log /var/log/nginx/access.log
+      nginx_sites:
+        foo:
+           - listen 8080
+           - server_name localhost
+           - root /tmp/site1
+           - location / { try_files $uri $uri/ /index.html; }
+           - location /images/ { try_files $uri $uri/ /index.html; }
+        bar:
+           - listen 9090
+           - server_name ansible
+           - root /tmp/site2
+           - if ( $host = example.com ) { rewrite ^(.*)$ http://www.example.com$1 permanent; }
+           - location / { try_files $uri $uri/ /index.html; }
+           - location /images/ { try_files $uri $uri/ /index.html; }
+           - auth_basic            "Restricted"
+           - auth_basic_user_file  auth_basic/demo
+      nginx_configs:
+        proxy:
+            - proxy_set_header X-Real-IP  $remote_addr
+            - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for
+        upstream:
+            # Results in:
+            # upstream foo_backend {
+            #   server 127.0.0.1:8080 weight=10;
+            # }
+            - upstream foo_backend { server 127.0.0.1:8080 weight=10; }
+      nginx_auth_basic_files:
+        demo:
+           - foo:$apr1$mEJqnFmy$zioG2q1iDWvRxbHuNepIh0 # foo:demo , generated by : htpasswd -nb foo demo
+           - bar:$apr1$H2GihkSo$PwBeV8cVWFFQlnAJtvVCQ. # bar:demo , generated by : htpasswd -nb bar demo
+```
+
+6) Example to use this role with my ssl-certs role to generate or copie ssl certificate ( https://galaxy.ansible.com/list#/roles/3115 )
+```yaml
+ - hosts: all
+   roles: 
+     - jdauphant.ssl-certs
+     - role: jdauphant.nginx
+       nginx_configs: 
+          ssl:
+               - ssl_certificate_key {{ssl_certs_privkey_path}}
+               - ssl_certificate     {{ssl_certs_cert_path}}
+       nginx_sites:
+          default:
+               - listen 443 ssl
+               - server_name _
+               - root "/usr/share/nginx/html"
+               - index index.html
+```
+
+Dependencies
+------------
+
+None
+
+License
+-------
+BSD
+
+Author Information
+------------------
+
+- Original : Benno Joy
+- Modified by : DAUPHANT Julien
+

galaxy-roles/jdauphant.nginx/Vagrantfile

@@ -0,0 +1,19 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# Vagrantfile API/syntax version. Don't touch unless you know what you're doing!
+VAGRANTFILE_API_VERSION = "2"
+
+Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
+  # All Vagrant configuration is done here. The most common configuration
+  # options are documented and commented below. For a complete reference,
+  # please see the online documentation at vagrantup.com.
+
+  # Every Vagrant virtual environment requires a box to build off of.
+  config.vm.box = "ubuntu/trusty64"
+
+  config.vm.provision :ansible do |ansible|
+       ansible.playbook = "test.yml"
+       ansible.sudo = true
+  end
+end

galaxy-roles/jdauphant.nginx/ansible.cfg

@@ -0,0 +1,2 @@
+[defaults]
+roles_path = ../

galaxy-roles/jdauphant.nginx/defaults/main.yml

@@ -0,0 +1,57 @@
+---
+nginx_redhat_pkg:
+  - nginx
+
+nginx_ubuntu_pkg:
+  - python-selinux
+  - nginx
+
+yum_epel_repo: epel
+yum_base_repo: base
+
+nginx_official_repo: False
+
+keep_only_specified: False
+
+nginx_installation_type: "packages"
+nginx_binary_name: "nginx"
+nginx_service_name: "{{nginx_binary_name}}"
+nginx_conf_dir: "/etc/nginx"
+
+nginx_user: "{% if ansible_os_family == 'RedHat' %}nginx{% elif ansible_os_family == 'Debian' %}www-data{% endif %}"
+nginx_group: "{{nginx_user}}"
+
+nginx_pid_file: '/var/run/{{nginx_service_name}}.pid'
+
+nginx_worker_processes: "{{ ansible_processor_vcpus }}"
+nginx_worker_rlimit_nofile: 1024
+nginx_log_dir: "/var/log/nginx"
+
+nginx_events_params:
+  - worker_connections {% if nginx_max_clients is defined %}{{nginx_max_clients}}{% else %}512{% endif %}
+
+nginx_http_params:
+  - sendfile "on"
+  - tcp_nopush "on"
+  - tcp_nodelay "on"
+  - keepalive_timeout "65"
+  - access_log "{{nginx_log_dir}}/access.log"
+  - error_log "{{nginx_log_dir}}/error.log"
+  - server_tokens off
+  - types_hash_max_size 2048
+
+nginx_sites:
+  default:
+     - listen 80 default_server
+     - server_name _
+     - root "/usr/share/nginx/html"
+     - index index.html
+nginx_remove_sites: []
+
+nginx_configs: {}
+nginx_remove_configs: []
+
+nginx_auth_basic_files: {}
+nginx_remove_auth_basic_files: []
+
+nginx_daemon_mode: "on"

galaxy-roles/jdauphant.nginx/example-vars.yml

@@ -0,0 +1,78 @@
+---
+# The user to run nginx
+nginx_user: "www-data"
+
+nginx_hhvm: |
+      add_header X-backend hhvm;
+      try_files $uri $uri/ /index.php?$args;
+      location ~ \.(hh|php)$ {
+        try_files     $uri =404;
+        fastcgi_pass  unix:/var/run/hhvm/sock;
+        fastcgi_index index.php;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        include       fastcgi_params;
+      }
+
+# A list of directives for the events section.
+nginx_events_params:
+  - worker_connections 512
+
+# A list of hashs that define the servers for nginx,
+# as with http parameters. Any valid server parameters
+# can be defined here.
+nginx_http_params:
+  - sendfile on
+  - access_log /var/log/nginx/access.log
+
+nginx_sites:
+ default:
+     - listen 80
+     - server_name _
+     - root "/usr/share/nginx/html"
+     - index index.html
+ foo:
+     - listen 8080
+     - server_name localhost
+     - root "/tmp/site1"
+     - location / { try_files $uri $uri/ /index.html; }
+     - location /images/ { try_files $uri $uri/ /index.html; }
+ bar:
+     - listen 9090
+     - server_name ansible
+     - root "/tmp/site2"
+     - location / { try_files $uri $uri/ /index.html; }
+     - location /images/ {
+         try_files $uri $uri/ /index.html;
+         allow 127.0.0.1;
+         deny all;
+       }
+     - auth_basic            "Restricted"
+     - auth_basic_user_file  auth_basic/demo
+ hhvm_test:
+     - |
+       listen 80;
+       server_name test_hhvm;
+       root "/tmp/hhvm";
+       {{nginx_hhvm}}
+
+# A list of hashs that define additional configuration
+nginx_configs:
+  proxy:
+      - proxy_set_header X-Real-IP  $remote_addr
+      - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for
+  upstream:
+      - upstream foo { server 127.0.0.1:8080 weight=10; }
+  geo:
+      - geo $local {
+          default 0;
+          127.0.0.1 1;
+        }
+  gzip:
+      - gzip on
+      - gzip_disable msie6
+
+# A list of hashs that define uer/password files
+nginx_auth_basic_files:
+   demo:
+     - foo:$apr1$mEJqnFmy$zioG2q1iDWvRxbHuNepIh0 # foo:demo , generated by : htpasswd -nb foo demo
+     - bar:$apr1$H2GihkSo$PwBeV8cVWFFQlnAJtvVCQ. # bar:demo , generated by : htpasswd -nb bar demo

galaxy-roles/jdauphant.nginx/handlers/main.yml

@@ -0,0 +1,8 @@
+---
+- name: restart nginx
+  service: name={{ nginx_service_name }} state=restarted
+  when: nginx_installation_type in nginx_installation_types_using_service and nginx_daemon_mode == "on"
+
+- name: reload nginx
+  service: name={{ nginx_service_name }} state=reloaded
+  when: nginx_installation_type in nginx_installation_types_using_service and nginx_daemon_mode == "on"

galaxy-roles/jdauphant.nginx/meta/.galaxy_install_info

@@ -0,0 +1 @@
+{install_date: 'Sun Aug  2 15:06:05 2015', version: v1.5.1}

galaxy-roles/jdauphant.nginx/meta/main.yml

@@ -0,0 +1,28 @@
+---
+galaxy_info:
+  author: "DAUPHANT Julien"
+  license: BSD
+  min_ansible_version: 1.4
+  platforms:
+   - name: EL
+     versions:
+      - 5
+      - 6
+   - name: Fedora
+     versions:
+      - 16
+      - 17
+      - 18
+      - 19
+      - 20
+   - name: Ubuntu
+     versions:
+      - precise
+      - quantal
+      - raring
+      - saucy
+      - trusty
+  categories:
+   - web
+dependencies: []
+

galaxy-roles/jdauphant.nginx/tasks/configuration.yml

@@ -0,0 +1,53 @@
+---
+- name: Create the directories for site specific configurations
+  file: path={{nginx_conf_dir}}/{{ item }} state=directory owner=root group={{nginx_group}} mode=0755
+  with_items:
+    - "sites-available"
+    - "sites-enabled"
+    - "auth_basic"
+    - "conf.d"
+  tags: [configuration,nginx]
+
+- name: Ensure log directory exist
+  file: path={{ nginx_log_dir }} state=directory owner={{nginx_user}} group={{nginx_group}} mode=0755
+  tags: [configuration,nginx]
+
+- name: Copy the nginx configuration file
+  template: src=nginx.conf.j2 dest={{nginx_conf_dir}}/nginx.conf
+  notify:
+   - restart nginx
+  tags: [configuration,nginx]
+
+- name: Ensure auth_basic files created
+  template: src=auth_basic.j2 dest={{nginx_conf_dir}}/auth_basic/{{ item }} owner=root group={{nginx_group}} mode=0750
+  with_items: nginx_auth_basic_files.keys()
+  tags: [configuration,nginx]
+
+- name: Create the configurations for sites
+  template: src=site.conf.j2 dest={{nginx_conf_dir}}/sites-available/{{ item }}.conf
+  with_items: nginx_sites.keys()
+  notify: 
+   - restart nginx
+  tags: [configuration,nginx]
+
+- name: Create links for sites-enabled
+  file: state=link src={{nginx_conf_dir}}/sites-available/{{ item }}.conf dest={{nginx_conf_dir}}/sites-enabled/{{ item }}.conf
+  with_items: nginx_sites.keys()
+  notify:
+   - reload nginx
+  tags: [configuration,nginx]
+
+- name: Create the configurations for independent config file
+  template: src=config.conf.j2 dest={{nginx_conf_dir}}/conf.d/{{ item }}.conf
+  with_items: nginx_configs.keys()
+  notify:
+   - reload nginx
+  tags: [configuration,nginx]
+
+- name: Check nginx syntax of configuration files
+  shell: "{{ nginx_binary_name }} -t"
+  register: result
+  changed_when: "result.rc != 0"
+  always_run: yes
+  when: nginx_installation_type in nginx_installation_types_using_service
+  tags: [configuration,nginx]

galaxy-roles/jdauphant.nginx/tasks/installation.packages.yml

@@ -0,0 +1,29 @@
+---
+- name: Install the selinux python module
+  yum: name=libselinux-python state=present
+  when: ansible_os_family == "RedHat"
+  tags: [packages,nginx]
+
+- name: Install the epel packages
+  yum: name=epel-release state=present
+  when: nginx_is_el|bool
+  tags: [packages,nginx]
+
+- name: Install the nginx packages
+  yum: name={{ item }} state=present disablerepo='*' enablerepo={{ "nginx," if nginx_official_repo else "" }}{{ yum_epel_repo }},{{ yum_base_repo }}
+  with_items: nginx_redhat_pkg
+  when:  nginx_is_el|bool
+  tags: [packages,nginx]
+
+- name: Install the nginx packages
+  yum: name={{ item }} state=present
+  with_items: nginx_redhat_pkg
+  when: ansible_os_family == "RedHat" and not nginx_is_el|bool
+  tags: [packages,nginx]
+
+- name: Install the nginx packages
+  apt: name={{ item }} state=present
+  with_items: nginx_ubuntu_pkg
+  environment: env
+  when: ansible_os_family == "Debian"
+  tags: [packages,nginx]

galaxy-roles/jdauphant.nginx/tasks/main.yml

@@ -0,0 +1,16 @@
+---
+- include: nginx-official-repo.yml
+  when: nginx_official_repo == True
+- include: installation.packages.yml
+  when: nginx_installation_type == "packages"
+- include: remove-defaults.yml
+  when: not keep_only_specified
+- include: remove-extras.yml
+  when: keep_only_specified
+- include: remove-unwanted.yml
+- include: configuration.yml
+
+- name: Start the nginx service
+  service: name={{ nginx_service_name }} state=started enabled=yes
+  when: nginx_installation_type in nginx_installation_types_using_service and nginx_daemon_mode == "on"
+  tags: [service,nginx]

galaxy-roles/jdauphant.nginx/tasks/nginx-official-repo.yml

@@ -0,0 +1,18 @@
+---
+- name: Ensure APT official nginx key
+  apt_key: url=http://nginx.org/keys/nginx_signing.key
+  tags: [packages,nginx]
+  when: ansible_os_family == 'Debian'
+
+- name: Ensure APT official nginx repository
+  apt_repository: repo="deb http://nginx.org/packages/{{ ansible_distribution|lower }}/ {{ ansible_distribution_release }} nginx"
+  tags: [packages,nginx]
+  when: ansible_os_family == 'Debian'
+
+- name: Ensure RPM official nginx key
+  rpm_key: key=http://nginx.org/keys/nginx_signing.key
+  when: ansible_os_family == 'RedHat'
+
+- name: Ensure YUM official nginx repository
+  template: src=nginx.repo.j2 dest=/etc/yum.repos.d/nginx.repo
+  when: ansible_os_family == 'RedHat'

galaxy-roles/jdauphant.nginx/tasks/remove-defaults.yml

@@ -0,0 +1,15 @@
+---
+- name: Disable the default site
+  file: path={{nginx_conf_dir}}/sites-enabled/default state=absent
+  notify:
+  - reload nginx
+  tags: [configuration,nginx]
+
+- name: Remove the default configuration
+  file: path={{nginx_conf_dir}}/conf.d/default.conf state=absent
+  when: >
+    'default' not in nginx_configs.keys()
+  notify:
+  - reload nginx
+  tags: [configuration,nginx]
+

galaxy-roles/jdauphant.nginx/tasks/remove-extras.yml

@@ -0,0 +1,31 @@
+---
+- name: Find enabled sites
+  shell: ls -1 {{nginx_conf_dir}}/sites-enabled
+  register: enabled_sites
+  changed_when: False
+  tags: [configuration,nginx]
+
+- name: Disable unmanaged sites
+  file: path={{nginx_conf_dir}}/sites-enabled/{{ item }} state=absent
+  with_items: enabled_sites.stdout_lines
+  # 'item.conf' => 'item'
+  when: item[:-5] not in nginx_sites.keys()
+  notify:
+   - reload nginx
+  tags: [configuration,nginx]
+
+- name: Find config files
+  shell: ls -1 {{nginx_conf_dir}}/conf.d
+  register: config_files
+  changed_when: False
+  tags: [configuration,nginx]
+
+- name: Remove unmanaged config files
+  file: name={{nginx_conf_dir}}/conf.d/{{ item }} state=absent
+  with_items: config_files.stdout_lines
+  # 'item.conf' => 'item'
+  when: item[:-5] not in nginx_configs.keys()
+  notify:
+   - reload nginx
+  tags: [configuration,nginx]
+

galaxy-roles/jdauphant.nginx/tasks/remove-unwanted.yml

@@ -0,0 +1,24 @@
+---
+- name: Remove unwanted sites
+  file: path={{nginx_conf_dir}}/{{ item[0] }}/{{ item[1] }}.conf state=absent
+  with_nested: 
+    - [ 'sites-enabled', 'sites-available']
+    - nginx_remove_sites
+  notify:
+   - reload nginx
+  tags: [configuration,nginx]
+
+- name: Remove unwanted conf
+  file: path={{nginx_conf_dir}}/conf.d/{{ item[1] }}.conf state=absent
+  with_items: nginx_remove_configs
+  notify:
+   - reload nginx
+  tags: [configuration,nginx]
+
+- name: Remove unwanted auth_basic_files
+  file: path={{nginx_conf_dir}}/auth_basic/{{ item[1] }} state=absent
+  with_items: nginx_remove_auth_basic_files
+  notify:
+   - reload nginx
+  tags: [configuration,nginx]
+  

galaxy-roles/jdauphant.nginx/templates/auth_basic.j2

@@ -0,0 +1,5 @@
+#{{ ansible_managed }}
+
+{% for v in nginx_auth_basic_files[item] %}
+{{ v }}
+{% endfor %}

galaxy-roles/jdauphant.nginx/templates/config.conf.j2

@@ -0,0 +1,9 @@
+#{{ ansible_managed }}
+
+{% for v in nginx_configs[item] %}
+{% if v.find('\n') != -1 %}
+{{v}}
+{% else %}
+{% if v != "" %}{{ v.replace(";",";\n   ").replace(" {"," {\n    ").replace(" }"," \n}\n") }}{% if v.find('{') == -1%};
+{% endif %}{% endif %}{% endif %}
+{% endfor %}

galaxy-roles/jdauphant.nginx/templates/nginx.conf.j2

@@ -0,0 +1,33 @@
+#{{ ansible_managed }}
+user              {{ nginx_user }}  {{ nginx_group }};
+
+worker_processes  {{ nginx_worker_processes }};
+
+{% if nginx_pid_file %}
+pid        {{ nginx_pid_file }};
+{% endif %}
+
+worker_rlimit_nofile {{ nginx_worker_rlimit_nofile }};
+
+events {
+{% for v in nginx_events_params %}
+        {{ v }};
+{% endfor %}
+}
+
+
+http {
+
+        include {{ nginx_conf_dir }}/mime.types;
+        default_type application/octet-stream;
+{% for v in nginx_http_params %}
+        {{ v }};
+{% endfor %}
+
+        include {{ nginx_conf_dir }}/conf.d/*.conf;
+        include {{ nginx_conf_dir }}/sites-enabled/*;
+}
+
+{% if nginx_daemon_mode == "off" %}
+daemon off;
+{% endif %}

galaxy-roles/jdauphant.nginx/templates/nginx.repo.j2

@@ -0,0 +1,4 @@
+[nginx]
+name=nginx repo
+baseurl=http://nginx.org/packages/{{"rhel" if ansible_distribution == "RedHat" else "centos"}}/{{ansible_distribution_version.split('.')[0]}}/{{ansible_architecture}}/
+enabled=1

galaxy-roles/jdauphant.nginx/templates/site.conf.j2

@@ -0,0 +1,10 @@
+#{{ ansible_managed }}
+server {
+{% for v in nginx_sites[item] %}
+{% if v.find('\n') != -1 %}
+   {{v.replace("\n","\n   ")}}
+{% else %}
+   {% if v != "" %}{{ v.replace(";",";\n      ").replace(" {"," {\n      ").replace(" }"," \n   }\n") }}{% if v.find('{') == -1%};
+{% endif %}{% endif %}{% endif %}
+{% endfor %}
+}

galaxy-roles/jdauphant.nginx/test.yml

@@ -0,0 +1,6 @@
+---
+- hosts: "{{hosts_group|default('all')}}"
+  vars_files:
+    - 'example-vars.yml'
+  roles:
+    - "{{role_name|default('nginx')}}"

galaxy-roles/jdauphant.nginx/vars/main.yml

@@ -0,0 +1,8 @@
+---
+
+env:
+ RUNLEVEL: 1
+
+nginx_installation_types_using_service: ["packages"]
+
+nginx_is_el: "{{ ansible_distribution in ['RedHat', 'CentOS'] }}"

requirements.yml

@@ -13,4 +13,7 @@
   path: galaxy-roles
 
 - src: dereulenspiegel.fastd
+  path: galaxy-roles
+
+- src: jdauphant.nginx
   path: galaxy-roles