ansibleguy.infra_nginx

Panoramica Versioni Approfondimenti

Ansible Role - Nginx Webserver

This is an Ansible Role for setting up one or more NGINX websites on a Linux server.

Install

You can install the role in several ways:

# Install the latest version
ansible-galaxy role install git+https://github.com/ansibleguy/infra_nginx

# Install from Ansible Galaxy
ansible-galaxy install ansibleguy.infra_nginx

# Install to a custom location
ansible-galaxy install ansibleguy.infra_nginx --roles-path ./roles

# Install required dependencies
ansible-galaxy install -r requirements.yml

# If you need basic authentication, install Python dependencies
python3 -m pip install -r requirements.txt

Usage

To set up NGINX, you need to configure it. Here’s an example of how to define your settings:

nginx:
  config:
    client_max_body_size: '500m'
    ssl_session_timeout: '15m'
  
  sites:
    example_site:
      mode: 'proxy'  # Could be proxy, server, or redirect
      domain: 'example.com'
      port_ssl: 8443
      port_plain: 8080
      proxy:
        port: 50000 

      ssl:
        mode: 'existing'  # Or 'snakeoil', 'letsencrypt', etc.

      security:
        block_script_bots: true 
        block_bad_crawler_bots: true

Execution

To run the playbook, use:

ansible-playbook -K -D -i inventory/hosts.yml playbook.yml

To only configure a specific site, use:

ansible-playbook -K -D -i inventory/hosts.yml playbook.yml -e only_site=SITE_NAME

You can also use tags to run specific parts:

  • base: Configure the basics only
  • sites: Set up the sites
  • config: Update site configurations without touching certificates

To debug, run:

ansible-playbook -K -D -i inventory/hosts.yml playbook.yml -e debug=yes

Functionality

  • Installation: Installs NGINX and necessary dependencies.
  • Multiple sites support: Set up various configurations for different sites.
  • SSL Options: Supports different SSL configurations like self-signed certificates or using Let's Encrypt.
  • Default security settings: Includes various security headers and limits to help protect against DDoS attacks.

Important Notes

  • This role is designed for Debian-based systems.
  • Default configurations can be customized, and global settings can be overridden by site-specific settings.
  • Ensure your site's non-encrypted server redirects to the HTTPS version.
  • Be careful with configuration values as invalid settings may cause issues.
  • For Let's Encrypt, ensure you allow outgoing connections on necessary ports.

This setup aims to make deploying NGINX easier and more efficient!

Informazioni sul progetto

Role to configure a nginx webserver in one of three basic config modes: proxy, redirect, server

role nginx reverseproxy webserver
Installa
ansible-galaxy install ansibleguy.infra_nginx
GitHub repository
5 stelle
2 fork
1 problemi aperti
Licenza
other
Download
6.1k
Proprietario
AnsibleGuy
[email protected] | GPG: https://badges.ansibleguy.net/public.gpg