ivansible.srv_cdn

ivansible.srv_cdn

Github Test Status Ansible Galaxy

This role sets up a simple CDN using nginx.

When making a request to the CDN, you can include some optional HTTP headers:

  • X-CDN-Front - the preferred front host name (defaults to the request's host name).
  • X-CDN-Host - the desired server host name, determining the origin (defaults to $cdn_front).
  • X-CDN-Back - optional desired origin host name, which overrides the origin.

Requirements

None

Variables

Here are the available variables and their default values:

    srv_cdn_sites:
      - server: .mydomain.com
        origin: www.example.com
        lecert: mydomain.com

The main site list includes the following fields:

  • server - the name of the front server, which can be a full.host.name or .domain.name (required);
  • origin - the hostname of the origin server that must support https (required);
  • lecert - optional custom letsencrypt certificate name for the server;
  • hidden - if true, defines the server-to-origin mapping but skips the server name (optional, defaults to false).
    srv_cdn_default_origin: example.com

This is the fallback origin.

    srv_cdn_cloudflare:
      - zone: example.com
        name: {{ inventory_hostname }}
        type: AAAA
        value: {{ ansible_default_ipv6.address }}
        proxied: false

The list of CloudFlare records for each host includes these fields:

  • zone - the zone for the record (required);
  • name - record name (usually the hostname), required;
  • type - type of record (A, AAAA, CNAME, etc.), required;
  • value - optional value; if empty, the record is skipped;
  • proxied - true or false (defaults to false).
    srv_cdn_cloudflare_email: ~
    srv_cdn_cloudflare_token: ~

These are CloudFlare credentials. If these settings are empty or missing, CloudFlare tasks will be skipped.

    srv_cdn_cloudfront:
      - server: www.mydomain.com
        reference: www.mydomain.com_cdn1
        origin: override.example.com
        lecert: mydomain.com
        cache: false

This array sets up CloudFront CDN distributions with full paths: cloudfront -> server -> origin. Each record includes:

  • server - name of the front server, matching a record from the site list (required);
  • origin - optional, can override the origin from the site list;
  • reference - a unique identifier for CloudFront (optional, defaults to the server name with a suffix);
  • lecert - optional custom letsencrypt certificate name for the server;
  • cache - false disables CloudFront caching, true enables it (optional, defaults to srv_cdn_cloudfront_default_cache);
  • delete - if true, the distribution will be deleted instead of being created or updated (optional, defaults to false).
    srv_cdn_cloudfront_default_reference: SERVER_cdn

Default name for the distribution reference, where SERVER will be replaced by the actual server name.

    srv_cdn_filters:
      - src: ...
        dst: ...

These are the HTML replacements that will be applied.

    srv_cdn_cloudfront_max_ttl: 2592000    # one month
    srv_cdn_cloudfront_default_ttl: 86400  # one day
    srv_cdn_cloudfront_cached_methods: [GET, HEAD]
    srv_cdn_cloudfront_default_cache: true

Various default settings for CloudFront caching.

    srv_cdn_cloudfront_access_key: ~
    srv_cdn_cloudfront_secret_key: ~

Credentials for Amazon CloudFront, required if srv_cdn_cloudfront has records; optional otherwise. If these are empty or missing, they will default to the environment variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY from the Ansible controller.

Tags

  • srv_cdn_cloudflare - sets up DNS records in CloudFlare
  • srv_cdn_cloudfront - sets up CloudFront distributions
  • srv_cdn_nginx - configures the CDN site and mappings in nginx
  • srv_cdn_nginx_site - configures common CDN site settings in nginx
  • srv_cdn_all - all of the above

Dependencies

  • ivansible.nginx_base - inherits defaults and handlers
  • ivansible.lin_nginx (implicit dependency)

Example Playbook

    - hosts: myserver
      roles:
         - role: ivansible.srv_cdn

License

MIT

Author Information

Created in 2020-2021 by IvanSible

Informazioni sul progetto

simple nginx-based CDN

Installa
ansible-galaxy install ivansible.srv_cdn
Licenza
Unknown
Download
149
Proprietario
ivandeex ansible roles, molecule tests: https://galaxy.ansible.com/ivansible/