nginx

Build Status

NGinx Installer for simple redirect and proxy tasks

Sets up a nginx docker container to

  • Proxy
  • Redirect
  • Passwd-Protect

Make sure, you select a proper task (see example below)

Requirements

Runs on Debianoids which are capable of running docker machines

Role Variables

nginx__configs_only

Use this flag to only output the config files to nginx__config_directory

nginx__default_server[_*]

This role provides a defined default_server for nginx with a defined default setting, see nginx__default_server. Set nginx__default_server_ssl accordingly and make sure the files default_server.crt and default_server.key exist.

Important! Make sure, the SSL certificate matches 'the one' desired domain!

Example Playbook

SSL Reverse Proxy

For the following playbook to work, you neet have SSL certificates pre-installed.

Adds the following capabilities:

  • set up in an certain docker network
  • proyx an app on internal name resolution and port
  • include nginx settings for proxying websockets
    - name: set up nginx ssl reverse proxy
      import_role:
        name: computerlyrik.nginx
        tasks_from: proxy
      vars:
        nginx__proxy_websocket: true
        nginx__proxies:
          - name: myApp
            url: "{{ inventory_hostname }}"
            backend_url: "myApp:8052"
            ssl:
              cert: "myCert.cert"
              key: "myKey.key"
        nginx__ssl_directory: "{{ ssl_path }}"
        nginx__docker_network: myDockerNetwork

Redirect

The following example expects files like "mydomain.com.crt" and "mydomain.com.key" inside the nginx__ssl_dir.

The Role will discover certs for redirect if needed

The following defines two redirect rules, enables SSL and prevents SSL for the first entry.

    - name: redirect several domains
      import_role:
        name: computerlyrik.nginx
        tasks_from: redirect
      vars:
        nginx__ssl_dir: /my/ssl/files
        nginx__redirects:
          - name: redirect to my-target webite
            target: https://my-target.com
            hosts:
              - name: somesourceurlwithnossl.com
                ssl: no # default
              - name: somesourcewithssl.com
                truncate: yes # default
                ssl: yes # expects an certificate and key, see above

License

Apache2

Testing

TODO

Author Information

An optional section for the role authors to include contact information, or a website (HTML is not allowed).

Install
ansible-galaxy install computerlyrik/ansible-nginx
GitHub repository
License
apache-2.0
Downloads
36
Owner
IT Professional for microservice architectures