remove nginx integration

defaults/main.yml

@@ -13,7 +13,7 @@ homeassistant_extra_groups:
 homeassistant_base_dir: /opt/homeassistant
 homeassistant_conf_dir: "{{ homeassistant_base_dir }}/config"
 
-homeassistant_dependencies: []
+homeassistant_packages: []
 
 homeassistant_http_bind_port: 8123
 homeassistant_client_url: https://hassio.example.com
@@ -45,13 +45,3 @@ homeassistant_exclude_modemmanager: False
 homeassistant_serial_device:
   - vendor_id: "0000"
     product_id: "xxxx"
-
-homeassistant_nginx_vhost_enabled: False
-homeassistant_nginx_server: localhost
-homeassistant_nginx_vhost_dir: /etc/nginx/sites-available
-homeassistant_nginx_vhost_symlink: /etc/nginx/sites-enabled
-homeassistant_nginx_iptables_enabled: False
-homeassistant_nginx_tls_enabled: False
-homeassistant_nginx_tls_cert_file: homeassistant-cert.pem
-homeassistant_nginx_tls_key_file: homeassistant-key.pem
-homeassistant_nginx_proxy_url: "https://1.2.3.4:{{ homeassistant_http_bind_port }}"

handlers/main.yml

@@ -8,15 +8,6 @@
   become: True
   become_user: root
 
-- name: Reload nginx
-  systemd:
-    state: reloaded
-    name: nginx
-  listen: __nginx_reload
-  delegate_to: "{{ homeassistant_nginx_server }}"
-  become: True
-  become_user: root
-
 - name: Reload udev rules
   command: "udevadm control --reload-rules"
   changed_when: False

molecule/ec2-centos-7/playbook.yml

@@ -2,15 +2,9 @@
 - name: Converge
   hosts: all
   vars:
-    yum_repositories:
-      epel:
-        filename: Extra-EPEL
-        desc: Extra Packages for Enterprise Linux (EPEL)
-        baseurl: "http://download.fedoraproject.org/pub/epel/$releasever/$basearch/"
-        gpgkey: "http://download.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-$releasever/"
-        enabled: True
+    homeassistant_packages:
+      - epel-release
 
   roles:
-    - role: xoxys.yum
     - role: xoxys.python3
     - role: xoxys.homeassistant

tasks/main.yml

@@ -4,6 +4,4 @@
 - import_tasks: tls.yml
   when: homeassistant_tls_enabled | bool
   tags: tls_renewal
-- import_tasks: nginx.yml
-  when: homeassistant_nginx_vhost_enabled | bool
 - import_tasks: post_tasks.yml

tasks/nginx.yml

@@ -1,50 +0,0 @@
----
-- block:
-    - name: Copy certs and private key to nginx proxy
-      copy:
-        src: "{{ item.src }}"
-        dest: "{{ item.dest }}"
-        mode: "{{ item.mode }}"
-      loop:
-        - { src: "{{ homeassistant_tls_key_source }}", dest: '/etc/pki/tls/private/{{ homeassistant_nginx_tls_key_file }}', mode: '0600' }
-        - { src: "{{ homeassistant_tls_cert_source }}", dest: '/etc/pki/tls/certs/{{ homeassistant_nginx_tls_cert_file }}', mode: '0750' }
-      loop_control:
-        label: "{{ item.dest }}"
-      notify: __nginx_reload
-  delegate_to: "{{ homeassistant_nginx_server }}"
-  when: homeassistant_nginx_tls_enabled | bool
-  become: True
-  become_user: root
-  tags: tls_renewal
-
-- block:
-    - name: Add vhost configuration file
-      template:
-        src: nginx/vhost.j2
-        dest: "{{ homeassistant_nginx_vhost_dir }}/homeassistant"
-        owner: root
-        group: root
-        mode: 0640
-      notify: __nginx_reload
-
-    - name: Enable homeassistant vhost
-      file:
-        src: "{{ homeassistant_nginx_vhost_dir }}/homeassistant"
-        dest: "{{ homeassistant_nginx_vhost_symlink }}/homeassistant"
-        owner: root
-        group: root
-        state: link
-      notify: __nginx_reload
-      when: homeassistant_nginx_vhost_symlink is defined
-
-    - name: Open ports in iptables
-      iptables_raw:
-        name: allow_homeassistant_nginx_proxy
-        state: present
-        rules: "-A OUTPUT -m state --state NEW -p tcp -d {{ homeassistant_nginx_proxy_url | urlsplit('hostname') }} --dport {{ homeassistant_nginx_proxy_url | urlsplit('port') }} -j ACCEPT"
-      when:
-        - homeassistant_nginx_iptables_enabled | bool
-        - (not homeassistant_nginx_server == inventory_hostname or not homeassistant_nginx_server == "localhost")
-  delegate_to: "{{ homeassistant_nginx_server }}"
-  become: True
-  become_user: root

tasks/prepare.yml

@@ -19,6 +19,6 @@
       package:
         name: "{{ item }}"
         state: present
-      loop: "{{ homeassistant_dependencies }}"
+      loop: "{{ homeassistant_packages }}"
   become: True
   become_user: root

templates/nginx/vhost.j2

@@ -1,48 +0,0 @@
-#jinja2: lstrip_blocks: True
-# {{ ansible_managed }}
-upstream backend_homeassistant {
-    server {{ homeassistant_nginx_proxy_url | urlsplit('hostname') }}:{{ homeassistant_nginx_proxy_url | urlsplit('port') }};
-}
-
-server {
-    listen 80;
-    server_name {{ homeassistant_client_url | urlsplit('hostname') }};
-
-    client_max_body_size 200M;
-
-    {% if homeassistant_nginx_tls_enabled %}
-    return 301 https://$server_name$request_uri;
-    {% else %}
-    location / {
-        proxy_pass {{ homeassistant_nginx_proxy_url | urlsplit('scheme') }}://backend_homeassistant;
-        proxy_set_header Host $host;
-        proxy_redirect http:// https://;
-        proxy_http_version 1.1;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection $connection_upgrade;
-    }
-    {% endif %}
-}
-
-{% if homeassistant_nginx_tls_enabled %}
-server {
-    listen 443 ssl;
-    server_name {{ homeassistant_client_url | urlsplit('hostname') }};
-
-    client_max_body_size 200M;
-
-    location / {
-        proxy_pass {{ homeassistant_nginx_proxy_url | urlsplit('scheme') }}://backend_homeassistant;
-        proxy_set_header Host $host;
-        proxy_redirect http:// https://;
-        proxy_http_version 1.1;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection $connection_upgrade;
-    }
-
-    ssl_certificate /etc/pki/tls/certs/{{ homeassistant_nginx_tls_cert_file }};
-    ssl_certificate_key /etc/pki/tls/private/{{ homeassistant_nginx_tls_key_file }};
-}
-{% endif %}