add basic nginx checks; renovate ansible syntax

2019-02-28 10:00:08 +01:00 · 2019-02-28 10:00:08 +01:00 · 5ff10d4f09
parent 2a86a0a84f
commit 5ff10d4f09
5 changed files with 14 additions and 46 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -48,15 +48,10 @@ nginx_open_ports:
  - 443

 nginx_tls_enabled: False
-# You can deploy your certificates from a file or from content.
-# If you enable nginx_tls_source_use_content you have to put the content of your cert files into
-# nginx_tls_cert_file and nginx_tls_cert_file.
-nginx_tls_source_use_content: False
-# If you enable nginx_tls_source_use_files theses variables have to contain the path to your
-# certificate files located on the ansible "master" host
-nginx_tls_source_use_files: True
+# Source has to be a file
 nginx_tls_cert_source: mycert.pem
 nginx_tls_key_source: mykey.pem
+# Set the destination filename
 nginx_tls_cert_file: mycert.pem
 nginx_tls_key_file: mykey.pem
 # nginx_tls_dhparam_file: # defaults to not set
--- a/molecule/gce-centos-7/INSTALL.rst
+++ b/molecule/gce-centos-7/INSTALL.rst
@ -1,16 +0,0 @@
-*******
-Google Cloud Engine driver installation guide
-*******
-
-Requirements
-============
-
-* A GCE credentials rc file
-* apache-libcloud
-
-Install
-=======
-
-.. code-block:: bash
-
-    $ sudo pip install apache-libcloud
--- a/molecule/gce-centos-7/tests/test_default.py
+++ b/molecule/gce-centos-7/tests/test_default.py
@ -6,9 +6,11 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')


-def test_hosts_file(host):
-    f = host.file('/etc/hosts')
+def test_nginx_is_installed(host):
+    nginx = host.package("nginx")
+    assert nginx.is_installed

-    assert f.exists
-    assert f.user == 'root'
-    assert f.group == 'xxx'
+def test_nginx_running_and_enabled(host):
+    nginx = host.service("nginx")
+    assert nginx.is_running
+    assert nginx.is_enabled
--- a/tasks/install.yml
+++ b/tasks/install.yml
@ -36,7 +36,7 @@
        owner: "{{ nginx_user }}"
        group: "{{ nginx_group }}"
        mode: 0750
-      with_items:
+      loop:
        - "{{ nginx_vhosts_dir }}"
        - "{{ nginx_vhosts_dir }}/default"

@ -47,7 +47,7 @@
        owner: root
        group: root
        mode: 0640
-      with_items:
+      loop:
        - /etc/nginx/sites-available
        - /etc/nginx/sites-enabled

@ -88,7 +88,7 @@
        name: "{{ item.name }}"
        state: "{{ item.state }}"
        persistent: "{{ item.persistent }}"
-      with_items: "{{ nginx_set_sebooleans }}"
+      loop: "{{ nginx_set_sebooleans }}"
      when: nginx_set_sebooleans is defined

    - name: Fix selinux file context mappaing for pid file
--- a/tasks/tls.yml
+++ b/tasks/tls.yml
@ -1,24 +1,11 @@
 ---
 - block:
-    - name: Copy certs and private key (content)
-      copy:
-        content: "{{ item.src }}"
-        dest: "{{ item.dest }}"
-        mode: "{{ item.mode }}"
-      with_items:
-        - { src: "{{ nginx_tls_key_source }}", dest: '/etc/pki/tls/private/{{ nginx_tls_key_file }}', mode: '0600' }
-        - { src: "{{ nginx_tls_cert_source }}", dest: '/etc/pki/tls/certs/{{ nginx_tls_cert_file }}', mode: '0750' }
-      loop_control:
-        label: "{{ item.dest }}"
-      notify: __nginx_reload
-      when: nginx_tls_source_use_content
-
-    - name: Copy certs and private key (files)
+    - name: Copy certs and private key
      copy:
        src: "{{ item.src }}"
        dest: "{{ item.dest }}"
        mode: "{{ item.mode }}"
-      with_items:
+      loop:
        - { src: "{{ nginx_tls_key_source }}", dest: '/etc/pki/tls/private/{{ nginx_tls_key_file }}', mode: '0600' }
        - { src: "{{ nginx_tls_cert_source }}", dest: '/etc/pki/tls/certs/{{ nginx_tls_cert_file }}', mode: '0750' }
      loop_control: