add basic nginx checks; renovate ansible syntax
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Robert Kaussow 2019-02-28 10:00:08 +01:00
parent 2a86a0a84f
commit 5ff10d4f09
5 changed files with 14 additions and 46 deletions

View File

@ -48,15 +48,10 @@ nginx_open_ports:
- 443
nginx_tls_enabled: False
# You can deploy your certificates from a file or from content.
# If you enable nginx_tls_source_use_content you have to put the content of your cert files into
# nginx_tls_cert_file and nginx_tls_cert_file.
nginx_tls_source_use_content: False
# If you enable nginx_tls_source_use_files theses variables have to contain the path to your
# certificate files located on the ansible "master" host
nginx_tls_source_use_files: True
# Source has to be a file
nginx_tls_cert_source: mycert.pem
nginx_tls_key_source: mykey.pem
# Set the destination filename
nginx_tls_cert_file: mycert.pem
nginx_tls_key_file: mykey.pem
# nginx_tls_dhparam_file: # defaults to not set

View File

@ -1,16 +0,0 @@
*******
Google Cloud Engine driver installation guide
*******
Requirements
============
* A GCE credentials rc file
* apache-libcloud
Install
=======
.. code-block:: bash
$ sudo pip install apache-libcloud

View File

@ -6,9 +6,11 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
def test_hosts_file(host):
f = host.file('/etc/hosts')
def test_nginx_is_installed(host):
nginx = host.package("nginx")
assert nginx.is_installed
assert f.exists
assert f.user == 'root'
assert f.group == 'xxx'
def test_nginx_running_and_enabled(host):
nginx = host.service("nginx")
assert nginx.is_running
assert nginx.is_enabled

View File

@ -36,7 +36,7 @@
owner: "{{ nginx_user }}"
group: "{{ nginx_group }}"
mode: 0750
with_items:
loop:
- "{{ nginx_vhosts_dir }}"
- "{{ nginx_vhosts_dir }}/default"
@ -47,7 +47,7 @@
owner: root
group: root
mode: 0640
with_items:
loop:
- /etc/nginx/sites-available
- /etc/nginx/sites-enabled
@ -88,7 +88,7 @@
name: "{{ item.name }}"
state: "{{ item.state }}"
persistent: "{{ item.persistent }}"
with_items: "{{ nginx_set_sebooleans }}"
loop: "{{ nginx_set_sebooleans }}"
when: nginx_set_sebooleans is defined
- name: Fix selinux file context mappaing for pid file

View File

@ -1,24 +1,11 @@
---
- block:
- name: Copy certs and private key (content)
copy:
content: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
with_items:
- { src: "{{ nginx_tls_key_source }}", dest: '/etc/pki/tls/private/{{ nginx_tls_key_file }}', mode: '0600' }
- { src: "{{ nginx_tls_cert_source }}", dest: '/etc/pki/tls/certs/{{ nginx_tls_cert_file }}', mode: '0750' }
loop_control:
label: "{{ item.dest }}"
notify: __nginx_reload
when: nginx_tls_source_use_content
- name: Copy certs and private key (files)
- name: Copy certs and private key
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
mode: "{{ item.mode }}"
with_items:
loop:
- { src: "{{ nginx_tls_key_source }}", dest: '/etc/pki/tls/private/{{ nginx_tls_key_file }}', mode: '0600' }
- { src: "{{ nginx_tls_cert_source }}", dest: '/etc/pki/tls/certs/{{ nginx_tls_cert_file }}', mode: '0750' }
loop_control: