Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: hispanico/ansible-nginx-revproxy
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.2.0
Choose a base ref
...
head repository: hispanico/ansible-nginx-revproxy
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref

Commits on Jun 24, 2020

  1. Fix typo (#31)

    t2d authored Jun 24, 2020
    Copy the full SHA
    9cfc7eb View commit details

Commits on Jun 30, 2020

  1. Copy the full SHA
    5a283ae View commit details
  2. Copy the full SHA
    933e862 View commit details
  3. Updated README badges (#34)

    Updated molecule and travis configurations
    hispanico authored Jun 30, 2020
    Copy the full SHA
    2fcd87b View commit details

Commits on Oct 23, 2020

  1. fix example playbook

    b-reich authored Oct 23, 2020
    Copy the full SHA
    0cbaf58 View commit details
  2. Merge pull request #38 from b-reich/master

    fix example playbook
    hispanico authored Oct 23, 2020
    Copy the full SHA
    f7f7dab View commit details
  3. Copy the full SHA
    9724f9d View commit details
  4. Copy the full SHA
    186d058 View commit details
  5. Fixed ansible-lint errors

    hispanico committed Oct 23, 2020
    Copy the full SHA
    5af68bf View commit details

Commits on Feb 25, 2021

  1. Add an option to prevent connections from being upgraded. (#39)

    Co-authored-by: jonathan lung <lungj@heresjono.com>
    lungj and jonathan lung authored Feb 25, 2021
    Copy the full SHA
    45fe20b View commit details
  2. Copy the full SHA
    b562585 View commit details
  3. Fixed travis ci

    hispanico committed Feb 25, 2021
    Copy the full SHA
    9d4c619 View commit details

Commits on Feb 27, 2021

  1. Create ci.yml

    Setup github actions
    hispanico authored Feb 27, 2021
    Copy the full SHA
    961d338 View commit details

Commits on Mar 1, 2021

  1. Feature/imporve GitHub actions (#44)

    * Testing gihub actions
    
    * updated meta
    
    * revert certbot-auto
    
    * Removed deprecated ssl directive in nginx
    
    * Setup github action release
    
    * Updated README.md and .ansible-lint
    hispanico authored Mar 1, 2021
    Copy the full SHA
    edfc9ad View commit details

Commits on Mar 2, 2021

  1. [skip ci] Updated README

    hispanico committed Mar 2, 2021
    Copy the full SHA
    66f297c View commit details
  2. [skip ci] Updated README

    hispanico committed Mar 2, 2021
    Copy the full SHA
    ade632c View commit details
  3. Renamed ansible role

    hispanico committed Mar 2, 2021
    Copy the full SHA
    64466cf View commit details

Commits on May 20, 2021

  1. Copy the full SHA
    eedaa01 View commit details
  2. Copy the full SHA
    d24a1b6 View commit details

Commits on Jan 4, 2023

  1. Copy the full SHA
    bcf68e5 View commit details

Commits on Mar 10, 2023

  1. Merge pull request #57 from higidi/feature/access_control

    FEATURE: Add possibility to restrict access to certain client address
    hispanico authored Mar 10, 2023
    Copy the full SHA
    82e96a7 View commit details
  2. Copy the full SHA
    ce5e112 View commit details
  3. support adding extra locations in reverse proxy (#55)

    Signed-off-by: Calvin Pham <calvin@inboxs.com>
    Co-authored-by: Calvin Pham <calvin@inboxs.com>
    pkchuyen and skip-zzz-thedishes authored Mar 10, 2023
    Copy the full SHA
    ad50d6a View commit details

Commits on Mar 15, 2023

  1. Copy the full SHA
    09aaa88 View commit details
4 changes: 4 additions & 0 deletions .ansible-lint
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
skip_list:
- 'yaml'
- 'role-name'

exclude_paths:
- meta/exception.yml
- meta/preferences.yml
73 changes: 73 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
---

name: CI
'on':
pull_request:
push:
branches:
- master
- feature/*
schedule:
- cron: "0 3 * * 5"

defaults:
run:
working-directory: 'hispanico.nginx-revproxy'

jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Check out the codebase.
uses: actions/checkout@v2
with:
path: 'hispanico.nginx-revproxy'

- name: Set up Python 3.
uses: actions/setup-python@v2
with:
python-version: '3.x'

- name: Install test dependencies.
run: pip3 install yamllint ansible ansible-lint

- name: Lint code.
run: |
yamllint .
ansible-lint
molecule:
name: Molecule
runs-on: ubuntu-latest
needs:
- lint
strategy:
fail-fast: false
matrix:
distro:
- ubuntu2004
- ubuntu1804
- ubuntu1604
- debian9
- debian10
steps:
- name: Check out the codebase.
uses: actions/checkout@v2
with:
path: 'hispanico.nginx-revproxy'

- name: Set up Python 3.
uses: actions/setup-python@v2
with:
python-version: '3.x'

- name: Install test dependencies.
run: pip3 install ansible molecule[docker] docker

- name: Run Molecule tests.
run: molecule test --all
env:
PY_COLORS: '1'
ANSIBLE_FORCE_COLOR: '1'
MOLECULE_DISTRO: ${{ matrix.distro }}
37 changes: 37 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
---
# This workflow requires a GALAXY_API_KEY secret present in the GitHub
# repository or organization.
#
# See: https://github.com/marketplace/actions/publish-ansible-role-to-galaxy
# See: https://github.com/ansible/galaxy/issues/46

name: Release
'on':
push:
tags:
- '*'

defaults:
run:
working-directory: 'hispanico.nginx-revproxy'

jobs:
release:
name: Release
runs-on: ubuntu-latest
steps:
- name: Check out the codebase.
uses: actions/checkout@v2
with:
path: 'hispanico.nginx-revproxy'

- name: Set up Python 3.
uses: actions/setup-python@v2
with:
python-version: '3.x'

- name: Install Ansible.
run: pip3 install ansible-base

- name: Trigger a new import on Galaxy.
run: ansible-galaxy role import --api-key ${{ secrets.GALAXY_API_KEY }} $(echo ${{ github.repository }} | cut -d/ -f1) $(echo ${{ github.repository }} | cut -d/ -f2)
33 changes: 0 additions & 33 deletions .travis.yml

This file was deleted.

29 changes: 22 additions & 7 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
ansible-nginx-revproxy
ansible-role-nginx_revproxy
=========

[![Build Status](https://img.shields.io/travis/hispanico/ansible-nginx-revproxy.svg?style=flat-square)](https://travis-ci.org/hispanico/ansible-nginx-revproxy)
[![Galaxy](https://img.shields.io/badge/galaxy-hispanico.nginx--revproxy-blue.svg?style=flat-square)](https://galaxy.ansible.com/hispanico/nginx-revproxy/)

Install and configures Nginx as reverse proxy for multiple website.

|GitHub|Quality|Downloads|Galaxy|Version|
|------|-------|---------|-------|-------|
|[![CI](https://github.com/hispanico/ansible-role-nginx_revproxy/actions/workflows/ci.yml/badge.svg)](https://github.com/hispanico/ansible-role-nginx_revproxy/actions/workflows/ci.yml)|[![quality](https://img.shields.io/ansible/quality/53382)](https://galaxy.ansible.com/hispanico/nginx_revproxy)|[![downloads](https://img.shields.io/ansible/role/d/53382)](https://galaxy.ansible.com/hispanico/nginx_revproxy)|[![Galaxy](https://img.shields.io/badge/galaxy-hispanico.nginx_revproxy-blue.svg)](https://galaxy.ansible.com/hispanico/nginx_revproxy)|[![Version](https://img.shields.io/github/release/hispanico/ansible-role-nginx_revproxy.svg)](https://github.com/hispanico/ansible-role-nginx_revproxy/releases/)|

Requirements
------------

@@ -18,7 +19,7 @@ Default values:

```yaml
nginx_revproxy_sites: # List of sites to reverse proxy
default: # Set defualt site to return 444 (Connection Closed Without Response)
default: # Set default site to return 444 (Connection Closed Without Response)
ssl: false # Set to True if you want to redirect http to https
letsencrypt: false

@@ -32,9 +33,17 @@ nginx_revproxy_sites: # List of sites to
auth: # Define this block for a single HTTP user/password, or leave undefined for unauthenticated vhosts
login: myusername
password: mysecretpassword
extra_locations: # Set this block to add extra location, or leave it undefined for non extra location needed
websocket: # extra location name
upstreams: # list of upstreans for extra location
- { backend_address: 192.168.0.102, backend_port: 8088 }
listen: 9000 # Specify which port you want to listen to with clear HTTP, or leave undefined for 80
ssl: false # Set to True if you want to redirect http to https
letsencrypt: false # Set to True if you are using hispanico.letsencrypt-nginx-revproxy role
letsencrypt: false # Set to True if you want to use letsencrypt
conn_upgrade: true # Set the Connection upgrade header values
acls: # Limit access to certain client addresses (values can be address, CIDR, unix or all)
- { mode: allow, value: 192.168.0.1 }
- { mode: deny, value: all }

example.org: # Domain name
domains: # List of server_name aliases
@@ -50,6 +59,12 @@ nginx_revproxy_sites: # List of sites to
ssl_certificate_key: /etc/ssl/private/ssl-cert-snakeoil.key # ssl certificate key, used if letsencrypt is false
letsencrypt: false # Set to True if you want use letsencrypt
letsencrypt_email: "" # Set email for letencrypt cert

nginx_revproxy_certbot_auto: false # Set to true to install certbot-auto

nginx_revproxy_certbot_packages: # Install these packages from repo, when not using certbot-auto
- certbot
- python3-certbot-nginx
```
Dependencies
@@ -63,7 +78,7 @@ Example Playbook
```yaml
- hosts: all
roles:
- ansible-nginx-revproxy
- hispanico.nginx_revproxy
vars:
nginx_revproxy_sites:
default:
15 changes: 15 additions & 0 deletions defaults/main.yml
Original file line number Diff line number Diff line change
@@ -2,13 +2,28 @@

nginx_revproxy_sites: # List of sites to reverse proxy
example.com: # Domain name
client_max_body_size: "256M"
proxy_read_timeout: "360"
domains: # List of server_name aliases
- example.com
- www.example.com
upstreams: # List of Upstreams
- {backend_address: 192.168.0.100, backend_port: 80}
- {backend_address: 192.168.0.101, backend_port: 8080}
# extra_locations:
# websocket:
# upstreams:
# - {backend_address: 192.168.0.102, backend_port: 8088}

ssl: true # Set to True if you want to redirect http to https
hsts_max_age: 63072000 # Set HSTS header with max-age defined
letsencrypt: false # Set to True if you want use letsencrypt
letsencrypt_email: "" # Set email for letencrypt cert

nginx_revproxy_certbot_auto: false

# Remove WebRoot Sites
nginx_revproxy_remove_webroot_sites: true

# De-activate Sites
nginx_revproxy_de_activate_sites: true
1 change: 1 addition & 0 deletions handlers/main.yml
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
---

- name: Start Nginx
service:
name: nginx
3 changes: 2 additions & 1 deletion meta/main.yml
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
---

galaxy_info:
author: Hispanico
role_name: nginx_revproxy
author: hispanico
description: Manage Nginx as Reverse Proxy
license: GPLv3

12 changes: 11 additions & 1 deletion molecule/default/converge.yml
Original file line number Diff line number Diff line change
@@ -23,5 +23,15 @@
cache_valid_time: 600
when: ansible_distribution == 'Ubuntu'

- name: Enable certbot-auto on Ubuntu 16.04
set_fact:
nginx_revproxy_certbot_auto: true
when: ansible_distribution == 'Ubuntu' and ansible_distribution_major_version == '16'

- name: Enable certbot-auto on Debian 9
set_fact:
nginx_revproxy_certbot_auto: true
when: ansible_distribution == 'Debian' and ansible_distribution_major_version == '9'

roles:
- role: hispanico.nginx-revproxy
- role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
14 changes: 2 additions & 12 deletions molecule/default/molecule.yml
Original file line number Diff line number Diff line change
@@ -4,13 +4,9 @@ dependency:
name: galaxy
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
platforms:
- name: "${ROLE_NAME:-instance}-${MOLECULE_DISTRO}"
image: "geerlingguy/docker-${MOLECULE_DISTRO}-ansible:${tag:-latest}"
- name: instance
image: "geerlingguy/docker-${MOLECULE_DISTRO}-ansible:latest"
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
@@ -20,9 +16,3 @@ provisioner:
name: ansible
playbooks:
converge: ${MOLECULE_PLAYBOOK:-converge.yml}
config_options:
defaults:
stdout_callback: yaml
bin_ansible_callbacks: yes
verifier:
name: ansible
12 changes: 11 additions & 1 deletion molecule/http_only/converge.yml
Original file line number Diff line number Diff line change
@@ -35,5 +35,15 @@
cache_valid_time: 600
when: ansible_distribution == 'Ubuntu'

- name: Enable certbot-auto on Ubuntu 16.04
set_fact:
nginx_revproxy_certbot_auto: true
when: ansible_distribution == 'Ubuntu' and ansible_distribution_major_version == '16'

- name: Enable certbot-auto on Debian 9
set_fact:
nginx_revproxy_certbot_auto: true
when: ansible_distribution == 'Debian' and ansible_distribution_major_version == '9'

roles:
- role: hispanico.nginx-revproxy
- role: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
14 changes: 2 additions & 12 deletions molecule/http_only/molecule.yml
Original file line number Diff line number Diff line change
@@ -4,13 +4,9 @@ dependency:
name: galaxy
driver:
name: docker
lint: |
set -e
yamllint .
ansible-lint
platforms:
- name: "${ROLE_NAME:-instance}-${MOLECULE_DISTRO}"
image: "geerlingguy/docker-${MOLECULE_DISTRO}-ansible:${tag:-latest}"
- name: instance
image: "geerlingguy/docker-${MOLECULE_DISTRO}-ansible:latest"
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
@@ -20,9 +16,3 @@ provisioner:
name: ansible
playbooks:
converge: ${MOLECULE_PLAYBOOK:-converge.yml}
config_options:
defaults:
stdout_callback: yaml
bin_ansible_callbacks: yes
verifier:
name: ansible
Loading