mauro/docker-image-nginx
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

simplificando rol - usar imagen custom e incluis certificados ssl

Browse Source
This commit is contained in:
Mauro Torrez
2019-08-26 00:48:23 -03:00
parent 999e91e220
commit b0e43d9290
7 changed files with 189 additions and 76 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
tasks/main.yml
View File

@@ -1,74 +1,71 @@
---
- name: "Activar container nginx"
- name: Directorio de build nginx
file:
path: /root/.nginx-docker-image
state: directory
tags: skip_me
- name: Copiar archivos de build
copy:
src: "{{ item }}"
dest: /root/.nginx-docker-image
loop:
- Dockerfile
- nginx.conf
- dhparam.pem
- default.conf
tags: skip_me
- name: Crear imagen my_nginx
docker_image:
state: present
name: my_nginx
path: /root/.nginx-docker-image
tags: skip_me
- name: Activar container nginx
docker_container:
name: "nginx"
state: "started"
restart_policy: "unless-stopped"
image: "{{ nginx_image }}"
name: nginx
state: started
restart_policy: unless-stopped
image: my_nginx
volumes:
- "{{ nginx_ssl_certificate }}:/etc/nginx/server.crt"
- "{{ nginx_ssl_private_key }}:/etc/nginx/server.key"
- "{{ nginx_ssl_volume }}:/etc/nginx/ssl/"
- "{{ nginx_config_volume }}:/etc/nginx/conf.d/"
- "{{ nginx_webroot_volume }}:/usr/share/nginx/html/"
networks:
- name: "{{ docker_network_name }}"
ports: "{{ nginx_publish_ports }}"
env:
register: "container"
register: container
- name: "Configurar volumen {{ nginx_config_volume }}"
docker_volume:
- name: Leer info de volumen {{ nginx_config_volume }}
docker_volume_info:
name: "{{ nginx_config_volume }}"
state: "present"
register: "st_c_volume"
register: res_cnf
- name: "Configurar volumen {{ nginx_webroot_volume }}"
docker_volume:
- name: Leer info de volumen {{ nginx_ssl_volume }}
docker_volume_info:
name: "{{ nginx_ssl_volume }}"
register: res_ssl
- name: Leer info de volumen {{ nginx_webroot_volume }}
docker_volume_info:
name: "{{ nginx_webroot_volume }}"
state: "present"
register: "st_w_volume"
register: res_web
- name: Leer info de volumen {{ nginx_location_volume }}
docker_volume_info:
name: "{{ nginx_location_volume }}"
register: res_loc
# exportar punto de montaje del volumen
- set_fact:
nginx_config_mountpoint: "{{ st_c_volume.ansible_facts.docker_volume.Mountpoint }}"
nginx_webroot_mountpoint: "{{ st_w_volume.ansible_facts.docker_volume.Mountpoint }}"
# TODO: creo que estas tareas se deberian hacer desde dentro de un container
- copy:
content: |
ssl_certificate /etc/nginx/server.crt;
ssl_certificate_key /etc/nginx/server.key;
dest: "{{ nginx_config_mountpoint }}/00_ssl.conf"
notify: "restart nginx container"
- copy:
content: |
server {
listen 80 {{ nginx_http_listen_args | join (' ') }};
server_name _;
root /usr/share/nginx/html;
include /etc/nginx/conf.d/common/*.conf;
{% if nginx_redirect_https %}
location / {
rewrite ^ https://$http_host$request_uri permanent;
}
{% endif %}
include /etc/nginx/conf.d/locations-http/*.conf;
}
server {
listen 443 ssl {{ nginx_https_listen_args | join (' ') }};
server_name _;
root /usr/share/nginx/html;
include /etc/nginx/conf.d/common/*.conf;
include /etc/nginx/conf.d/locations/*.conf;
}
dest: "{{ nginx_config_mountpoint }}/10_server.conf"
notify: "restart nginx container"
- file:
name: "{{ nginx_config_mountpoint }}/{{ item }}"
state: "directory"
loop:
- common
- locations
- locations-http
nginx_config_mountpoint: "{{ res_cnf.volume.Mountpoint }}"
nginx_location_mountpoint: "{{ res_loc.volume.Mountpoint }}"
nginx_webroot_mountpoint: "{{ res_web.volume.Mountpoint }}"
nginx_ssl_mountpoint: "{{ res_ssl.volume.Mountpoint }}"
nginx_config_volume: "{{ lookup('vars','nginx_config_volume') }}"
nginx_webroot_volume: "{{ lookup('vars','nginx_webroot_volume') }}"
nginx_ssl_volume: "{{ lookup('vars','nginx_ssl_volume') }}"
nginx_location_volume: "{{ lookup('vars','nginx_location_volume') }}"