ansible playbook

查看目录结构

    [root@iZ23nvakegvZ nginx_v2]# tree

    .

    ├── files

    │   ├── nginx.crt

    │   ├── nginx.key

    ├── hosts

    ├── templates

    │   ├── index.html.j2

    │   └── test.conf.j2

    └── web-tls.yml



    2 directories, 8 files

    [root@iZ23nvakegvZ nginx_v2]#

查看nginx https playbook

    [root@iZ23nvakegvZ nginx_v2]# cat web-tls.yml

    - name: Configure webserver with nginx and tls

      hosts: vpnserver

      #hosts: web_test1

      #sudo: True

      vars:

        key_file: /etc/nginx/ssl/nginx.key

        cert_file: /etc/nginx/ssl/nginx.crt

        conf_file: /etc/nginx/conf.d/test.conf

        server_name: localhost



      tasks:

        - name: Install Nginx server

          yum: name=nginx



        - name: create directories for ssl certificates

          file: path=/etc/nginx/ssl state=directory



        - name: copy TLS key

          copy: src=files/nginx.key dest={{ key_file }} owner=root mode=0600

          notify: restart nginx



        - name: copy TLS certificate

          copy: src=files/nginx.crt dest={{ cert_file }}

          notify: restart nginx



        - name: copy nginx config file

          template: src=templates/test.conf.j2 dest={{ conf_file }}

          notify: restart nginx



        - name: copy index.html

          template: src=templates/index.html.j2 dest=/usr/share/nginx/html/index.html



      handlers:

        - name: restart nginx

          service: name=nginx state=restarted

    [root@iZ23nvakegvZ nginx_v2]#

查看配置文件hosts

    [root@iZ23nvakegvZ nginx_v2]# cat hosts

    [web_test1]

    web_test01 ansible_ssh_host=10.117.54.249

    [root@iZ23nvakegvZ nginx_v2]#

查看template 模板文件

    [root@iZ23nvakegvZ nginx_v2]# cat templates/index.html.j2

    <html>

      <head>

         <title>Welcome to Ansible </title>

      </head>

      <body>

      <h1>nginx, configured by Ansible </h1>

      <p>If you can see this, Ansible successfully installed nginx.</p>

      <p>{{ ansible_managed }}</p>

      </body>

    </html>

    [root@iZ23nvakegvZ nginx_v2]# cat templates/test.conf.j2

    server{

            listen 80;

      listen 443;



      server_name {{ server_name }};

      root /usr/share/nginx/html;

      index index.php index.html;



      ssl on;

      ssl_certificate   {{ cert_file }};

            ssl_certificate_key {{ key_file }};

      ssl_session_timeout 5m;SSSS

      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

      ssl_ciphers ALL:!ADH:!EXPORT56:-RC4+RSA:+HIGH:+MEDIUM:!EXP;

      ssl_prefer_server_ciphers on;



      access_log  /var/log/nginx/nginxtest.access.log main;

      error_log  /var/log/nginx/nginxtest.error.log warn;



      location ~ /\.ht {

                    deny all;

            }



    }

    [root@iZ23nvakegvZ nginx_v2]#

执行


    [root@iZ23nvakegvZ nginx_v2]# ansible-playbook -i hosts web-tls.yml

ansible nginx

ansible playbook

ansible playbook安装nginx https

ansible playbook

ansible playbook安装nginx https

查看目录结构

查看nginx https playbook

查看配置文件hosts

查看template 模板文件

执行

See also