Nginx Role:

  * Removed old daemon script to be replaced by upstart script
  * Removed old default SSL Server block
  * Updated Readme
  * Adding Version number to meta file
  * Replaced tags with when statements for better control of running tasks
  * Added SSL configurations for better SSL performance and security
  * Added License
  * Seperated tasks into specific yaml files
  * Added a series of new server block files for better customization
  * Added Test suite for Circle integration
  * Added default vars to role
  * Added Sudoers tasks
  * Added Logrotate task

Author: Pablo Castillo

LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2014 Crush & Lovely, Pablo Castillo
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

README.md

@@ -1,6 +1,6 @@
 # Ansible Role For NGINX
 
-[![Build Status](http://img.shields.io/travis/crushlovely/ansible-nginx.svg?style=flat)](https://travis-ci.org/crushlovely/ansible-nginx)
+[[![Build Status](https://img.shields.io/circleci/project/crushlovely/ansible-nginx.svg?style=flat)](https://github.com/crushlovely/ansible-nginx)
 [![Current Version](http://img.shields.io/github/release/crushlovely/ansible-nginx.svg?style=flat)](https://galaxy.ansible.com/list#/roles/1180)
 
 This Ansible role that installs `nginx` and its dependencies:
@@ -14,24 +14,24 @@ This Ansible role that installs `nginx` and its dependencies:
 * `zlib1g`
 * `zlib1g-dev`
 
-This role requires self-signed certs placed in `files/ssl` or third-party certs placed in `{{ app_name }}/files/ssl/` (found in the root of the ansible roles directory).
+This role requires self-signed certs placed in `files/ssl` or third-party certs placed in `{{ app_name }}/files/ssl/` (found in the root of the ansible roles directory). This role also has the option to install Nginx with the passenger module.
 
-Finally it sets the default timezone for the server.  We use this as the base image for all our Ruby and Node.js applications.
 
 ## Installation
 
 ``` bash
-$ ansible-galaxy install crushlovely.nginx
+$ ansible-galaxy install crushlovely.nginx, v1.0.0
 ```
 
 ## Variables
 
 ``` yaml
-nginx_version: 1.6.2
 app_name: **name of your app**
-upstream_port: 8080
-domains:
-  - "domain.com"
+nginx:
+  version: 1.6.2
+  upstream_port: 8080
+  domains:
+    - "domain.com"
 ```
 
 ## Usage
@@ -41,7 +41,7 @@ Once this role is installed on your system, include it in the roles list of your
 ``` yaml
 - hosts: localhost
   roles:
-    - { role: crushlovely.nginx, ssl: 'yes' }
+    - { role: crushlovely.nginx, nginx.ssl: 'true', nginx.passenger: 'true', nginx.custom: 'true' }
 ```
 You can also add a vars folder to your project folder and have your variables served by adding them to a file and calling it in your playbook.
 

circle.yml

@@ -0,0 +1,34 @@
+---
+machine:
+  python:
+    version: 2.7.9
+  ruby:
+    version: 2.1.3
+dependencies:
+  pre:
+    - sudo apt-get update -qq
+    - sudo apt-get install -qq python-apt python-pycurl aptitude python-software-properties python-pip python-dev git
+    - sudo apt-get update -qq
+    - gem install rake
+    - sudo gem install rake
+
+    # Install Ansible.
+    - pip install ansible==1.9.0.1
+
+    # Add ansible.cfg to pick up roles path.
+    - "printf '[defaults]\nroles_path = ../' > ansible.cfg"
+
+test:
+  override:
+    # Get nginx role
+    - ansible-galaxy install -f https://github.com/crushlovely/ansible-nginx.git,remotes/origin/$CIRCLE_BRANCH -p ./tests/roles/
+
+    # Check the role/playbook's syntax.
+    - ansible-playbook --syntax-check -i tests/inventory tests/test.yml
+
+    # Check the role/playbook's syntax.
+    - ansible-playbook -i tests/inventory tests/test.yml:
+        timeout: 900
+
+    # Idempotence Test
+    - "ansible-playbook -i tests/inventory tests/test.yml | grep -q 'changed=3.*failed=0' && (echo 'Idempotence test: pass' && exit 0) || (echo 'Idempotence test: fail' && exit 1)"

defaults/main.yml

@@ -0,0 +1,17 @@
+---
+app_name: test
+app_path: /srv/test/public
+ssl: 'false'
+passenger: 'true'
+updates: 'true'
+custom: 'true'
+nginx:
+  version: 1.6.2
+  upstream_port: 5000
+  user: ubuntu
+  group: ubuntu
+  passenger:
+    version: 5.0.6
+    prestart: http://test.com
+domains: test.com
+server_env: production

files/nginx

@@ -0,0 +1,18 @@
+/var/log/nginx/*.log {
+        weekly
+        missingok
+        rotate 52
+        compress
+        delaycompress
+        notifempty
+        create 0640 www-data adm
+        sharedscripts
+        prerotate
+                if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
+                        run-parts /etc/logrotate.d/httpd-prerotate; \
+                fi \
+        endscript
+        postrotate
+                [ -s /run/nginx.pid ] && kill -USR1 `cat /run/nginx.pid`
+        endscript
+}

files/nginx_upstart.conf.j2 files/nginx_upstart.conf

@@ -1,23 +1,31 @@
 #!upstart
 description "Upstart Script for a NGINX process"
-author "Philipp Klose & Pablo Castillo"
+author "Philipp Klose"
 
 start on (filesystem and net-device-up IFACE=lo)
 stop on runlevel [!2345]
 
 env DAEMON=/usr/sbin/nginx
-env PID=/opt/nginx/logs/nginx.pid
+env PID=/var/run/nginx.pid
 
 expect fork
 respawn
 respawn limit 10 5
 #oom never
 
 pre-start script
+/bin/bash <<EOT
  $DAEMON -t
  if [ $? -ne 0 ]
  then exit $?
  fi
+EOT
 end script
 
-exec $DAEMON
+exec $DAEMON
+
+pre-stop script
+/bin/bash <<EOT
+  exec start-stop-daemon --stop --pidfile $PID --name nginx --exec $DAEMON --signal QUIT
+EOT
+end script

files/passenger-path.sh

@@ -0,0 +1 @@
+export PATH=:/opt/passenger/bin:$PATH

files/sudoers

@@ -0,0 +1,30 @@
+#
+# This file MUST be edited with the 'visudo' command as root.
+#
+# Please consider adding local content in /etc/sudoers.d/ instead of
+# directly modifying this file.
+#
+# See the man page for details on how to write a sudoers file.
+#
+Defaults  env_reset
+Defaults  mail_badpass
+Defaults  secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/passenger/bin"
+
+# Host alias specification
+
+# User alias specification
+
+# Cmnd alias specification
+
+# User privilege specification
+root  ALL=(ALL:ALL) ALL
+
+# Members of the admin group may gain root privileges
+%admin ALL=(ALL) ALL
+
+# Allow members of group sudo to execute any command
+%sudo ALL=(ALL:ALL) ALL
+
+# See sudoers(5) for more information on "#include" directives:
+
+#includedir /etc/sudoers.d

meta/main.yml

@@ -8,9 +8,11 @@ galaxy_info:
   platforms:
     - name: Ubuntu
       versions:
-        - precise
+        - Precise
+        - Trusty
   categories:
     - development
     - web
     - system
 dependencies: []
+version: 1.0.0

tasks/custom.yml

@@ -0,0 +1,23 @@
+---
+- name: Create Sites Enabled Directory
+  file: path=/etc/nginx/sites-enabled state=directory owner=root group=root
+  sudo: yes
+
+- name: Apply defaultserver conf file
+  template: src=defaultserver.j2 dest=/etc/nginx/sites-enabled/zzzzzdefaultserver owner=root group=root
+  sudo: yes
+
+- name: Apply site conf file
+  template: src=site.com.j2 dest=/etc/nginx/sites-enabled/{{ app_name }} owner=root group=root
+  sudo: yes
+  when: passenger == "false"
+
+- name: Apply Passenger site conf file
+  template: src=passenger.site.j2 dest=/etc/nginx/sites-enabled/{{ app_name }} owner=root group=root
+  sudo: yes
+  when: passenger == "true"
+
+- name:  Custom Config template placement
+  template: src=passenger.conf.j2 dest=/etc/nginx/conf.d/passenger.conf  owner=root group=root
+  sudo: yes
+  when: passenger == "true"