mirror of
https://github.com/dev-sec/ansible-nginx-hardening.git
synced 2024-11-22 15:32:01 +01:00
3028b5ddc7
* fix linting issues Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * set file permissions Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com>
41 lines
1.3 KiB
YAML
41 lines
1.3 KiB
YAML
---
|
|
- name: wrapper playbook for kitchen testing "ansible-nginx-hardening" with custom settings
|
|
hosts: localhost
|
|
vars:
|
|
- nginx_main_template_enable: true
|
|
- nginx_main_template:
|
|
template_file: nginx.conf.j2
|
|
conf_file_name: nginx.conf
|
|
conf_file_location: /etc/nginx/
|
|
user: www-data
|
|
worker_processes: auto
|
|
error_level: warn
|
|
worker_connections: 1024
|
|
http_enable: true
|
|
http_settings:
|
|
keepalive_timeout: 65
|
|
cache: false
|
|
rate_limit: false
|
|
keyval: false
|
|
stream_enable: false
|
|
http_global_autoindex: false
|
|
pre_tasks:
|
|
- apt_repository:
|
|
repo: "deb http://ftp.debian.org/debian jessie-backports main"
|
|
state: present
|
|
when: ansible_distribution == 'Debian' and ansible_distribution_major_version == '8'
|
|
- set_fact:
|
|
nginx_default_release: "jessie-backports"
|
|
when: ansible_distribution == 'Debian' and ansible_distribution_major_version == '8'
|
|
- package: name="{{item}}" state=installed
|
|
with_items:
|
|
- "systemd"
|
|
ignore_errors: true
|
|
- apt: name="{{item}}" state=installed update_cache=true
|
|
with_items:
|
|
- "systemd"
|
|
ignore_errors: true
|
|
roles:
|
|
- nginxinc.nginx
|
|
- ansible-nginx-hardening
|