ansible/roles/nginx/tasks/deploy.yml - openwhisk - Git at Google

 # Licensed to the Apache Software Foundation (ASF) under one or more contributor
 # license agreements; and to You under the Apache License, Version 2.0.
 ---
 # This role starts a nginx component

 - name: ensure nginx config directory exists
   file:
     path: "{{ nginx.confdir }}"
     state: directory
   become: "{{ nginx.dir.become }}"

 - name: copy template from local to remote in nginx config directory
   template:
     src: nginx.conf.j2
     dest: "{{ nginx.confdir }}/nginx.conf"

 - name: copy cert files from local to remote in nginx config directory
   copy:
     src: "files/{{ item }}"
     dest: "{{ nginx.confdir }}"
   with_items:
         - "{{ nginx.ssl.cert }}"
         - "{{ nginx.ssl.key }}"
         - "{{ nginx.ssl.client_ca_cert }}"

 - name: copy password files for cert from local to remote in nginx config directory
   copy:
     src: "files/{{ nginx.ssl.password_file }}"
     dest: "{{ nginx.confdir }}"
   when: nginx.ssl.password_enabled == true

 - name: copy controller cert for authentication
   copy:
     src: "{{ openwhisk_home }}/ansible/roles/controller/files/{{ item }}"
     dest: "{{ nginx.confdir }}"
   with_items:
         - "{{ controller.ssl.cert }}"
         - "{{ controller.ssl.key }}"
   when: "{{ controller.protocol == 'https' }}"

 - name: ensure nginx log directory is created with permissions
   file:
     path: "{{ whisk_logs_dir }}/nginx"
     state: directory
     mode: 0777
   become: "{{ logs.dir.become }}"

 - name: "pull the nginx:{{ nginx.version }} image"
   shell: "docker pull nginx:{{ nginx.version }}"
   register: result
   until: (result.rc == 0)
   retries: "{{ docker.pull.retries }}"
   delay: "{{ docker.pull.delay }}"

 - name: (re)start nginx
   docker_container:
     name: nginx
     image: nginx:{{ nginx.version }}
     state: started
     recreate: true
     restart_policy: "{{ docker.restart.policy }}"
     hostname: "nginx"
     volumes:
       - "{{ whisk_logs_dir }}/nginx:/logs"
       - "{{ nginx.confdir }}:/etc/nginx"
     expose:
       - 8443
     ports:
       - "{{ nginx.port.http }}:80"
       - "{{ nginx.port.api }}:443"
       - "{{ nginx.port.adminportal }}:8443"
	# Licensed to the Apache Software Foundation (ASF) under one or more contributor
	# license agreements; and to You under the Apache License, Version 2.0.
	---
	# This role starts a nginx component

	- name: ensure nginx config directory exists
	file:
	path: "{{ nginx.confdir }}"
	state: directory
	become: "{{ nginx.dir.become }}"

	- name: copy template from local to remote in nginx config directory
	template:
	src: nginx.conf.j2
	dest: "{{ nginx.confdir }}/nginx.conf"

	- name: copy cert files from local to remote in nginx config directory
	copy:
	src: "files/{{ item }}"
	dest: "{{ nginx.confdir }}"
	with_items:
	- "{{ nginx.ssl.cert }}"
	- "{{ nginx.ssl.key }}"
	- "{{ nginx.ssl.client_ca_cert }}"

	- name: copy password files for cert from local to remote in nginx config directory
	copy:
	src: "files/{{ nginx.ssl.password_file }}"
	dest: "{{ nginx.confdir }}"
	when: nginx.ssl.password_enabled == true

	- name: copy controller cert for authentication
	copy:
	src: "{{ openwhisk_home }}/ansible/roles/controller/files/{{ item }}"
	dest: "{{ nginx.confdir }}"
	with_items:
	- "{{ controller.ssl.cert }}"
	- "{{ controller.ssl.key }}"
	when: "{{ controller.protocol == 'https' }}"

	- name: ensure nginx log directory is created with permissions
	file:
	path: "{{ whisk_logs_dir }}/nginx"
	state: directory
	mode: 0777
	become: "{{ logs.dir.become }}"

	- name: "pull the nginx:{{ nginx.version }} image"
	shell: "docker pull nginx:{{ nginx.version }}"
	register: result
	until: (result.rc == 0)
	retries: "{{ docker.pull.retries }}"
	delay: "{{ docker.pull.delay }}"

	- name: (re)start nginx
	docker_container:
	name: nginx
	image: nginx:{{ nginx.version }}
	state: started
	recreate: true
	restart_policy: "{{ docker.restart.policy }}"
	hostname: "nginx"
	volumes:
	- "{{ whisk_logs_dir }}/nginx:/logs"
	- "{{ nginx.confdir }}:/etc/nginx"
	expose:
	- 8443
	ports:
	- "{{ nginx.port.http }}:80"
	- "{{ nginx.port.api }}:443"
	- "{{ nginx.port.adminportal }}:8443"