This Ansible role installs Nginx and generates configuration for Unicorn applications
None
This role does not install or configure Unicorn itself. It is designed to play nicely with a Unicorn role such as Unicorn-RVM.
-
nginx_sitesis an array of unicorn sites, defaults to[]Each nginx_sites entry is a dict with the following options:
name(egmy_app, required)server_name(egmy-app.my-domain.org, required, in any format supported by nginx)rootdefaults to/var/www/{{ name }}/current(Capistrano compatible)listendefaults to[::]:80(Both IPv4 and IPv6)access_logis a dict with the following options:pathdefaults to/var/log/nginx/{{ name }}.access.logformatis optional, can be used to specify a custom nginx log output format
error_logsee abovesslif this option is given, an ssl config section will be generated. It contains the following options:certificaterequired, path to ssl certificatecertificate_keyrequired, path to ssl certificate keyssl_onlyif set totrue, always redirect to sslsensitive_urisrequired unlessssl_only, nginx uri expressions that will be served using httpsaccess_logas above, for https requestserror_logas above, for https requests
The role could be included in a playbook as follows (unicorn-rvm also shown):
---
-hosts: application
roles:
- role: unicorn-rvm
rails_apps:
- { name: 'my_app1', ruby_version: 'ruby-1.9.3' }
- { name: 'my_app2', ruby_version: 'ruby-2.1.1', root: '/var/test_apps/app2', env: staging }
- role: nginx-unicorn
nginx_sites:
- name: 'my_app1'
server_name: 'my-app1.example.com'
access_log:
format: 'main'
ssl:
certificate: /etc/ssl/localcerts/my_app1.pem
certificate_key: /etc/ssl/localcerts/my_app1.key
sensitive_uris:
- ^/user/sign_in(.*)
- ^/user/password(.*)
access_log:
format: 'main'
- name: 'my_app2'
server_name: 'my-app2.example.com *.mydomain.com'
root: '/var/test_apps/app2'
ssl:
certificate: /etc/ssl/localcerts/my_app2.crt
certificate_key: /etc/ssl/localcerts/my_app2.key
ssl_only: trueMIT