http_nginx.yml 2.88 KB
Newer Older
Aalaesar's avatar
Aalaesar committed
1
---
2
- name: "[NGINX] -  remove some commented line in php-fpm conf"
Aalaesar's avatar
Aalaesar committed
3
4
5
6
7
8
  lineinfile:
    dest: "{{ php_dir }}/fpm/pool.d/www.conf"
    regexp: '^\;env'
    state: absent
    # validate: "/usr/sbin/{{ php_bin }} -t #%s"
  notify: reload php-fpm
9

10
- name: "[NGINX] -  Add path variable to php-fpm"
Aalaesar's avatar
Aalaesar committed
11
12
13
14
15
16
17
18
19
20
21
22
  blockinfile:
    dest: "{{ php_dir }}/fpm/pool.d/www.conf"
    insertafter: '^; Default Value: clean env$'
    marker: "; {mark} ANSIBLE MANAGED BLOCK"
    block: |
      env[HOSTNAME] = $HOSTNAME
      env[PATH] = $PATH
      env[TMP] = /tmp
      env[TMPDIR] = /tmp
      env[TEMP] = /tmp
  notify: reload php-fpm

23
- name: "[NGINX] -  enable APC for php CLI"
24
  lineinfile:
Aalaesar's avatar
Aalaesar committed
25
26
27
28
29
30
    dest: "{{ php_dir }}/cli/php.ini"
    line: "apc.enable_cli = 1"
    insertbefore: "^; End:$"
    state: present
    # validate: "/usr/sbin/{{ php_bin }} -t #%s"
  notify: reload php-fpm
31

Hispanico's avatar
Hispanico committed
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
- name: "[NGINX] -  enable PHP OPcache for php.ini"
  lineinfile:
    dest: "{{ php_dir }}/fpm/php.ini"
    state: present
    regexp: "{{ item.regexp }}"
    line: "{{ item.line }}"
    backrefs: yes
  with_items:
    - { regexp: 'opcache.enable=0', line: 'opcache.enable=1' }
    - { regexp: 'opcache.enable_cli', line: 'opcache.enable_cli=1' }
    - { regexp: 'opcache.interned_strings_buffer', line: 'opcache.interned_strings_buffer=8' }
    - { regexp: 'opcache.max_accelerated_files', line: 'opcache.max_accelerated_files=10000' }
    - { regexp: 'opcache.memory_consumption', line: 'opcache.memory_consumption=128' }
    - { regexp: 'opcache.save_comments', line: 'opcache.save_comments=1' }
    - { regexp: 'opcache.revalidate_freq', line: 'opcache.revalidate_freq=1' }
    # validate: "/usr/sbin/{{ php_bin }} -t #%s"
  notify: reload php-fpm


51
- name: "[NGINX] -  Public Diffie-Hellman Parameter are generated. This might take a while."
52
53
54
55
  command: "openssl dhparam -out {{ nextcloud_tls_dhparam }} 2048"
  args:
    creates: "{{ nextcloud_tls_dhparam }}"

56
- name: "[NGINX] -  php handler configuration is present."
57
58
59
  template:
    dest: /etc/nginx/sites-available/php_handler.cnf
    src: templates/nginx_php_handler.j2
Daniel Paufler's avatar
Daniel Paufler committed
60
  notify: reload http
Aalaesar's avatar
Aalaesar committed
61

62
- name: "[NGINX] -  php handler is enabled"
63
64
65
66
  file:
    path: /etc/nginx/sites-enabled/php_handler
    src: /etc/nginx/sites-available/php_handler.cnf
    state: link
Daniel Paufler's avatar
Daniel Paufler committed
67
  notify: reload http
68

69
- name: "[NGINX] -  generate Nextcloud configuration for nginx"
Aalaesar's avatar
Aalaesar committed
70
  template:
71
    dest: /etc/nginx/sites-available/nc_{{ nextcloud_instance_name }}.cnf
72
    src: "{{ nextcloud_websrv_template }}"
Daniel Paufler's avatar
Daniel Paufler committed
73
  notify: reload http
Aalaesar's avatar
Aalaesar committed
74

75
- name: "[NGINX] -  Enable Nextcloud in nginx conf"
Aalaesar's avatar
Aalaesar committed
76
  file:
77
78
    path: /etc/nginx/sites-enabled/nc_{{ nextcloud_instance_name }}
    src: /etc/nginx/sites-available/nc_{{ nextcloud_instance_name }}.cnf
Aalaesar's avatar
Aalaesar committed
79
    state: link
Daniel Paufler's avatar
Daniel Paufler committed
80
  notify: reload http
81
82
83
84
85

- name: "[NGINX] -  Disable nginx default site"
  file:
    path: /etc/nginx/sites-enabled/default
    state: absent
86
  when: nextcloud_disable_websrv_default_site | bool
87
  notify: reload http