1- hosts: surveytool 2 become: yes 3 vars_files: 4 - vars/main.yml 5 - local-vars/local.yml 6 roles: 7 - { role: geerlingguy.nginx } 8 tasks: 9 - name: Setup stapler.conf 10 copy: 11 src: templates/nginx-stapler.conf 12 dest: /etc/nginx/conf.d/stapler.conf 13 owner: root 14 group: root 15 mode: '0644' 16 notify: 'Restart Nginx' 17 - name: Setup gzip.conf 18 copy: 19 dest: /etc/nginx/conf.d/gzip.conf 20 owner: root 21 group: root 22 mode: '0644' 23 content: | 24 gzip on; 25 gzip_types text/plain application/xml application/json text/javascript application/x-javascript; 26 gzip_proxied no-cache no-store private expired auth; 27 gzip_min_length 1000; 28 notify: 'Restart Nginx' 29 - name: Setup reverse proxy 30 blockinfile: 31 path: /etc/nginx/sites-enabled/default 32 block: | 33 # proxy /cldr-apps/ to openliberty, with generous timeouts 34 proxy_connect_timeout 60s; 35 proxy_send_timeout 500s; 36 proxy_read_timeout 500s; 37 location /cldr-apps/ { 38 rewrite ^/(.+)\._[\da-f]+_\.(js|css)$ /$1.$2 break; 39 allow all; 40 proxy_pass http://localhost:9080/cldr-apps/; 41 proxy_set_header Host $host; 42 proxy_set_header X-Real-IP $remote_addr; 43 proxy_set_header X-Forwarded-For $remote_addr; 44 proxy_set_header X-Forwarded-Proto $scheme; 45 } 46 location /openapi/ { 47 allow all; 48 proxy_pass http://localhost:9080/openapi/; 49 proxy_set_header Host $host; 50 proxy_set_header X-Real-IP $remote_addr; 51 proxy_set_header X-Forwarded-For $remote_addr; 52 proxy_set_header X-Forwarded-Proto $scheme; 53 } 54 marker: '# {mark} ANSIBLE MANAGED BLOCK' 55 insertafter: '^[\s]*server_name' # the LAST uncommented server block 56 notify: 'Restart Nginx' 57 - name: Setup index.html 58 copy: 59 src: templates/index.html 60 dest: /var/www/html 61 owner: root 62 group: root 63 mode: '0644' 64 handlers: 65 - name: Restart Nginx 66 service: 67 name: nginx 68 state: restarted 69