Add Vagrant related files

ansible/roles/nginx/handlers/main.yml

@@ -0,0 +1,11 @@
+---
+
+- name: Reload Nginx
+  service:
+    name: nginx
+    state: reloaded
+
+- name: Stop Nginx
+  service:
+    name: nginx
+    state: stopped

ansible/roles/nginx/tasks/main.yml

@@ -0,0 +1,42 @@
+---
+
+- name: Install Nginx
+  dnf:
+    name: "{{ item }}"
+    state: present
+  with_items:
+    - nginx
+
+- name: Create the Nginx configuration file for SSL
+  template:
+    src: site-ssl.conf.j2
+    dest: /etc/nginx/conf.d/{{ project_name }}-ssl.conf
+  when: use_ssl
+  notify: Reload Nginx
+
+- name: Create the Nginx configuration file (non-SSL)
+  template:
+    src: site.conf.j2
+    dest: /etc/nginx/conf.d/{{ project_name }}.conf
+  when: not use_ssl
+  notify: Reload Nginx
+
+- name: Ensure that the default site is removed
+  file:
+    path: /etc/nginx/conf.d/default.conf
+    state: absent
+
+- name: Ensure Nginx service is started, enable service on restart
+  service:
+    name: nginx
+    state: restarted
+    enabled: yes
+  when: enabled
+
+- name: Stop nginx for local dev, disable service
+  service:
+    name: nginx
+    state: stopped
+    enabled: no
+  notify: Stop Nginx
+  when: not enabled

ansible/roles/nginx/templates/site-ssl.conf.j2

@@ -0,0 +1,41 @@
+upstream appserver {
+  server localhost:8000 fail_timeout=0;
+}
+
+server {
+  listen 80;
+  return 301 https://$host$request_uri;
+}
+
+server {
+  listen 443 ssl deferred;
+  server_name {{ host_name }};
+
+  ssl_certificate {{ home_path }}/{{ project_name }}.crt;
+  ssl_certificate_key {{ home_path }}/{{ project_name }}.key;
+  ssl_session_cache shared:SSL:32m;
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+  ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
+  ssl_prefer_server_ciphers on;
+
+  access_log /var/log/nginx/{{ project_name }}.access.log;
+  error_log /var/log/nginx/{{ project_name }}.error.log info;
+
+  keepalive_timeout 5;
+
+  location /static {
+    alias {{ project_path }}/static;
+  }
+
+  location / {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+    proxy_read_timeout 180s;
+
+    if (!-f $request_filename) {
+      proxy_pass http://appserver;
+      break;
+    }
+  }
+}

ansible/roles/nginx/templates/site.conf.j2

@@ -0,0 +1,29 @@
+upstream appserver {
+  server localhost:8000 fail_timeout=0;
+}
+
+server {
+  listen 80;
+  server_name {{ host_name }};
+
+  access_log /var/log/nginx/{{ project_name }}.access.log;
+  error_log /var/log/nginx/{{ project_name }}.error.log info;
+
+  keepalive_timeout 5;
+
+  location /static {
+    alias {{ project_path }}/static;
+  }
+
+  location / {
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header Host $http_host;
+    proxy_redirect off;
+    proxy_read_timeout 180s;
+
+    if (-f $request_filename) {
+      proxy_pass http://appserver;
+      break;
+    }
+  }
+}

ansible/roles/nginx/vars/main.yml

@@ -0,0 +1,3 @@
+---
+
+host_name: calendar-social.local