diff options
-rw-r--r-- | inventory/host_vars/sk-cloudia/vars.yml | 2 | ||||
-rw-r--r-- | roles/nginx/base/defaults/main.yml | 2 | ||||
-rw-r--r-- | roles/nginx/base/tasks/main.yml | 4 | ||||
-rw-r--r-- | roles/nginx/base/tasks/stream.yml | 22 |
4 files changed, 30 insertions, 0 deletions
diff --git a/inventory/host_vars/sk-cloudia/vars.yml b/inventory/host_vars/sk-cloudia/vars.yml index 19549d8b..b424e1ba 100644 --- a/inventory/host_vars/sk-cloudia/vars.yml +++ b/inventory/host_vars/sk-cloudia/vars.yml @@ -40,3 +40,5 @@ kubernetes_standalone_cni_variant: with-localonly-portmap kubernetes_cri_socket: "unix:///run/containerd/containerd.sock" acmetool_directory_server: "{{ acmetool_directory_server_le_live_v1 }}" + +nginx_stream_module: yes diff --git a/roles/nginx/base/defaults/main.yml b/roles/nginx/base/defaults/main.yml index 2cd84e5a..9dd53cdf 100644 --- a/roles/nginx/base/defaults/main.yml +++ b/roles/nginx/base/defaults/main.yml @@ -12,3 +12,5 @@ nginx_snippets: - proxy-forward-headers nginx_dhparam_size: 2048 + +nginx_stream_module: no diff --git a/roles/nginx/base/tasks/main.yml b/roles/nginx/base/tasks/main.yml index a434b708..b0e7df5b 100644 --- a/roles/nginx/base/tasks/main.yml +++ b/roles/nginx/base/tasks/main.yml @@ -29,3 +29,7 @@ path: /etc/ssl/dhparams.pem size: "{{ nginx_dhparam_size }}" notify: restart nginx + +- name: install and setup stream module + when: nginx_stream_module + import_tasks: stream.yml diff --git a/roles/nginx/base/tasks/stream.yml b/roles/nginx/base/tasks/stream.yml new file mode 100644 index 00000000..2fddbddb --- /dev/null +++ b/roles/nginx/base/tasks/stream.yml @@ -0,0 +1,22 @@ +--- +- name: install nginx stream module + apt: + name: libnginx-mod-stream + +- name: create directories for stream config files + loop: + - available + - enabled + file: + path: "/etc/nginx/streams-{{ item }}" + state: directory + +- name: add stream config section + blockinfile: + path: /etc/nginx/nginx.conf + block: | + stream { + include /etc/nginx/streams-enabled/*; + } + marker: "# streams: {mark} ansible managed block" + notify: restart nginx |