1
0
Fork 0
mirror of https://github.com/DO1JLR/ansible_role_nginx.git synced 2024-08-16 16:19:48 +02:00

create nginx user/group

This commit is contained in:
L3D 2021-10-18 00:42:23 +02:00
parent 06c49a000d
commit 90f9fbd36d
Signed by: l3d
GPG key ID: CD08445BFF4313D1
6 changed files with 28 additions and 4 deletions

View file

@ -38,3 +38,6 @@ nginx__infrastructure_domain__enabled: true
# disable this variable if you don't want to use our acmetool role to manage tls certificates # disable this variable if you don't want to use our acmetool role to manage tls certificates
nginx__acmetool_enabled: true nginx__acmetool_enabled: true
nginx__user: 'www-data'
nginx__group: 'www-data'

View file

@ -6,6 +6,9 @@
- name: Install nginx - name: Install nginx
ansible.builtin.include_tasks: installation.yml ansible.builtin.include_tasks: installation.yml
- name: create nginx user and group
ansible.builtin.include_tasks: users.yml
- name: Configure nginx - name: Configure nginx
ansible.builtin.include_tasks: nginx.yml ansible.builtin.include_tasks: nginx.yml

View file

@ -1,8 +1,8 @@
--- ---
- name: Copy main nginx configuration file - name: Copy main nginx configuration file
become: true become: true
ansible.builtin.copy: ansible.builtin.template:
src: 'nginx/nginx.conf' src: 'templates/nginx/nginx.conf.j2'
dest: '/etc/nginx/' dest: '/etc/nginx/'
owner: root owner: root
group: root group: root

17
tasks/users.yml Normal file
View file

@ -0,0 +1,17 @@
---
- name: "create {{ nginx__group }} Group"
become: true
ansible.builtin.group:
name: "{{ nginx__group }}"
system: true
state: 'present'
- name: "create {{ nginx__user }} user"
become: true
ansible.builtin.user:
name: "{{ nginx__user }}"
comment: "NGINX user"
home: '/var/www'
groups: "{{ nginx__group }}"
shell: '/usr/sbin/nologin'
system: true

View file

@ -1,4 +1,5 @@
user www-data; {{ ansible_managed | comment }}
user {{ nginx__user }};
worker_processes auto; worker_processes auto;
pid /run/nginx.pid; pid /run/nginx.pid;
error_log /var/log/nginx/error.log; error_log /var/log/nginx/error.log;

View file

@ -1,3 +1,3 @@
--- ---
playbook_version_number: 24 # should be int playbook_version_number: 25
playbook_version_path: 'do1jlr.nginx_roles-ansible.version' playbook_version_path: 'do1jlr.nginx_roles-ansible.version'