File tree Expand file tree Collapse file tree 2 files changed +20
-9
lines changed
Expand file tree Collapse file tree 2 files changed +20
-9
lines changed Original file line number Diff line number Diff line change 22---
33# Tasks for compiling Modsecurity3 and installing OWASP CRS v3
44
5- - name : Set nginx_modules_location if not already set
5+ - name : Get Nginx modules location
6+ shell : nginx -V 2>&1 | grep "configure arguments:" | sed -e 's/.*--modules-path=\([^ ]*\).*/\1/'
7+ register : _nginx_modules_location
8+ changed_when : false
9+ when : nginx_modules_location is not defined
10+
11+ - name : Set variable nginx_modules_location
612 set_fact :
7- nginx_modules_location : " {{ nginx_conf_dir }}/modules "
13+ nginx_modules_location : " {{ _nginx_modules_location.stdout }}"
814 when : nginx_modules_location is not defined
915
1016- name : Clear previous compilation
96102- name : Copy Modsecurity-nginx module to Nginx modules folder
97103 copy :
98104 src : " ~/Nginx/nginx-{{ nginx_modsec3_crs3_nginx_version }}/objs/ngx_http_modsecurity_module.so"
99- dest : " {{ nginx_modules_location }}"
105+ dest : " {{ nginx_modules_location }}/ngx_http_modsecurity_module.so "
100106 remote_src : yes
101107 when : not modsec3_nginx_present or nginx_modsec3_crs3_force_compile
102108
Original file line number Diff line number Diff line change 3333 state : present
3434 when : ansible_os_family == "Redhat"
3535
36- - name : run Nginx selinux tasks
36+ - name : Run Nginx SElinux tasks
3737 include_role :
3838 name : jdauphant.nginx
3939 tasks_from : selinux.yml
4040 allow_duplicates : yes
4141 when : ansible_selinux and ansible_selinux.status == "enabled"
4242
43- - name : run Nginx nginx offical repo tasks
43+ - name : Run Nginx official repo tasks
4444 include_role :
4545 name : jdauphant.nginx
4646 tasks_from : nginx-official-repo.yml
4747 allow_duplicates : yes
4848 when : nginx_official_repo == True
4949
50- - name : run Nginx install packages tasks
50+ - name : Run Nginx install packages tasks
5151 include_role :
5252 name : jdauphant.nginx
5353 tasks_from : installation.packages.yml
6262 set_fact :
6363 nginx_modsec3_crs3_nginx_version : " {{ ansible_facts.packages.nginx[0].version.split('-')[0] }}"
6464
65- - name : Set nginx_conf_dir if not already set
65+ - name : Get Nginx conf location
66+ shell : dirname $(nginx -V 2>&1 | grep "configure arguments:" | sed -e 's/.*--conf-path=\([^ ]*\).*/\1/')
67+ register : _nginx_conf_location
68+ changed_when : false
69+ when : nginx_conf_dir is not defined
70+
71+ - name : Set variable nginx_conf_dir
6672 set_fact :
67- nginx_conf_dir : " /etc/nginx "
73+ nginx_conf_dir : " {{ _nginx_conf_location.stdout }} "
6874 when : nginx_conf_dir is not defined
6975
7076- name : Check if ModSecurity3 is present
111117 name : " {{ installed.stdout_lines }}"
112118 state : absent
113119 when : installed is defined and (nginx_modsec3_crs3_keep is undefined or not nginx_modsec3_crs3_keep)
114-
You can’t perform that action at this time.
0 commit comments