bug fixes and adding addl vars

aknot242 · aknot242 · commit ab71f7d02bf6 · 2020-04-18T00:26:38.000Z
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -41,3 +41,4 @@ security_policy_enforcement_mode: transparent
 log_policy_filter_request_type: all
 
 log_policy_syslog_target: 127.0.0.1:514
+nginx_demo_workload: http://10.1.1.1:8080
diff --git a/handlers/main.yml b/handlers/main.yml
@@ -16,4 +16,4 @@
 
   when:
     - nginx_start | bool
-    - not ansible_check_mode
+    - not ansible_check_mode
diff --git a/tasks/install-app-protect-linux.yml b/tasks/install-app-protect-linux.yml
@@ -36,8 +36,8 @@
     that:
       - nginx_plus_version is defined
       - nginx_plus_version | int >= 18
-    fail_msg: "'nginx_plus_version' release version must be a minimum of 18 for App Protect. Actual: {{ nginx_plus_version }}"
-    success_msg: "'nginx_plus_version' is {{ nginx_plus_version }}"
+    fail_msg: "'nginx_plus_version' release version must be a minimum of 18 for App Protect. Actual: {{ (nginx_plus_version is defined) | ternary(nginx_plus_version, 'NONE') }}"
+    success_msg: "'nginx_plus_version' is {{ (nginx_plus_version is defined) | ternary(nginx_plus_version, 'NONE') }}"
     quiet: true
 
 - name: Fail if app protect zip doesn't not match detected NGINX+ version
@@ -62,8 +62,8 @@
 - name: Unarchive the App Protect package file that is already on the remote machine
   unarchive:
     src: "{{ install_zip }}"
-    dest: "{{ tmp_dir }}"
-    remote_src: yes
+    dest: "{{ tmp_dir }}/"
+    remote_src: true
 
 - name: Display paths of all .rpm files in dir; exclude NGINX+ installer
   find:
@@ -94,6 +94,21 @@
   selinux:
     state: disabled
 
+- name: "Start NGINX App Protect"
+  service:
+    name: nginx-app-protect
+    state: started
+    enabled: yes
+  when:
+    - not ansible_check_mode
+
+- name: "Start NGINX"
+  service:
+    name: nginx
+    state: reloaded
+  when:
+    - not ansible_check_mode
+
 - name: Recursively remove extracted directory
   file:
     path: "{{ tmp_dir }}"
diff --git a/templates/nginx.conf.j2 b/templates/nginx.conf.j2
@@ -16,7 +16,7 @@ http {
     keepalive_timeout  65;
 
     server {
-        listen       8080;
+        listen       80;
         server_name  localhost;
         proxy_http_version 1.1;
 
@@ -28,7 +28,7 @@ http {
         location / {
             client_max_body_size 0;
             default_type text/html;
-            proxy_pass http://10.1.1.8:8080$request_uri;
+            proxy_pass {{ nginx_demo_workload }}$request_uri;
         }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -41,3 +41,4 @@ security_policy_enforcement_mode: transparent`
`41`	`41`	`log_policy_filter_request_type: all`
`42`	`42`
`43`	`43`	`log_policy_syslog_target: 127.0.0.1:514`
	`44`	`+nginx_demo_workload: http://10.1.1.1:8080`
Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,7 @@ http {`
`16`	`16`	`keepalive_timeout 65;`
`17`	`17`
`18`	`18`	`server {`
`19`		`- listen 8080;`
	`19`	`+ listen 80;`
`20`	`20`	`server_name localhost;`
`21`	`21`	`proxy_http_version 1.1;`
`22`	`22`
`@@ -28,7 +28,7 @@ http {`
`28`	`28`	`location / {`
`29`	`29`	`client_max_body_size 0;`
`30`	`30`	`default_type text/html;`
`31`		`- proxy_pass http://10.1.1.8:8080$request_uri;`
	`31`	`+ proxy_pass {{ nginx_demo_workload }}$request_uri;`
`32`	`32`	`}`
`33`	`33`	`}`
`34`	`34`	`}`