Ansible之角色基础服务Nginx安装

2023-04-24 17:10:06 浏览数 (2)

Ansible批量部署编译安装nginx

使用Ansible角色来编译安装Nginx,来对之前学的做总结。

思路: 安装nginx的编译环境 下载文件、解压 编译安装 使用yum、user、get_url、file、unarchive、shell等模块。

创建启动nginx用户

代码语言:javascript复制
[root@ansbile01 ~/roles]$ cat nginx/tasks/user.yml 
- name: create nginx group
  group: name={{ group }} gid={{ gid }} system=yes
- name: create nginx user
  user: name={{ user }} group={{ group }} uid={{ uid }} system=yes shell=/sbin/nologin create_home=no

安装依赖软件

代码语言:javascript复制
[root@ansbile01 ~/roles]$ cat nginx/tasks/packages.yml 
- name: installed packages
  yum: name={{ packages }} state=present
  vars:
    packages:
      - openssl-devel
      - pcre-devel
      - gcc
      - libxml2-devel
      - libxslt-devel
      - gd-devel

解压nginx文件包

代码语言:javascript复制
[root@ansbile01 ~/roles]$ cat nginx/tasks/download.yml 
- name: download nginxserver
  get_url: dest={{ download }} url=http://nginx.org/download/{{ nginx_ver }}.tar.gz
- name: tar xf nginx
  unarchive: src={{ download }}/{{ nginx_ver }}.tar.gz dest={{ download }} copy=no

安装nginx

代码语言:javascript复制
[root@ansbile01 ~/roles]$ cat nginx/tasks/install.yml 
- name: install nginx code
  shell:
    chdir: "{{ download }}/{{ nginx_ver }}"
    cmd: >
       ./configure 
       --prefix={{ install_dir}}/{{ nginx_ver }} 
       --sbin-path={{ sbin_path }}
       --conf-path={{ conf_path }} 
       --error-log-path={{ error_log }} 
       --http-log-path={{ http_log }} 
       --user={{ user }} 
       --group={{ group }} 
       --with-compat --with-debug 
       --with-file-aio 
       --with-http_addition_module 
       --with-http_auth_request_module 
       --with-http_dav_module 
       --with-http_degradation_module 
       --with-http_flv_module 
       --with-http_gunzip_module 
       --with-http_gzip_static_module 
       --with-http_image_filter_module=dynamic 
       --with-http_mp4_module  
       --with-http_random_index_module 
       --with-http_realip_module 
       --with-http_secure_link_module 
       --with-http_slice_module 
       --with-http_ssl_module 
       --with-http_stub_status_module 
       --with-http_sub_module 
       --with-http_v2_module 
       --with-http_xslt_module=dynamic 
       --with-mail=dynamic 
       --with-mail_ssl_module 
       --with-pcre 
       --with-pcre-jit 
       --with-stream=dynamic 
       --with-stream_ssl_module 
       --with-stream_ssl_preread_module
       --with-threads 
       &&
       make;make install
    creates: {{ install_dir }}{{ nginx_ver }}

检查nginx并加入systemd启动

代码语言:javascript复制
[root@ansbile01 ~/roles]$ cat nginx/tasks/systemd.yml 
- name: Check Nginx Configure Status
  command: /usr/sbin/nginx -t
  register: check_nginx
  changed_when: ( check_nginx.stdout.find('successful') )

- name: Configure Nginx systemd
  template: src=nginx.service.j2 dest=/usr/lib/systemd/system/nginx.service

- name: Systemd Started nginx server
  systemd:
    daemon_reload: yes
    name: nginx
    enabled: yes
    state: started

环境变量准备

代码语言:javascript复制
[root@ansbile01 ~/roles]$ cat nginx/vars/main.yml 
# user configure
group: www
user: www
gid: 666
uid: 666

# nginx configure
download: "/data/"
nginx_ver: nginx-1.18.0
install_dir: "/usr/local"
sbin_path: "/usr/sbin/nginx"
conf_path: "/etc/nginx/nginx.conf"
error_log: "/var/log/nginx/error.log"
http_log: "/var/log/nginx/access.log"

nginx.service模板准备

代码语言:javascript复制
[Unit]
Description=nginx service
After=network.target 
   
[Service] 
Type=forking 
PIDFile={{ install_dir }}/{{ nginx_ver }}/logs/nginx.pid
ExecStart={{ sbin_path }}
ExecReload={{ sbin_path }} -s reload
ExecStop={{ sbin_path }} -s stop
PrivateTmp=true
   
[Install] 
WantedBy=multi-user.target

tasks主体

代码语言:javascript复制
[root@ansbile01 ~/roles]$ cat nginx/tasks/main.yml 
- include_tasks: user.yml
- include_tasks: packages.yml
- include_tasks: download.yml
- include_tasks: install.yml
- include_tasks: systemd.yml

定义playbook

代码语言:javascript复制
[root@ansible01 ~/roles]$cat nginx.yml 
- hosts: webserver
  roles:
    - role: nginx

0 人点赞