ansible-role-nginx-config
ansible-role-nginx-config copied to clipboard
nginxinc
Add http2 support in template.yml
This works, I've tested, resulting config will be
server {
listen 443 ssl http2;
}
with http2: true
Proposed changes
Describe the use case and detail of the change. If this PR addresses an issue on GitHub, make sure to include a link to that issue using one of the supported keywords here in this description (not in the title of the PR).
Checklist
Before creating a PR, run through this checklist and mark each as complete:
- [x] I have read the
CONTRIBUTINGdocument. - [x] I have added Molecule tests that prove my fix is effective or that my feature works.
- [x] I have checked that any relevant Molecule tests pass after adding my changes.
- [x] I have updated any relevant documentation (
defaults/main/*.yml,README.mdandCHANGELOG.md).
@alessfg You can close it as far it's deprectaed. I guess someone else struggling will just find this issue Thanks
This is not working on Ubuntu 20.04. If I enabled the https2 directive, the ansible will generate the http2 on instead of adding the https2 into the listen directive.
The given error
unknown directive \"http2\" in /etc/nginx/sites-enabled/default:61"
I installed with Nginx role
- name: Install Nginx
hosts: all
become: yes
gather_facts: true
collections:
- nginxinc.nginx
roles:
- role: nginx
vars:
nginx_install_from: os_repository
nginx_modules: []
> uname -a
> Linux proxy 6.2.0-1017-aws #17~22.04.1-Ubuntu SMP Fri Nov 17 21:07:13 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
apt info nginx
Package: nginx
Version: 1.18.0-6ubuntu14.4
Priority: optional
Section: web
Origin: Ubuntu
Maintainer: Ubuntu Developers <[email protected]>
Original-Maintainer: Debian Nginx Maintainers <[email protected]>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 50.2 kB
Depends: nginx-core (<< 1.18.0-6ubuntu14.4.1~) | nginx-full (<< 1.18.0-6ubuntu14.4.1~) | nginx-light (<< 1.18.0-6ubuntu14.4.1~) | nginx-extras (<< 1.18.0-6ubuntu14.4.1~), nginx-core (>= 1.18.0-6ubuntu14.4) | nginx-full (>= 1.18.0-6ubuntu14.4) | nginx-light (>= 1.18.0-6ubuntu14.4) | nginx-extras (>= 1.18.0-6ubuntu14.4)
Breaks: libnginx-mod-http-lua (<< 1.18.0-6ubuntu5)
Homepage: https://nginx.net
Download-Size: 3872 B
APT-Manual-Installed: yes
APT-Sources: http://us-west-2.ec2.archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages
Description: small, powerful, scalable web/proxy server
Nginx ("engine X") is a high-performance web and reverse proxy server
created by Igor Sysoev. It can be used both as a standalone web server
and as a proxy to reduce the load on back-end HTTP or mail servers.
.
This is a dependency package to install either nginx-core (by default),
nginx-full, nginx-light or nginx-extras.
N: There are 2 additional records. Please use the '-a' switch to see them.
nginx -V
nginx version: nginx/1.18.0 (Ubuntu)
built with OpenSSL 3.0.2 15 Mar 2022
TLS SNI support enabled
configure arguments: --with-cc-opt='-g -O2 -ffile-prefix-map=/build/nginx-zctdR4/nginx-1.18.0=. -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -flto=auto -Wl,-z,relro -Wl,-z,now -fPIC' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-compat --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --add-dynamic-module=/build/nginx-zctdR4/nginx-1.18.0/debian/modules/http-geoip2 --with-http_addition_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_sub_module
You are using the os_repository option which in turn is installing a very outdated version of nginx, 1.18.0. The latest version is 1.25.4 (or 1.24.0 if you are using the stable NGINX branch). You'd have to use the old style of http2 directive, which is not supported by this role until the changes discussed in this PR are reverted 😄
Currently, the CentOS stream have maximum the 1.24 version
[root@host]# dnf module list nginx
Last metadata expiration check: 0:01:33 ago on Fri 17 May 2024 07:19:53 PM +07.
CentOS Stream 8 - AppStream
Name Stream Profiles Summary
nginx 1.14 [d] common [d] nginx webserver
nginx 1.16 common [d] nginx webserver
nginx 1.18 common [d] nginx webserver
nginx 1.20 common [d] nginx webserver
nginx 1.22 common nginx webserver
nginx 1.24 [e] common [d] nginx webserver
Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
I was resolved this issue with custom_directives
---
nginx_config_http_template_enable: true
nginx_config_http_template:
- template_file: 'http/default.conf.j2'
deployment_location: '/etc/nginx/conf.d/http_vhosts.conf'
backup: false
config:
servers:
- core:
root: '/srv/http'
server_name: "{{ inventory_hostname }}"
custom_directives:
- "{{ 'listen ' + ansible_host + ':80 reuseport http2;' }}"
If I might suggest, and unless you 100% need to use CentOS 8, I would suggest switching to one of the officially supported distros and using the latest release (1.25.5 for mainline, 1.26.0 for stable) 😄
✅ All required contributors have signed the F5 CLA for this PR. Thank you!
Posted by the CLA Assistant Lite bot.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}