diff --git a/roles/reverse_proxy/README.md b/roles/reverse_proxy/README.md deleted file mode 100644 index 69d9f45..0000000 --- a/roles/reverse_proxy/README.md +++ /dev/null @@ -1 +0,0 @@ -Deprecated diff --git a/roles/reverse_proxy/defaults/main.yml b/roles/reverse_proxy/defaults/main.yml deleted file mode 100644 index e73065f..0000000 --- a/roles/reverse_proxy/defaults/main.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- - -reverse_proxy_type: caddy -web_server: "{{ reverse_proxy_type }}" diff --git a/roles/reverse_proxy/tasks/main.yml b/roles/reverse_proxy/tasks/main.yml deleted file mode 100644 index 12b3c9f..0000000 --- a/roles/reverse_proxy/tasks/main.yml +++ /dev/null @@ -1,30 +0,0 @@ ---- - -- name: Deprecation warning - ansible.builtin.debug: - msg: "uumas.general.reverse_proxy is deprecated. You should switch to uumas.general.vhost with vhost_type: reverse_proxy" - -- name: Legacy proxy_target handling - when: proxy_target is defined and proxy_target_port is not defined - block: - - name: Split legacy proxy_target to protocol and target - ansible.builtin.set_fact: - proxy_target_split_protocol: "{{ proxy_target.split('://') }}" - - name: Split target further to host and port - ansible.builtin.set_fact: - proxy_target_split_host: "{{ (proxy_target_split_protocol | last).split(':') }}" - - name: Set host and port variables - ansible.builtin.set_fact: - proxy_target_host: "{{ proxy_target_split_host[0] }}" - proxy_target_port: "{{ proxy_target_split_host[1] }}" - - - name: Set proxy_target_protocol based on proxy_target - ansible.builtin.set_fact: - proxy_target_protocol: "{{ proxy_target_split_protocol[0] }}" - when: proxy_target_split_protocol | length == 2 - -- name: Configure vhost for reverse proxy - ansible.builtin.include_role: - name: vhost - vars: - vhost_type: reverse_proxy diff --git a/roles/vhost/defaults/main.yml b/roles/vhost/defaults/main.yml index dc13c94..f372af1 100644 --- a/roles/vhost/defaults/main.yml +++ b/roles/vhost/defaults/main.yml @@ -3,7 +3,7 @@ vhost_state: present vhost_type: "{{ vhost_state }}" vhost_domains: [] -web_server: caddy +vhost_web_server: caddy vhost_locations: [] vhost_headers: {} @@ -12,11 +12,11 @@ vhost_delete_headers: [] vhost_basicauth: false vhost_basicauth_users: {} -proxy_target_protocol: http -proxy_target_host: localhost -proxy_delete_headers: [] +vhost_proxy_target_protocol: http +vhost_proxy_target_host: localhost +vhost_proxy_delete_headers: [] -redirect_type: temporary -redirect_preserve_path: false +vhost_redirect_type: temporary +vhost_redirect_preserve_path: false -respond_content_type: plain +vhost_respond_content_type: plain diff --git a/roles/vhost/meta/argument_specs.yml b/roles/vhost/meta/argument_specs.yml index 907cfc8..46b5927 100644 --- a/roles/vhost/meta/argument_specs.yml +++ b/roles/vhost/meta/argument_specs.yml @@ -1,8 +1,11 @@ --- - argument_specs: main: short_description: Sets up a vhost + description: + - Sets up a vhost on a web server. + - Supports reverse proxies, redirects and simple resonses. + - Currently only supports caddy. options: vhost_id: description: A unique identifier for this vhost. Not visible to end users. @@ -28,8 +31,8 @@ argument_specs: type: list required: "{{ vhost_state == 'present' }}" elements: str - web_server: - description: Defines which server software to use for vhost. This role does nothing if set to none + vhost_web_server: + description: Defines which server software to use for vhost. This role does nothing if set to none. type: str required: false default: caddy @@ -59,16 +62,16 @@ argument_specs: required: false default: {} - proxy_target_port: + vhost_proxy_target_port: description: Port where to proxy requests to. Only applicable if vhost_type is reverse_proxy type: int required: "{{ vhost_state == 'present' and vhost_type == 'reverse_proxy' }}" - proxy_target_host: + vhost_proxy_target_host: description: Host where to proxy requests to. Only applicable if vhost_type is reverse_proxy type: str required: false default: localhost - proxy_target_protocol: + vhost_proxy_target_protocol: description: Protocol to use for proxy requests. Only applicable if vhost_type is reverse_proxy type: str required: false @@ -76,18 +79,18 @@ argument_specs: choices: - http - https - proxy_delete_headers: + vhost_proxy_delete_headers: description: List of headers to delete from proxied requests type: list elements: str required: false default: [] - redirect_target: + vhost_redirect_target: description: "Only applicable if vhost_type is redirect. Example: https://www.domain.tld/location" type: str required: "{{ vhost_state == 'present' and vhost_type == 'redirect' }}" - redirect_preserve_path: + vhost_redirect_preserve_path: description: Whether to keep the original request path type: bool required: false @@ -101,11 +104,11 @@ argument_specs: - temporary - permanent - respond_content: - description: Content to respond with. Json content can be set as yaml as long as respond_content_type is set to json + vhost_respond_content: + description: Content to respond with. Json content can be set as yaml as long as vhost_respond_content_type is set to json type: str required: "{{ vhost_state == 'present' and vhost_type == 'respond' }}" - respond_content_type: + vhost_respond_content_type: description: Type of the respond content type: str required: false @@ -159,17 +162,17 @@ argument_specs: description: Port where to proxy requests to. Only applicable if type is reverse_proxy. type: int required: false - default: "{{ proxy_target_port if vhost_type == 'reverse_proxy' else 0 }}" + default: "{{ vhost_proxy_target_port if vhost_type == 'reverse_proxy' else 0 }}" proxy_target_host: description: Host where to proxy requests to. Only applicable if type is reverse_proxy type: str required: false - default: "{{ proxy_target_host }}" + default: "{{ vhost_proxy_target_host }}" proxy_target_protocol: description: Protocol to use for proxy requests. Only applicable if type is reverse_proxy type: str required: false - default: "{{ proxy_target_protocol }}" + default: "{{ vhost_proxy_target_protocol }}" choices: - http - https @@ -178,23 +181,23 @@ argument_specs: type: list elements: str required: false - default: "{{ proxy_delete_headers }}" + default: "{{ vhost_proxy_delete_headers }}" redirect_target: description: "Only applicable if vhost_type is redirect. Example: https://www.domain.tld/location" type: str required: false - default: "{{ redirect_target if vhost_type == 'redirect' else '' }}" + default: "{{ vhost_redirect_target if vhost_type == 'redirect' else '' }}" redirect_preserve_path: description: Whether to keep the original request path type: bool required: false - default: "{{ redirect_preserve_path }}" - redirect type: + default: "{{ vhost_redirect_preserve_path }}" + redirect_type: description: Only applicable if vhost_type is reverse_proxy type: str required: false - default: "{{ redirect_type }}" + default: "{{ vhost_redirect_type }}" choices: - temporary - permanent @@ -203,12 +206,12 @@ argument_specs: description: Content to respond with. Json content can be set as yaml as long as respond_content_type is set to json type: str required: false - default: "{{ respond_content if vhost_type == 'respond' else '' }}" + default: "{{ vhost_respond_content if vhost_type == 'respond' else '' }}" respond_content_type: description: Type of the respond content type: str required: false - default: "{{ respond_content_type }}" + default: "{{ vhost_respond_content_type }}" choices: - plain - json diff --git a/roles/vhost/meta/main.yml b/roles/vhost/meta/main.yml index a08de7f..2e2c5d7 100644 --- a/roles/vhost/meta/main.yml +++ b/roles/vhost/meta/main.yml @@ -2,4 +2,4 @@ dependencies: - role: caddy - when: web_server == 'caddy' + when: vhost_web_server == 'caddy' diff --git a/roles/vhost/tasks/main.yml b/roles/vhost/tasks/main.yml index efdbac9..9078eea 100644 --- a/roles/vhost/tasks/main.yml +++ b/roles/vhost/tasks/main.yml @@ -1,19 +1,19 @@ --- -- name: Fail if redirect_target is a relative path and redirect_preserve_path is true +- name: Fail if vhost_redirect_target is a relative path and vhost_redirect_preserve_path is true ansible.builtin.fail: - msg: redirect_target must be an absolute url or absolute path if redirect_preserve_path is true + msg: vhost_redirect_target must be an absolute url or absolute path if vhost_redirect_preserve_path is true when: - - redirect_preserve_path - - redirect_target.split('://') | length < 2 - - not redirect_target.startswith('/') + - vhost_redirect_preserve_path + - vhost_redirect_target.split('://') | length < 2 + - not vhost_redirect_target.startswith('/') -- name: Fail if redirect_target ends with / and redirect_preserve_path is true +- name: Fail if vhost_redirect_target ends with / and vhost_redirect_preserve_path is true ansible.builtin.fail: - msg: redirect_target must not end with / if redirect_preserve_path is true + msg: vhost_redirect_target must not end with / if vhost_redirect_preserve_path is true when: - - redirect_preserve_path - - redirect_target.endswith('/') + - vhost_redirect_preserve_path + - vhost_redirect_target.endswith('/') - name: Reset vhost_locations_all ansible.builtin.set_fact: @@ -30,20 +30,20 @@ 'basicauth': item.basicauth | default(vhost_basicauth), 'basicauth_users': item.basicauth_users | default(vhost_basicauth_users), - 'proxy_target_port': item.proxy_target_port | default(proxy_target_port if vhost_type == 'reverse_proxy' else ''), - 'proxy_target_host': item.proxy_target_host | default(proxy_target_host), - 'proxy_target_protocol': item.proxy_target_protocol | default(proxy_target_protocol), - 'proxy_delete_headers': item.proxy_delete_headers | default(proxy_delete_headers), + 'proxy_target_port': item.proxy_target_port | default(vhost_proxy_target_port if vhost_type == 'reverse_proxy' else ''), + 'proxy_target_host': item.proxy_target_host | default(vhost_proxy_target_host), + 'proxy_target_protocol': item.proxy_target_protocol | default(vhost_proxy_target_protocol), + 'proxy_delete_headers': item.proxy_delete_headers | default(vhost_proxy_delete_headers), - 'redirect_target': item.redirect_target | default(redirect_target if vhost_type == 'redirect' else ''), - 'redirect_preserve_path': item.redirect_preserve_path | default(redirect_preserve_path), - 'redirect_type': item.redirect_type | default(redirect_type), + 'redirect_target': item.redirect_target | default(vhost_redirect_target if vhost_type == 'redirect' else ''), + 'redirect_preserve_path': item.redirect_preserve_path | default(vhost_redirect_preserve_path), + 'redirect_type': item.redirect_type | default(vhost_redirect_type), - 'respond_content': item.respond_content | default(respond_content if vhost_type == 'respond' else ''), - 'respond_content_type': item.respond_content_type | default(respond_content_type) + 'respond_content': item.respond_content | default(vhost_respond_content if vhost_type == 'respond' else ''), + 'respond_content_type': item.respond_content_type | default(vhost_respond_content_type) }] }} loop: "{{ vhost_locations + [{'path': ''}] }}" -- name: "Setup {{ vhost_id + ' vhost on ' + web_server }}" - ansible.builtin.include_tasks: "{{ web_server }}.yml" - when: web_server != 'none' +- name: "Setup {{ vhost_id + ' vhost on ' + vhost_web_server }}" + ansible.builtin.include_tasks: "{{ vhost_web_server }}.yml" + when: vhost_web_server != 'none'