diff --git a/CHANGELOG.md b/CHANGELOG.md index b31a4b1..ca13139 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,12 @@ This project adheres to [Semantic Versioning](http://semver.org/) and [Keep a ch ## [Unreleased](https://github.com/idealista/nginx-role/tree/develop) - *[#6](https://github.com/idealista/nginx-role/issues/6) Add Travis CI* @jnogol +## [1.6.0](https://github.com/idealista/nginx-role/tree/1.6.0) (2017-10-26) +[Full Changelog](https://github.com/idealista/nginx-role/compare/1.5.0...1.6.0) + +### Added +- *[#32](https://github.com/idealista/nginx-role/issues/32) Support worker_rlimit_nofile setting* @acuervof + ## [1.5.0](https://github.com/idealista/nginx-role/tree/1.5.0) (2017-06-30) [Full Changelog](https://github.com/idealista/nginx-role/compare/1.4.0...1.5.0) diff --git a/defaults/main.yml b/defaults/main.yml index 55baf62..ab54c9f 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -17,6 +17,8 @@ nginx_service_state: started # Connection properties nginx_workers: auto +# if you don't set FD's then OS settings will be used which is by default 2000 +# nginx_worker_rlimit_nofile: 2000 nginx_connections: 2500 nginx_keepalive_timeout: 65 nginx_keepalive_requests: 100000 @@ -33,6 +35,8 @@ nginx_extra_servers_template_path: "{{ playbook_dir }}/templates/nginx/servers" nginx_install_bin_path: "/usr" nginx_extra_path: "extra-conf" nginx_extra_conf_path: "{{ nginx_conf_path }}/{{ nginx_extra_path }}" +nginx_logrotate_template_path: "{{ playbook_dir }}/templates/logrotate.j2" + # Heathers_more headers_more_version: 0.31 @@ -56,6 +60,7 @@ nginx_force_reinstall: false ## https://www.nginx.com/resources/wiki/start/topics/tutorials/installoptions/ nginx_compile_time_options_builtin_modules: - http_stub_status_module + - http_realip_module nginx_compile_time_options_external_modules_paths: - /nginxbuild/headers-more-nginx-module-{{ headers_more_version }} diff --git a/molecule.yml b/molecule.yml index af27175..ff7639b 100644 --- a/molecule.yml +++ b/molecule.yml @@ -60,13 +60,16 @@ vagrant: - network_name: private_network type: dhcp auto_config: true - docker: + network: + - name: nginx-network + driver: bridge containers: - name: nginx.vm ansible_groups: - group01 - image: geerlingguy/docker-debian8-ansible + dockerfile: tests/Dockerfile + image: nginx_role image_version: latest privileged: True cap_add: @@ -74,11 +77,13 @@ docker: volume_mounts: - '/sys/fs/cgroup:/sys/fs/cgroup:ro' command: '/lib/systemd/systemd' + network_mode: nginx-network - name: nginx-old.vm ansible_groups: - group01 - image: geerlingguy/docker-debian8-ansible + dockerfile: tests/Dockerfile + image: nginx_role image_version: latest privileged: True cap_add: @@ -86,10 +91,14 @@ docker: volume_mounts: - '/sys/fs/cgroup:/sys/fs/cgroup:ro' command: '/lib/systemd/systemd' + network_mode: nginx-network -# verifier configuration verifier: name: testinfra options: + # We have to override these options because, when Docker driver selected, + # Testinfra uses Docker as backend connection instead of Ansible and the + # fixture in tests/test_ansible.yml won't work and neither will testinfra + # find the containers connection: ansible ansible-inventory: .molecule/ansible_inventory diff --git a/tasks/config.yml b/tasks/config.yml index b635547..87aaef9 100644 --- a/tasks/config.yml +++ b/tasks/config.yml @@ -43,7 +43,7 @@ - name: NGINX | Copy logrotate config template: - src: logrotate.j2 + src: "{{ nginx_logrotate_template_path }}" dest: /etc/logrotate.d/nginx mode: 0644 owner: root diff --git a/templates/nginx.conf.j2 b/templates/nginx.conf.j2 index 0cbde5a..9ca4a06 100644 --- a/templates/nginx.conf.j2 +++ b/templates/nginx.conf.j2 @@ -1,9 +1,13 @@ worker_processes {{ nginx_workers }}; error_log {{ nginx_error_log }}; +{% if nginx_worker_rlimit_nofile is defined %} +worker_rlimit_nofile {{ nginx_worker_rlimit_nofile }}; +{% endif %} events { worker_connections {{ nginx_connections }}; use epoll; + multi_accept on; } http { @@ -14,7 +18,7 @@ http { client_max_body_size {{ nginx_client_max_body_size }}; - include mime.types; + include mime.types; default_type application/octet-stream; sendfile on; diff --git a/tests/Dockerfile b/tests/Dockerfile new file mode 100644 index 0000000..45cf85d --- /dev/null +++ b/tests/Dockerfile @@ -0,0 +1,5 @@ +FROM geerlingguy/docker-debian9-ansible:latest + +# This is to override Testinfra issue with Debian 9 Docker image +RUN touch /tmp/systemd +RUN ln -s /tmp/systemd /sbin/init diff --git a/tests/group_vars/group01.yml b/tests/group_vars/group01.yml index 6ce57fd..8216589 100644 --- a/tests/group_vars/group01.yml +++ b/tests/group_vars/group01.yml @@ -1,5 +1,5 @@ nginx_extra_servers_path: "{{ playbook_dir }}/files" -nginx_extra_servers_template_path: "{{ playbook_dir }}/templates" +nginx_extra_servers_template_path: "{{ playbook_dir }}/templates/sites" web2_port: 8888 nginx_prometheus_metrics_port: 9888 diff --git a/tests/group_vars/group02.yml b/tests/group_vars/group02.yml index 4996e0e..39345bb 100644 --- a/tests/group_vars/group02.yml +++ b/tests/group_vars/group02.yml @@ -1,5 +1,5 @@ nginx_extra_servers_path: "{{ playbook_dir }}/files" -nginx_extra_servers_template_path: "{{ playbook_dir }}/templates" +nginx_extra_servers_template_path: "{{ playbook_dir }}/templates/sites" web2_port: 8888 -nginx_prometheus_metrics_enabled: false \ No newline at end of file +nginx_prometheus_metrics_enabled: false diff --git a/tests/templates/logrotate.j2 b/tests/templates/logrotate.j2 new file mode 100644 index 0000000..e7695ff --- /dev/null +++ b/tests/templates/logrotate.j2 @@ -0,0 +1,13 @@ +{{ nginx_log_path }}/*.log { + daily + missingok + rotate 7 + size 500M + compress + notifempty + create 644 {{ nginx_user }} {{ nginx_group }} + sharedscripts + postrotate + [ -f /run/nginx/nginx.pid ] && kill -USR1 `cat /run/nginx/nginx.pid` + endscript +} diff --git a/tests/templates/web2 b/tests/templates/sites/web2 similarity index 100% rename from tests/templates/web2 rename to tests/templates/sites/web2