Merge pull request #36 from cmacrae/master

Collective config validation & "extra options"

README.md

@@ -78,6 +78,16 @@ This value determines the largest file upload possible, as uploads are passed th
 
 Set as the `proxy_cache_path` directive in the `nginx.conf` file. By default, this will not be configured (if left as an empty string), but if you wish to use Nginx as a reverse proxy, you can set this to a valid value (e.g. `"/var/cache/nginx keys_zone=cache:32m"`) to use Nginx's cache (further proxy configuration can be done in individual server configurations).
 
+    nginx_extra_options: ""
+Optionally define extra parameters and their values to be insterted in the top-level `http` block in `nginx.conf`. The value should be defined literally (as you would insert it directly in the `nginx.conf`, adhering to the Nginx configuration syntax - such as `;` for line termination, etc.), like so:
+
+    nginx_extra_options: |
+      proxy_buffering    off;
+      proxy_set_header   X-Real-IP $remote_addr;
+      proxy_set_header   X-Scheme $scheme;
+      proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header   Host $http_host;	
+
     nginx_default_release: ""
 
 (For Debian/Ubuntu only) Allows you to set a different repository for the installation of Nginx. As an example, if you are running Debian's wheezy release, and want to get a newer version of Nginx, you can install the `wheezy-backports` repository and set that value here, and Ansible will use that as the `-t` option while installing Nginx.

defaults/main.yml

@@ -19,6 +19,15 @@ nginx_client_max_body_size: "64m"
 
 nginx_proxy_cache_path: ""
 
+nginx_extra_options: ""
+# Example extra options
+#    nginx_extra_options: |
+#      proxy_buffering    off;
+#      proxy_set_header   X-Real-IP $remote_addr;
+#      proxy_set_header   X-Scheme $scheme;
+#      proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+#      proxy_set_header   Host $http_host;	
+
 nginx_remove_default_vhost: false
 nginx_vhosts: []
 # Example vhost below, showing all available options:

handlers/main.yml

@@ -1,3 +1,7 @@
 ---
 - name: restart nginx
   service: name=nginx state=restarted
+
+- name: validate nginx configuration
+  command: nginx -t -c /etc/nginx/nginx.conf
+  changed_when: False

tasks/main.yml

@@ -15,6 +15,9 @@
 - include: setup-Debian.yml
   when: ansible_os_family == 'Debian'
 
+# Vhost configuration
+- include: vhosts.yml
+
 # Nginx setup.
 - name: Copy nginx configuration in place.
   template:
@@ -23,9 +26,10 @@
     owner: root
     group: root
     mode: 0644
-  notify: restart nginx
+    validate: 'nginx -t -c %s'
+  notify:
+    - validate nginx configuration
+    - restart nginx
 
 - name: Ensure nginx is started and enabled to start at boot.
   service: name=nginx state=started enabled=yes
-
-- include: vhosts.yml

tasks/vhosts.yml

@@ -4,7 +4,9 @@
     path: "{{ nginx_default_vhost_path }}"
     state: absent
   when: nginx_remove_default_vhost
-  notify: restart nginx
+  notify:
+    - validate nginx configuration
+    - restart nginx
 
 - name: Add managed vhost config file (if any vhosts are configured).
   template:
@@ -12,11 +14,16 @@
     dest: "{{ nginx_vhost_path }}/vhosts.conf"
     mode: 0644
   when: nginx_vhosts|length > 0
-  notify: restart nginx
+  notify:
+    - validate nginx configuration
+    - restart nginx
 
 - name: Remove managed vhost config file (if no vhosts are configured).
   file:
     path: "{{ nginx_vhost_path }}/vhosts.conf"
     state: absent
   when: nginx_vhosts|length == 0
-  notify: restart nginx
+  notify:
+    - validate nginx configuration
+    - restart nginx
+

templates/nginx.conf.j2

@@ -36,6 +36,10 @@ http {
     proxy_cache_path {{ nginx_proxy_cache_path }};
 {% endif %}
 
+{% if nginx_extra_options %}
+        {{ nginx_extra_options }}
+{% endif %}
+
 {% for upstream in nginx_upstreams %}
     upstream {{ upstream.name }} {
 {% if upstream.strategy is defined %}