Skip to content

Commit

Permalink
add role for (Nginx) »njs«
Browse files Browse the repository at this point in the history
  • Loading branch information
agebhar1 committed Jun 15, 2024
1 parent 041c497 commit 79b59e7
Show file tree
Hide file tree
Showing 5 changed files with 82 additions and 0 deletions.
3 changes: 3 additions & 0 deletions group_vars/all.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@
nginx_version: 1.26.1
nginx_checksum: sha256:f9187468ff2eb159260bfd53867c25ff8e334726237acf227b9e870e53d3e36b

njs_version: 0.8.4
njs_checksum: sha256:fe197e254204c15e9f1df0acf375add57be3416901ec8d7b87319dccb490f90d

modsecurity_version: 3.0.12
modsecurity_checksum: sha256:a36118401641feef376bb469bf468abf94b7948844976a188a6fccb53390b11f

Expand Down
7 changes: 7 additions & 0 deletions roles/njs/defaults/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
---
njs_version: null
njs_checksum: null

njs_user: "{{ ansible_user }}"
njs_user_home: "{{ ansible_user_dir }}"
njs_src_directory: "{{ njs_user_home }}/src"
3 changes: 3 additions & 0 deletions roles/njs/meta/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
---
dependencies:
- role: quickjs
68 changes: 68 additions & 0 deletions roles/njs/tasks/main.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
---
- name: Ensure build dependencies are present.
community.general.zypper:
name:
- gcc
- gcc-c++
- libedit
- libopenssl-1_1-devel
- libxslt-devel
- make
- pcre-devel
- zlib-devel
state: present
become: true

- name: Ensure required directories are present.
ansible.builtin.file:
dest: "{{ item.dest }}"
state: directory
mode: "0700"
loop:
- { dest: "{{ njs_src_directory }}/download" }
- { dest: "{{ njs_src_directory }}/njs/{{ njs_version }}" }
- { dest: "{{ njs_user_home }}/bin" }

- name: Ensure »Nginx njs Module« source is present.
ansible.builtin.get_url:
url: https://github.com/nginx/njs/archive/refs/tags/{{ njs_version }}.tar.gz
dest: "{{ njs_src_directory }}/download/njs-v{{ njs_version }}.tar.gz"
checksum: "{{ njs_checksum }}"
mode: "0600"

- name: Ensure »Nginx njs Module« source is extracted.
ansible.builtin.unarchive:
src: "{{ njs_src_directory }}/download/njs-v{{ njs_version }}.tar.gz"
dest: "{{ njs_src_directory }}/njs/{{ njs_version }}"
remote_src: true
extra_opts:
- --strip-components=1
mode: u=rwX,g=,o=

- name: Get stats of Makefile
ansible.builtin.stat:
path: "{{ njs_src_directory }}/njs/{{ njs_version }}/Makefile"
register: njs_makefile_stat

- name: Check if './configure' must be executed.
ansible.builtin.set_fact:
njs_makefile_missing: "{{ not njs_makefile_stat.stat.exists }}"

- name: Run './configure'.
ansible.builtin.command:
argv: ['./configure', '--cc-opt=-I{{ njs_user_home }}/include/quickjs -L{{ njs_user_home }}/lib/quickjs']
chdir: "{{ njs_src_directory }}/njs/{{ njs_version }}"
when: njs_makefile_missing
changed_when: njs_makefile_missing

- name: Ensure artifacts are build.
community.general.make:
chdir: "{{ njs_src_directory }}/njs/{{ njs_version }}"
jobs: "{{ (ansible_processor_nproc * 0.75) | round(0, 'floor') | int }}"

- name: Ensure »njs« is present.
ansible.builtin.copy:
src: "{{ njs_src_directory }}/njs/{{ njs_version }}/build/njs"
dest: "{{ njs_user_home }}/bin/njs"
mode: u=rwx,g=,o=
remote_src: true
1 change: 1 addition & 0 deletions webservers.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,6 @@

roles:
- role: nginx
- role: njs
- role: logrotate
- role: iptables

0 comments on commit 79b59e7

Please sign in to comment.