/home/zuul/src/opendev.org/openstack/openstack-ansible-os_keystone/tasks/keystone_nginx.yml
---
# Copyright 2016, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

- name: Ensure Apache is not running
  service:
    name: "{{ keystone_system_service_name }}"
    state: stopped
  failed_when: false

- name: Disable default configuration
  file:
    path: /etc/nginx/sites-enabled/default
    state: absent
  notify:
    - Manage LB
    - Restart web server

- name: Remove default nginx config
  file:
    path: /etc/nginx/conf.d/default.conf
    state: absent
  notify:
    - Manage LB
    - Restart web server

- name: Ensure configuration directories exist
  file:
    path: "{{ item }}"
    state: directory
  with_items:
    - "/etc/nginx/{{ keystone_nginx_conf_path }}"
    - "/etc/nginx/conf.d"

- name: Configure custom nginx log format
  copy:
    # NOTE(odyssey4me):
    # To cater for the situation where there are no containers, or
    # nginx is shared in some way, it's better to add custom directives
    # for nginx.conf into a conf.d file. That way it's never overwritten.
    content: |
      # Ansible managed
      log_format custom '{{ keystone_nginx_access_log_format_combined }} {{ keystone_nginx_access_log_format_extras }}';
    dest: "/etc/nginx/conf.d/custom_log.conf"
  notify:
    - Manage LB
    - Restart web server

# NOTE(prometheanfire): Nginx needs to be told to load configs from keystone_nginx_conf_path
- name: Configure nginx.conf
  copy:
    src: nginx.conf
    dest: /etc/nginx/nginx.conf
    mode: "0644"
    group: root
    owner: root
  when:
    - ansible_pkg_mgr == 'portage'
  notify:
    - Manage LB
    - Restart web server

# Configure app
- name: Configure virtual hosts
  template:
    src: keystone_nginx.conf.j2
    dest: "/etc/nginx/{{ keystone_nginx_conf_path }}/{{ item }}.conf"
  with_items: "{{ keystone_services.keys() | list }}"
  notify:
    - Manage LB
    - Restart web server

- name: Link to enable virtual hosts
  file:
    src: "/etc/nginx/sites-available/{{ item }}.conf"
    path: "/etc/nginx/sites-enabled/{{ item }}.conf"
    state: link
  with_items: "{{ keystone_services.keys() | list }}"
  when: ansible_os_family == "Debian"
  notify:
    - Manage LB
    - Restart web server