From fbcb94bc79fdb7774de5cc4eb611a9bbe0fc0b8a Mon Sep 17 00:00:00 2001
From: Bill Niblock <bill@theinternetvagabond.com>
Date: Mon, 23 Jun 2025 13:16:13 -0400
Subject: [PATCH] Install and configure nginx

---
 README.md         | 17 ++++++++++++++++
 handlers/main.yml | 11 +++++++++++
 tasks/main.yml    | 49 +++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 77 insertions(+)
 create mode 100644 README.md
 create mode 100644 handlers/main.yml
 create mode 100644 tasks/main.yml

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..a30f708
--- /dev/null
+++ b/README.md
@@ -0,0 +1,17 @@
+# NibTech Shared Role - nginx
+
+This role deploys, configures, and updates nginx.
+
+## Tasks
+
+**main**: Install (or update) nginx and configuration
+
+## Handlers
+
+**main**: Restart nginx
+
+## Templates
+
+**nginx.conf.js**: Main configuration file for nginx
+
+## Files
diff --git a/handlers/main.yml b/handlers/main.yml
new file mode 100644
index 0000000..34316b7
--- /dev/null
+++ b/handlers/main.yml
@@ -0,0 +1,11 @@
+# NibTech::nginx::handlers::main
+# This handler is for the nginx process
+# Role repository:
+---
+
+- name: restart nginx
+  ansible.builtin.systemd_service:
+    name: nginx
+    state: restarted
+    daemon_reload: true
+
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..de77d51
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,49 @@
+# NibTech::nginx::tasks::main
+# This role is for installing and configuring nginx
+# Role repository:
+---
+
+# - setup nginx system user
+#   - make sure user is part of the nibtech group
+#   - no home-dir
+
+- name: Configure nginx Service User
+  ansible.builtin.user:
+    name: "nginx"
+    system: true
+    group: "nibtech"
+    shell: "/sbin/nologin"
+    create_home: false
+
+- name: Create nginx Shared Directory
+  ansible.builtin.directory:
+    path: "/opt/nginx"
+    state: present
+    owner: "nginx"
+    group: "nibtech"
+    mode: "0664"
+
+- name: Setup nginx YUM Repository
+  ansible.builtin.yum_repository:
+    name: "nginx-stable"
+    description: "nginx Stable Release"
+    baseurl: http://nginx.org/packages/centos/$releasever/$basearch/
+    gpgcheck: true
+    gpgkey: https://nginx.org/keys/nginx_signing.key
+    module_hotfixes: true
+    enabled: false
+    state: present
+
+- name: Install nginx
+  ansible.builtin.dnf:
+    name: "nginx"
+    enablerepo: nginx-stable
+    state: "latest"
+
+- name: Add nginx Configuration File
+  ansible.builtin.copy:
+    src: "nginx.conf"
+    dest: "/etc/nginx/nginx.conf"
+    owner: "nginx"
+    group: "nibtech"
+    mode: "0600"