Updates to support publishing to Ansible Galaxy.

Ansible/collection/jfrog/ansible/roles/artifactory_nginx_ssl/.travis.yml

@@ -0,0 +1,29 @@
+---
+language: python
+python: "2.7"
+
+# Use the new container infrastructure
+sudo: false
+
+# Install ansible
+addons:
+  apt:
+    packages:
+    - python-pip
+
+install:
+  # Install ansible
+  - pip install ansible
+
+  # Check ansible version
+  - ansible --version
+
+  # Create ansible.cfg with correct roles_path
+  - printf '[defaults]\nroles_path=../' >ansible.cfg
+
+script:
+  # Basic role syntax check
+  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/

Ansible/collection/jfrog/ansible/roles/artifactory_nginx_ssl/README.md

@@ -0,0 +1,16 @@
+# artifactory_nginx_ssl
+The artifactory_nginx_ssl role installs and configures nginx for SSL.
+
+## Role Variables
+* _server_name_: This is the server name. eg. "artifactory.54.175.51.178.xip.io"
+* _certificate_: This is the SSL cert.
+* _certificate_key_: This is the SSL private key.
+
+## Example Playbook
+```
+---
+- hosts: primary
+  roles:
+    - artifactory
+    - artifactory_nginx_ssl
+```

Ansible/collection/jfrog/ansible/roles/artifactory_nginx_ssl/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for artifactory_nginx

Ansible/collection/jfrog/ansible/roles/artifactory_nginx_ssl/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for artifactory_nginx

Ansible/collection/jfrog/ansible/roles/artifactory_nginx_ssl/meta/main.yml

@@ -0,0 +1,16 @@
+galaxy_info:
+  author: "Jeff Fry <jefff@jfrog.com>"
+  description: "The artifactory_nginx_ssl role installs and configures nginx for SSL."
+  company: JFrog
+
+  issue_tracker_url: "https://github.com/jfrog/JFrog-Cloud-Installers/issues"
+
+  license: license (GPL-2.0-or-later)
+
+  min_ansible_version: 2.9
+
+  galaxy_tags:
+    - artifactory
+    - jfrog
+
+dependencies: []

Ansible/collection/jfrog/ansible/roles/artifactory_nginx_ssl/tasks/main.yml

@@ -0,0 +1,41 @@
+---
+# tasks file for artifactory_nginx
+- name: configure the artifactory nginx conf
+  template:
+    src: artifactory.conf.j2
+    dest: /etc/nginx/conf.d/artifactory.conf
+    owner: root
+    group: root
+    mode: '0755'
+  become: yes
+
+- name: ensure nginx dir exists
+  file:
+    path: "/var/opt/jfrog/nginx/ssl"
+    state: directory
+  become: yes
+
+- name: configure certificate
+  template:
+    src: certificate.pem.j2
+    dest: "/var/opt/jfrog/nginx/ssl/cert.pem"
+  become: yes
+
+- name: ensure pki exists
+  file:
+    path: "/etc/pki/tls"
+    state: directory
+  become: yes
+
+- name: configure key
+  template:
+    src: certificate.key.j2
+    dest: "/etc/pki/tls/cert.key"
+  become: yes
+
+- name: restart nginx
+  service:
+    name: nginx
+    state: restarted
+    enabled: yes
+  become: yes

Ansible/collection/jfrog/ansible/roles/artifactory_nginx_ssl/templates/artifactory.conf.j2

@@ -0,0 +1,48 @@
+###########################################################
+## this configuration was generated by JFrog Artifactory ##
+  ###########################################################
+
+  ## add HA entries when ha is configure
+  upstream artifactory {
+  server 127.0.0.1:8082;
+}
+  upstream artifactory-direct {
+  server 127.0.0.1:8081;
+}
+  ssl_protocols TLSv1.1 TLSv1.2;
+  ssl_certificate      /var/opt/jfrog/nginx/ssl/cert.pem;
+  ssl_certificate_key  /etc/pki/tls/cert.key;
+  ssl_session_cache shared:SSL:1m;
+  ssl_prefer_server_ciphers   on;
+  ## server configuration
+  server {
+  listen 443 ssl http2;
+  server_name {{ server_name }};
+  if ($http_x_forwarded_proto = '') {
+  set $http_x_forwarded_proto  $scheme;
+  }
+  ## Application specific logs
+  access_log /var/log/nginx/artifactory-access.log;
+  error_log /var/log/nginx/artifactory-error.log;
+  rewrite ^/$ /ui/ redirect;
+  rewrite ^/ui$ /ui/ redirect;
+  chunked_transfer_encoding on;
+  client_max_body_size 0;
+  location / {
+  proxy_read_timeout  2400s;
+  proxy_pass_header   Server;
+  proxy_cookie_path   ~*^/.* /;
+  proxy_pass          "http://artifactory";
+  proxy_next_upstream error timeout non_idempotent;
+  proxy_next_upstream_tries    1;
+  proxy_set_header    X-JFrog-Override-Base-Url $http_x_forwarded_proto://$host:$server_port;
+  proxy_set_header    X-Forwarded-Port  $server_port;
+  proxy_set_header    X-Forwarded-Proto $http_x_forwarded_proto;
+  proxy_set_header    Host              $http_host;
+  proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
+
+  location ~ ^/artifactory/ {
+    proxy_pass    http://artifactory-direct;
+    }
+  }
+}

Ansible/collection/jfrog/ansible/roles/artifactory_nginx_ssl/templates/certificate.key.j2

@@ -0,0 +1,4 @@
+{% set cert = certificate_key.split('|') %}
+{% for line in cert %}
+{{ line }}
+{% endfor %}

Ansible/collection/jfrog/ansible/roles/artifactory_nginx_ssl/templates/certificate.pem.j2

@@ -0,0 +1,4 @@
+{% set cert = certificate.split('|') %}
+{% for line in cert %}
+{{ line }}
+{% endfor %}

Ansible/collection/jfrog/ansible/roles/artifactory_nginx_ssl/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for artifactory_nginx