Ansible Compose Nginx Stack

An Ansible project for automated deployment of Docker Compose stacks with Nginx reverse proxy.

Project Structure

.
├── inventories/        # Host and variable definitions
│   └── dev/
│       ├── hosts.ini   # List of hosts
│       └── group_vars/ # Variables for each group
├── playbooks/          
│   └── site.yml        # Main playbook
└── roles/              # Ansible roles
    ├── common/         # Common packages
    ├── docker/         # Docker installation
    ├── app_compose/    # Deploy Docker Compose stacks
    └── nginx/          # Install and configure Nginx

Roles

common

Installs common packages (curl, vim, git, ...)

docker

Installs Docker and Docker Compose plugin

app_compose

Deploys Docker Compose stacks from local files

Important variables:

• stack_name: Name of the stack
• stack_base_dir: Base directory path (/opt/stack)
• compose_src: Path to docker-compose.yml file
• env_vars: Dictionary of environment variables

nginx

Installs and configures Nginx as a reverse proxy

Important variables:

• nginx_site_name: Name of the site config
• nginx_listen_port: Port (default: 80)
• nginx_server_name: Server name (default: _)
• nginx_proxy_pass: Backend address

Usage

Running playbook

ansible-playbook -i inventories/dev/hosts.ini playbooks/site.yml

Check syntax

ansible-playbook playbooks/site.yml --syntax-check

Dry run (test without applying changes)

ansible-playbook -i inventories/dev/hosts.ini playbooks/site.yml --check

Run a specific role

ansible-playbook -i inventories/dev/hosts.ini playbooks/site.yml --tags docker

GitHub Actions

The project includes an automated workflow:

Workflow stages:

1. Validate - Check syntax of all playbooks
2. Lint - Check YAML standards and Ansible best practices
3. Deploy to Dev - Auto-deploy to development (only on develop branch)
4. Deploy to Prod - Auto-deploy to production (only on main branch)

GitHub Configuration

In GitHub repository settings, follow these steps:

1. Set up Secrets

In Settings > Secrets and variables > Actions:

• SSH_PRIVATE_KEY: SSH key for connecting to servers

2. Set up Environments (optional)

In Settings > Environments:

development:

• Production branch: develop
• Deployment branches: develop

production:

• Production branch: main
• Deployment branches: main

3. SSH Key Setup

# Generate SSH key (if you don't have one)
ssh-keygen -t ed25519 -f ansible_key -C "ansible@prod"

# Add public key to servers
# Add private key to GitHub Secrets

Docker Compose Files

docker-compose.yml files should be located in the files/compose/ directory:

files/
└── compose/
    ├── app/
    │   └── docker-compose.yml
    └── db/
        └── docker-compose.yml

Example Inventory

[web]
web01 ansible_host=192.168.56.10

[db]
db01 ansible_host=192.168.56.20

[all:vars]
ansible_user=ubuntu
ansible_become=true

Example Group Variables

web.yml:

stack_name: app
compose_src: "files/compose/app/docker-compose.yml"
env_vars:
  PORT: "8080"

nginx_proxy_pass: "http://127.0.0.1:8080"

db.yml:

stack_name: db
compose_src: "files/compose/db/docker-compose.yml"
env_vars:
  POSTGRES_PASSWORD: "secure-password"

Requirements

• Ansible 2.9+
• Python 3.6+
• SSH access to target servers
• Ubuntu/Debian servers

Development

For local development:

# Install yamllint and ansible-lint
pip install yamllint ansible-lint

# Check YAML
yamllint .

# Check Ansible
ansible-lint playbooks/site.yml