DO NOT MERGE

I'm doing some crazy stuff here.

Author: grisu48

.github/workflows/CI.yml

@@ -34,10 +34,11 @@ jobs:
         with:
           python-version: '3.11'
       - name: Install requirements
-        run: sudo apt-get install docker python3-pip
+        run: sudo apt-get install ansible podman python3-pip
+      - name: Install ansible collections
+        run: ansible-galaxy collection install community.general
       - name: Install molecule
-        # https://www.jeffgeerling.com/blog/2024/newer-versions-ansible-dont-work-rhel-8[]
-        run: "pip3 install 'ansible-core<2.17' molecule molecule-plugins[docker] pytest testinfra"
+        run: "pip3 install molecule molecule-plugins[podman]"
       - name: Run Molecule
         run: molecule test
         env:

files/www/index.html

@@ -0,0 +1,10 @@
+<!doctype html>
+<html>
+<head>
+<title>nginx</title>
+</head>
+<body>
+<h1>Default page for nginx</h1>
+<p>Congratulations! Your nginx role has been successfully installed on this server</p>
+</body>
+</html>

meta/main.yml

@@ -16,9 +16,6 @@ galaxy_info:
       versions:
         - 15.5
         - 15.6
-    - name: debian
-      versions:
-        - bullseye
 
   galaxy_tags:
     - nginx

molecule/default/Dockerfile.bookworm molecule/default/Containerfile.bookworm

@@ -1,7 +1,7 @@
 FROM registry.opensuse.org/opensuse/leap:15.5
 
 # Install systemd and development tools, clear cache
-RUN zypper in -y systemd systemd-sysvinit firewalld python3 python3-firewall curl && rm -rf /var/cache/*
+RUN zypper in -y systemd systemd-sysvinit python311 curl && rm -rf /var/cache/*
 
 # Start container with systemd
 ENTRYPOINT ["/usr/sbin/init"]

molecule/default/Dockerfile.bullseye molecule/default/Containerfile.bullseye

@@ -1,7 +1,7 @@
 FROM registry.opensuse.org/opensuse/leap:15.6
 
 # Install systemd and development tools, clear cache
-RUN zypper in -y systemd systemd-sysvinit firewalld python3 python3-firewall curl && rm -rf /var/cache/*
+RUN zypper in -y systemd systemd-sysvinit firewalld python311 curl && rm -rf /var/cache/*
 
 # Start container with systemd
 ENTRYPOINT ["/usr/sbin/init"]

molecule/default/Dockerfile.leap15_5 molecule/default/Containerfile.leap15_5

@@ -2,56 +2,36 @@
 dependency:
   name: galaxy
 driver:
-  name: docker
+  name: podman
 platforms:
   - name: leap15_5
     image: registry.opensuse.org/opensuse/leap:15.5
-    dockerfile: Dockerfile.leap15_5
+    dockerfile: Containerfile.leap15_5
     command: ${MOLECULE_DOCKER_COMMAND:-"/usr/sbin/init"}
-    privileged: true
-    cgroupns: host
+    systemd: true
     tmpfs:
-      - /run
-      - /tmp
+      "/tmp": "exec"
+      "/run": "rw,noexec,nosuid,nodev"
   - name: leap15_6
     image: registry.opensuse.org/opensuse/leap:15.6
-    dockerfile: Dockerfile.leap15_6
+    dockerfile: Containerfile.leap15_6
     command: ${MOLECULE_DOCKER_COMMAND:-"/usr/sbin/init"}
-    privileged: true
-    cgroupns: host
+    systemd: true
     tmpfs:
-      - /run
-      - /tmp
-  - name: bullseye
-    image: docker.io/debian:bullseye
-    dockerfile: Dockerfile.bullseye
-    command: ${MOLECULE_DOCKER_COMMAND:-"/sbin/init"}
-    privileged: true
-    cgroupns: host
-    tmpfs:
-      - /run
-      - /tmp
-  - name: bookworm
-    image: docker.io/debian:bookworm
-    dockerfile: Dockerfile.bookworm
-    command: ${MOLECULE_DOCKER_COMMAND:-"/sbin/init"}
-    privileged: true
-    cgroupns: host
-    tmpfs:
-      - /run
-      - /tmp
+      "/tmp": "exec"
+      "/run": "rw,noexec,nosuid,nodev"
 provisioner:
   name: ansible
   inventory:
     host_vars:
       leap15_5:
         vhosts_dir: "/etc/nginx/vhosts.d"
         deploy_nginx_config: true
-        ansible_python_interpreter: "/usr/bin/python3"
+        ansible_python_interpreter: "/usr/bin/python3.11"
       leap15_6:
         vhosts_dir: "/etc/nginx/vhosts.d"
         deploy_nginx_config: true
-        ansible_python_interpreter: "/usr/bin/python3"
+        ansible_python_interpreter: "/usr/bin/python3.11"
       bullseye:
         vhosts_dir: "/etc/nginx/sites-enabled"
         deploy_nginx_config: false

molecule/default/Dockerfile.leap15_6 molecule/default/Containerfile.leap15_6

@@ -7,7 +7,7 @@
 
 testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
 
-def test_phpinfo(host):
+def test_index(host):
 	cmd = host.run("curl -v http://127.0.0.1/index.html")
 	print(cmd.stdout)
 	assert 'HTTP/1.1 200 OK' in cmd.stderr

molecule/default/molecule.yml

@@ -1,27 +1,21 @@
 ---
-# setup a default page
+# setup default page
 
-- name: Ensure default page directory exists
-  file:
-    path: /srv/www/default
+- name: Ensure default template exists
+  copy:
+    src: www/
+    dest: "{{www_dir}}/default/"
     owner: "{{nginx_user}}"
     group: "{{nginx_group}}"
-    mode: 0755
-    state: directory
-  tags: ['nginx']
-- name: Ensure default page exists
-  template:
-    src: index.j2
-    dest: "{{www_dir}}/default/index.html"
-    owner: "{{nginx_user}}"
-    group: "{{nginx_group}}"
-    mode: 0755
+    mode: 0644
+    directory_mode: 0755
     force: false
   tags: ['nginx']
+
 - name: Ensure default page nginx template exists
   template:
-    src: default-www.j2
-    dest: "{{vhosts_dir}}/default-www.conf"
+    src: default.j2
+    dest: "{{vhosts_dir}}/default.conf"
     owner: root
     group: root
     mode: 0644

molecule/default/tests/test_default.py

@@ -3,11 +3,14 @@
 
 # Distribution specific vars are ALWAYS needed, so don't forget the tags here
 - name: include distribution specific vars
-  include_vars: "{{ansible_distribution}}_{{ansible_distribution_version}}.yml"
+  include_vars: "{{ansible_distribution}}.yml"
   tags: ['nginx', 'firewall', 'systemd']
 
 - include_tasks: software.yml
+  tags: ['nginx', 'firewall', 'systemd']
 - include_tasks: firewall.yml
   when: config_firewall == true
+  tags: ['firewall']
 - include_tasks: default-page.yml
   when: setup_default_page == true
+  tags: ['nginx']

tasks/default-page.yml

@@ -6,6 +6,7 @@
     name: "{{ packages }}"
     state: present
   tags: ['nginx']
+
 - name: Ensure nginx service is enabled
   systemd:
     name: "{{ nginx_service }}"

tasks/main.yml

@@ -5,7 +5,7 @@ server {
     listen [::]:80;
 
     root /srv/www/default;
-    index index.php index.html index.htm;
+    index index.html index.htm;
 
     server_name {{default_page_hostname}};
 

tasks/software.yml

@@ -1,2 +1,2 @@
 ---
-# vars file for lemp
+# vars file for nginx

templates/default-www.j2 templates/default.j2

@@ -1,9 +1,10 @@
 ---
-# openSUSE Leap 15.6 specific variables
+# openSUSE Leap specific variables
 
 ## Software packages
 
-packages: ['nginx']
+packages:
+  - nginx
 nginx_service: "nginx"
 
 ## OS-Specific directories