ansible/roles/reverse_proxy/tasks/main.yml

61 lines
1.3 KiB
YAML
Raw Normal View History

2020-10-12 09:32:59 +02:00
---
2020-10-12 23:58:33 +02:00
- name: Install NGINX
2020-10-12 09:32:59 +02:00
apt:
update_cache: true
name: nginx
state: latest
register: apt_result
retries: 3
until: apt_result is succeeded
2020-10-12 23:02:15 +02:00
2020-10-12 23:58:33 +02:00
- name: Install certbot
apt:
update_cache: true
name:
- certbot
- python3-certbot-nginx
state: latest
register: apt_result
retries: 3
until: apt_result is succeeded
2020-10-13 01:25:02 +02:00
- name: Ensure the cert directory exists
file:
path: /etc/nginx/certs
state: directory
- name: Copy snippets
template:
src: "nginx/snippets/{{ item }}"
dest: "/etc/nginx/snippets/{{ item }}"
loop:
- options-proxypass.conf
2020-10-12 23:02:15 +02:00
- name: Copy reverse proxy sites
template:
src: "nginx/sites-available/reverse_proxy"
dest: "/etc/nginx/sites-available/{{ item.from }}"
loop: "{{ reverse_proxy_sites }}"
2020-10-12 23:58:33 +02:00
- name: Activate sites
file:
src: "/etc/nginx/sites-available/{{ item.from }}"
dest: "/etc/nginx/sites-enabled/{{ item.from }}"
state: link
force: yes
loop: "{{ reverse_proxy_sites }}"
2020-10-13 01:25:02 +02:00
- name: Stop nginx to let the certbot do its job
systemd:
name: nginx
state: stoped
2020-10-12 23:58:33 +02:00
- name: Generate Certificate for Domains
2020-10-13 01:25:02 +02:00
shell: certbot certonly --standalone -d {{ item.from }} -m {{ vault_email }} --noninteractive --redirect
loop: "{{ reverse_proxy_sites }}"
- name: Start nginx
systemd:
name: nginx
state: started