You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
61 lines
1.3 KiB
YAML
61 lines
1.3 KiB
YAML
---
|
|
- name: Install NGINX
|
|
apt:
|
|
update_cache: true
|
|
name: nginx
|
|
state: latest
|
|
register: apt_result
|
|
retries: 3
|
|
until: apt_result is succeeded
|
|
|
|
- name: Install certbot
|
|
apt:
|
|
update_cache: true
|
|
name:
|
|
- certbot
|
|
- python3-certbot-nginx
|
|
state: latest
|
|
register: apt_result
|
|
retries: 3
|
|
until: apt_result is succeeded
|
|
|
|
- name: Ensure the cert directory exists
|
|
file:
|
|
path: /etc/nginx/certs
|
|
state: directory
|
|
|
|
- name: Copy snippets
|
|
template:
|
|
src: "nginx/snippets/{{ item }}"
|
|
dest: "/etc/nginx/snippets/{{ item }}"
|
|
loop:
|
|
- options-proxypass.conf
|
|
|
|
- name: Copy reverse proxy sites
|
|
template:
|
|
src: "nginx/sites-available/reverse_proxy"
|
|
dest: "/etc/nginx/sites-available/{{ item.from }}"
|
|
loop: "{{ reverse_proxy_sites }}"
|
|
|
|
- name: Activate sites
|
|
file:
|
|
src: "/etc/nginx/sites-available/{{ item.from }}"
|
|
dest: "/etc/nginx/sites-enabled/{{ item.from }}"
|
|
state: link
|
|
force: yes
|
|
loop: "{{ reverse_proxy_sites }}"
|
|
|
|
- name: Stop nginx to let the certbot do its job
|
|
systemd:
|
|
name: nginx
|
|
state: stoped
|
|
|
|
- name: Generate Certificate for Domains
|
|
shell: certbot certonly --standalone -d {{ item.from }} -m {{ vault_email }} --noninteractive --redirect
|
|
loop: "{{ reverse_proxy_sites }}"
|
|
|
|
- name: Start nginx
|
|
systemd:
|
|
name: nginx
|
|
state: started
|