diff --git a/README.md b/README.md index c512464..4dd4179 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,8 @@ The variable `http_sites` is a dictionnary of the http site managed by nginx. http_sites: `server_name`: root_snippets: - - ? TODO + - ? TODO (currently, raw strings added to the config (like `location.my_location.config`) + use_certbot: bool, optionnal, indicate that the certbot role should generate this certificat. locations: `location`: templates: @@ -61,6 +62,12 @@ Inside the templates, `server_name` is accessed with `{{ item.key }}`, en variab Inside templates of a location, in addition to the variables of the server block, the variables of the location block can be accessed with `{{ location.value.varname }}`, and the value of `location` with `{{ location.key }}`. +## Recommander role + +The `certbot` role is recommanded to use with this role. It generate LE certificates and has this role has a dependency. + +https://gitea.auro.re/Pains-Perdus/certbot + ## Copyright Copyright 2021 Jean-Marie Mineau diff --git a/tasks/main.yml b/tasks/main.yml index a5e9b79..e1f2000 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -106,5 +106,14 @@ template: src: http_proxy_acme.j2 dest: "/etc/nginx/sites-available/acme_http_proxy_{{ item.key }}" - loop: "{{ ssl_reverse_proxy_upstream | dict2items}}" + loop: "{{ ssl_reverse_proxy_upstream | default({}) | dict2items}}" + notify: Reload nginx + +- name: Activate sites + file: + src: "/etc/nginx/sites-available/acme_http_proxy_{{ item.key }}" + dest: "/etc/nginx/sites-enabled/acme_http_proxy_{{ item.key }}" + state: link + force: yes + loop: "{{ ssl_reverse_proxy_upstream | default({}) | dict2items}}" notify: Reload nginx diff --git a/templates/http_proxy_acme.j2 b/templates/http_proxy_acme.j2 index 947e8b7..4280ed4 100644 --- a/templates/http_proxy_acme.j2 +++ b/templates/http_proxy_acme.j2 @@ -1,4 +1,4 @@ -i{{ ansible_managed | comment }} +{{ ansible_managed | comment }} server { listen 80; listen [::]:80; diff --git a/templates/http_server.j2 b/templates/http_server.j2 index 027ead7..2c3aa71 100644 --- a/templates/http_server.j2 +++ b/templates/http_server.j2 @@ -55,6 +55,7 @@ server { {{ config }} {%- endfor -%} + {%- endfilter %} # Logs access_log /var/log/nginx/{{ item.key }}.log;