You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
62 lines
1.4 KiB
YAML
62 lines
1.4 KiB
YAML
---
|
|
- name: Install NGINX
|
|
apt:
|
|
update_cache: true
|
|
name: nginx
|
|
state: latest
|
|
register: apt_result
|
|
retries: 3
|
|
until: apt_result is succeeded
|
|
|
|
- name: Copy snippets
|
|
template:
|
|
src: "snippets/{{ item }}"
|
|
dest: "/etc/nginx/snippets/{{ item }}"
|
|
loop:
|
|
- connection_upgrade.conf # fix some nginx bug
|
|
|
|
- name: Ensure the cert directory exists
|
|
file:
|
|
path: /etc/nginx/certs
|
|
state: directory
|
|
|
|
- name: Create a dummy cert
|
|
block:
|
|
- name: Generate private key
|
|
openssl_privatekey:
|
|
path: /etc/nginx/certs/dummy.key
|
|
mode: u=rw,g=,o=
|
|
size: 4096
|
|
- name: Generate the signing request
|
|
openssl_csr:
|
|
path: /etc/nginx/certs/dummy.req
|
|
privatekey_path: /etc/nginx/certs/dummy.key
|
|
common_name: dummy
|
|
- name: Sign Cert
|
|
openssl_certificate:
|
|
path: /etc/nginx/certs/dummy.pem
|
|
privatekey_path: /etc/nginx/certs/dummy.key
|
|
csr_path: /etc/nginx/certs/dummy.req
|
|
provider: selfsigned
|
|
|
|
- name: Add wasm to mime type
|
|
lineinfile:
|
|
path: /etc/nginx/mime.types
|
|
regexp: '\s*application/wasm\s+wasm;$'
|
|
line: ' application/wasm wasm;'
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
insertbefore: '}'
|
|
|
|
- name: Copy NGINX conf
|
|
template:
|
|
src: nginx.conf
|
|
dest: /etc/nginx/nginx.conf
|
|
|
|
- name: Create the SSL reverse proxy conf
|
|
template:
|
|
src: stream_rp.conf
|
|
dest: /etc/nginx/stream_rp.conf
|
|
force: no
|