author | Luke Hoersten <luke@hoersten.org> |
Thu, 03 Jan 2019 20:46:13 -0600 | |
changeset 69 | be979818d483 |
parent 67 | roles/nginx/base/tasks/main.yaml@bd34ae082697 |
child 75 | d8c87a41cc6d |
permissions | -rw-r--r-- |
61
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
1 |
--- |
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
2 |
|
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
3 |
- name: install nginx packages |
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
4 |
become: yes |
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
5 |
apt: name="nginx" |
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
6 |
|
69 | 7 |
- name: install site |
8 |
become: yes |
|
9 |
template: src="{{nginx_conf_src}}" dest="/etc/nginx/sites-available/{{nginx_conf_dst}}" |
|
10 |
notify: restart nginx |
|
11 |
||
12 |
# https://certbot.eff.org/lets-encrypt/ubuntuxenial-nginx |
|
13 |
- name: add certbot (letsencrypt) repo |
|
14 |
become: yes |
|
15 |
apt_repository: repo="ppa:certbot/certbot" |
|
16 |
when: nginx_enable_ssl |
|
17 |
||
18 |
- name: install nginx packages |
|
19 |
become: yes |
|
20 |
apt: name="python-certbot-nginx" |
|
21 |
notify: restart nginx |
|
22 |
when: nginx_enable_ssl |
|
23 |
||
24 |
- name: install certbot in nginx |
|
25 |
become: yes |
|
26 |
command: "certbot certonly --nginx -n --agree-tos -d {{nginx_server_name}} -m {{nginx_admin_email}}" |
|
27 |
notify: restart nginx |
|
28 |
when: nginx_enable_ssl |
|
29 |
||
61
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
30 |
- name: disable default site |
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
31 |
become: yes |
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
32 |
file: path="/etc/nginx/sites-enabled/default" state="absent" |
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
33 |
notify: restart nginx |
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
34 |
|
69 | 35 |
- name: enable site |
36 |
become: yes |
|
37 |
file: |
|
38 |
src: "/etc/nginx/sites-available/{{nginx_conf_dst}}" |
|
39 |
dest: "/etc/nginx/sites-enabled/{{nginx_conf_dst}}" |
|
40 |
state: "link" |
|
41 |
notify: restart nginx |
|
61
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
42 |
|
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
43 |
- name: enable nginx service |
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
44 |
become: yes |
2dd82d9e2103
Added nginx reverse proxy to pleroma.
Luke Hoersten <luke@hoersten.org>
parents:
diff
changeset
|
45 |
systemd: name="nginx" enabled="yes" state="started" |