You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

88 lines
2.0 KiB
YAML

---
- name: Install nginx
apt:
state: present
name:
- nginx-full
- name: Remove uneccesary directories
file:
state: absent
name: "{{ nginx_installation_directory }}/{{ item }}"
with_items: "{{ nginx_unnecessary_files }}"
- name: Create directories for nginx
file:
state: directory
name: "{{ item }}"
owner: root
group: root
mode: "u=rwx,g=rx,o=rx"
with_items:
- "{{ nginx_upstreams_directory }}"
- "{{ nginx_sites_directory }}"
- "{{ nginx_streams_directory }}"
- "{{ nginx_snippets_directory }}"
- "{{ global_webservers_directory }}"
- name: Upload snippets to nginx
template:
src: "{{ item }}.conf"
dest: "{{ nginx_snippets_directory }}/{{ item }}"
owner: root
group: root
mode: "u=rw,g=r,o=r"
with_items: "{{ nginx_snippets }}"
notify: reload nginx
- name: Retrieve dns resolver addresses
shell: >-
echo resolver $(awk 'BEGIN{ORS=" "} $1=="nameserver" {print $2}' /etc/resolv.conf) ';'
> {{ nginx_snippets_directory | quote }}/resolver.conf
args:
creates: "{{ nginx_snippets_directory }}/resolver.conf"
notify: reload nginx
- name: Configure validation directory
file:
state: directory
name: "{{ item }}"
owner: root
group: "{{ acme_system_user }}"
mode: "u=rwx,g=rwx,o=rx"
loop:
- "{{ nginx_validation_root_directory }}"
- "{{ nginx_validation_test_file | dirname }}"
- name: Configure test file for validation directory
copy:
content: "{{ ansible_fqdn }}"
dest: "{{ nginx_validation_test_file }}"
owner: root
group: root
mode: "u=rw,g=r,o=r"
- name: Enable nginx service
systemd:
enabled: yes
name: nginx
- name: Configure nginx
template:
src: nginx.conf
dest: "{{ nginx_installation_directory }}/nginx.conf"
validate: /usr/sbin/nginx -t -c %s
notify: reload nginx
- name: Allow ports for http in firewall
ufw:
rule: allow
port: "{{ item }}"
proto: tcp
with_items:
- 80
- 443
# TODO Configure global log