45 lines
915 B
YAML
45 lines
915 B
YAML
---
|
|
- name: Install webserver
|
|
package:
|
|
state: latest
|
|
name:
|
|
- nginx
|
|
- dehydrated
|
|
|
|
- name: acme mail
|
|
copy:
|
|
dest: "/etc/dehydrated/conf.d/mail"
|
|
content: "CONTACT_EMAIL={{ nginx_acme_mail }}"
|
|
|
|
- name: get let's encrypt account
|
|
command: /usr/bin/dehydrated --register --accept-terms
|
|
args:
|
|
creates: /var/lib/dehydrated/accounts
|
|
|
|
- name: Install letsencrypt cronjob
|
|
template:
|
|
dest: "/etc/systemd/system/{{ item }}"
|
|
src: "{{ item }}"
|
|
with_items:
|
|
- dehydrated.service
|
|
- dehydrated.timer
|
|
|
|
- name: Start lets encrypt cronjob
|
|
systemd:
|
|
name: dehydrated.timer
|
|
state: started
|
|
enabled: yes
|
|
|
|
- name: nginx default config
|
|
notify: reload nginx
|
|
template:
|
|
src: default.nginx
|
|
dest: /etc/nginx/sites-available/default
|
|
|
|
- name: nginx snippets for acme
|
|
notify: reload nginx
|
|
template:
|
|
src: snippets-tls.nginx
|
|
dest: /etc/nginx/snippets/tls-acme.conf
|
|
|
|
|