ansible/roles/nginx/tasks/main.yml

45 lines
915 B
YAML

---
- name: Install webserver
package:
state: latest
name:
- nginx
- dehydrated
- name: acme mail
copy:
dest: "/etc/dehydrated/conf.d/mail"
content: "CONTACT_EMAIL={{ nginx_acme_mail }}"
- name: get let's encrypt account
command: /usr/bin/dehydrated --register --accept-terms
args:
creates: /var/lib/dehydrated/accounts
- name: Install letsencrypt cronjob
template:
dest: "/etc/systemd/system/{{ item }}"
src: "{{ item }}"
with_items:
- dehydrated.service
- dehydrated.timer
- name: Start lets encrypt cronjob
systemd:
name: dehydrated.timer
state: started
enabled: yes
- name: nginx default config
notify: reload nginx
template:
src: default.nginx
dest: /etc/nginx/sites-available/default
- name: nginx snippets for acme
notify: reload nginx
template:
src: snippets-tls.nginx
dest: /etc/nginx/snippets/tls-acme.conf