60 lines
1.4 KiB
YAML
60 lines
1.4 KiB
YAML
- name:
|
|
become: true
|
|
block:
|
|
- name: Install package nginx
|
|
apt:
|
|
name: nginx
|
|
|
|
- name: Delete directories in /etc/nginx/
|
|
file:
|
|
path: "/etc/nginx/{{ item }}"
|
|
state: absent
|
|
loop:
|
|
- sites-enabled
|
|
- snippets
|
|
|
|
- name: Create directories in /etc/nginx/
|
|
file:
|
|
path: "/etc/nginx/{{ item }}"
|
|
state: directory
|
|
loop:
|
|
- sites-enabled
|
|
- snippets
|
|
|
|
- name: Template configuration files to /etc/nginx/
|
|
template:
|
|
src: "{{ item.src }}"
|
|
dest: "/etc/nginx/{{ item.path }}"
|
|
owner: root
|
|
group: root
|
|
mode: '644'
|
|
with_filetree: ../templates/
|
|
when: item.state == 'file'
|
|
|
|
- name: Get state of file /etc/nginx/dhparam.txt
|
|
stat:
|
|
path: /etc/nginx/dhparam.txt
|
|
register: nginx_stat_dhparam_result
|
|
|
|
- name: Download dhparam file from Mozilla
|
|
get_url:
|
|
url: https://ssl-config.mozilla.org/ffdhe2048.txt
|
|
dest: /etc/nginx/dhparam.txt
|
|
when: not nginx_stat_dhparam_result.stat.exists
|
|
|
|
- name: Set correct permissions on certificate directories
|
|
file:
|
|
path: "/etc/letsencrypt/{{ item }}/{{ domain }}"
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '750'
|
|
loop:
|
|
- live
|
|
- archive
|
|
|
|
- name: Start/Reload NGINX service
|
|
service:
|
|
name: nginx
|
|
state: reloaded
|
|
enabled: yes
|