mirror of
https://github.com/DO1JLR/ansible_role_nginx.git
synced 2024-08-16 16:19:48 +02:00
124 lines
3 KiB
YAML
124 lines
3 KiB
YAML
---
|
|
# TODO: Implement site config template templates
|
|
|
|
|
|
- name: Create '{{ site.name }}' site plain http configuration
|
|
template:
|
|
src: 'files/nginx/sites-available/http_plain_redirect.conf.j2'
|
|
dest: '/etc/nginx/sites-available/{{ site.name }}_http'
|
|
owner: root
|
|
group: root
|
|
mode: 'u=rw,g=r,o=r'
|
|
#when: site.http_plain_template | default(True)
|
|
notify:
|
|
- systemctl reload nginx
|
|
tags:
|
|
- configuration
|
|
- nginx
|
|
- sites
|
|
|
|
|
|
- name: Create '{{ site.name }}' site tls https configuration
|
|
template:
|
|
src: 'files/nginx/sites/{{ site.name }}_tls.conf'
|
|
dest: '/etc/nginx/sites-available/{{ site.name }}_tls'
|
|
owner: root
|
|
group: root
|
|
mode: 'u=rw,g=r,o=r'
|
|
#when: not site.redirect_target | default(True)
|
|
notify:
|
|
- systemctl reload nginx
|
|
tags:
|
|
- configuration
|
|
- nginx
|
|
- sites
|
|
|
|
|
|
- name: Create '{{ site.name }}' site tls parameter configuration
|
|
template:
|
|
src: 'files/nginx/snippets/tls_parameters.snippet.conf'
|
|
dest: '/etc/nginx/snippets/tls_parameters_{{ site.name }}.snippet.conf'
|
|
owner: root
|
|
group: root
|
|
mode: 'u=rw,g=r,o=r'
|
|
notify:
|
|
- systemctl reload nginx
|
|
tags:
|
|
- configuration
|
|
- nginx
|
|
- sites
|
|
|
|
|
|
- name: Create '{{ site.name }}' site tls certificate configuration
|
|
template:
|
|
src: 'files/nginx/snippets/tls_certificate.snippet.conf'
|
|
dest: '/etc/nginx/snippets/tls_certificate_{{ site.name }}.snippet.conf'
|
|
owner: root
|
|
group: root
|
|
mode: 'u=rw,g=r,o=r'
|
|
notify:
|
|
- systemctl reload nginx
|
|
tags:
|
|
- configuration
|
|
- nginx
|
|
- sites
|
|
|
|
|
|
- name: Create '{{ site.name }}' site logging configuration
|
|
template:
|
|
src: 'files/nginx/snippets/logging.snippet.conf'
|
|
dest: '/etc/nginx/snippets/logging_{{ site.name }}.snippet.conf'
|
|
owner: root
|
|
group: root
|
|
mode: 'u=rw,g=r,o=r'
|
|
notify:
|
|
- systemctl reload nginx
|
|
tags:
|
|
- configuration
|
|
- nginx
|
|
- sites
|
|
|
|
|
|
#- name: Copy additional per site '{{ site.name }}' snippet files
|
|
# template:
|
|
# src: 'files/nginx/snippets/{{ item }}'
|
|
# dest: '/etc/nginx/snippets/{{ item }}'
|
|
# owner: root
|
|
# group: root
|
|
# mode: 'u=rw,g=r,o=r'
|
|
# with_items: '{{ site.snippets }}'
|
|
# when: site.snippets | default([])
|
|
# notify:
|
|
# - systemctl reload nginx
|
|
# tags:
|
|
# - configuration
|
|
# - nginx
|
|
# - sites
|
|
|
|
|
|
- name: Enable '{{ site.name }}' site plain http configuration
|
|
file:
|
|
src: '/etc/nginx/sites-available/{{ site.name }}_http'
|
|
dest: '/etc/nginx/sites-enabled/{{ site.name }}_http'
|
|
state: link
|
|
when: site.http_plain_template | default(True)
|
|
notify:
|
|
- systemctl reload nginx
|
|
tags:
|
|
- configuration
|
|
- nginx
|
|
- sites
|
|
|
|
|
|
# Note: done by acmetool after sucessfully obtaining a suitable certificate
|
|
#- name: Enable '{{ site.name }}' site tls configuration
|
|
# file:
|
|
# src: '/etc/nginx/sites-available/{{ site.name }}_tls'
|
|
# dest: '/etc/nginx/sites-enabled/{{ site.name }}_tls'
|
|
# state: link
|
|
# notify:
|
|
# - systemctl reload nginx
|
|
# tags:
|
|
# - configuration
|
|
# - nginx
|
|
# - sites
|