ansible-role-webserver/tasks/main.yml

- name: Install
  package:
    name:
    - nginx
    - dehydrated

- name: create folders
  file:
    path: "{{ item }}"
    state: directory
  with_items:
  - /srv/http/.well-known/acme-challenge
  - /etc/nginx/sites.d
  - /etc/nginx/local.d
  - /etc/nginx/snippets

- name: templates
  notify: reload nginx
  template:
    src: "{{ item.file }}"
    dest: "/etc/nginx/{{ item.path }}"
  with_items:
  - file: nginx.conf
    path: nginx.conf
  - file: letsencrypt.nginx
    path: snippets/letsencrypt.conf
  - file: 00-tls-redirect.nginx
    path: sites.d/00-tls-redirect.act

- name: started
  systemd:
    name: nginx
    state: started

- name: config dehydrated
  template:
    src: dehydrated
    dest: /etc/dehydrated/config

- name: get let's encrypt account 
  command: /usr/bin/dehydrated --register --accept-terms
  args:
    creates: /etc/dehydrated/accounts

- name: get inventory_hostname cert
  notify: dehydrated
  lineinfile:
    path: /etc/dehydrated/domains.txt
    line: "{{ inventory_hostname }}"
    create: yes

- name: templates tls
  notify: reload nginx
  template:
    src: "10-tls.nginx"
    dest: "/etc/nginx/sites.d/10-tls.act"

- name: templates local.d
  notify: reload nginx
  template:
    src: "10-tls.local.nginx"
    dest: "/etc/nginx/local.d/10-tls.act"

- name: enabled dehydrated
  systemd:
    name: dehydrated.timer
    state: started
    enabled: yes

- name: enabled nginx
  systemd:
    name: nginx
    enabled: yes
init 2020-07-21 02:22:32 +02:00			`- name: Install`
			`package:`
			`name:`
			`- nginx`
			`- dehydrated`

			`- name: create folders`
			`file:`
			`path: "{{ item }}"`
			`state: directory`
			`with_items:`
			`- /srv/http/.well-known/acme-challenge`
			`- /etc/nginx/sites.d`
add support for location 2020-07-21 02:37:37 +02:00			`- /etc/nginx/local.d`
init 2020-07-21 02:22:32 +02:00			`- /etc/nginx/snippets`

			`- name: templates`
			`notify: reload nginx`
			`template:`
			`src: "{{ item.file }}"`
			`dest: "/etc/nginx/{{ item.path }}"`
			`with_items:`
			`- file: nginx.conf`
			`path: nginx.conf`
			`- file: letsencrypt.nginx`
			`path: snippets/letsencrypt.conf`
			`- file: 00-tls-redirect.nginx`
			`path: sites.d/00-tls-redirect.act`

			`- name: started`
			`systemd:`
			`name: nginx`
			`state: started`

			`- name: config dehydrated`
			`template:`
			`src: dehydrated`
			`dest: /etc/dehydrated/config`

			`- name: get let's encrypt account`
			`command: /usr/bin/dehydrated --register --accept-terms`
			`args:`
			`creates: /etc/dehydrated/accounts`

			`- name: get inventory_hostname cert`
			`notify: dehydrated`
			`lineinfile:`
			`path: /etc/dehydrated/domains.txt`
			`line: "{{ inventory_hostname }}"`
			`create: yes`

add support for location 2020-07-21 02:37:37 +02:00			`- name: templates tls`
init 2020-07-21 02:22:32 +02:00			`notify: reload nginx`
			`template:`
			`src: "10-tls.nginx"`
			`dest: "/etc/nginx/sites.d/10-tls.act"`

add support for location 2020-07-21 02:37:37 +02:00			`- name: templates local.d`
			`notify: reload nginx`
			`template:`
			`src: "10-tls.local.nginx"`
			`dest: "/etc/nginx/local.d/10-tls.act"`

init 2020-07-21 02:22:32 +02:00			`- name: enabled dehydrated`
			`systemd:`
			`name: dehydrated.timer`
			`state: started`
			`enabled: yes`

			`- name: enabled nginx`
			`systemd:`
			`name: nginx`
			`enabled: yes`