- name: Install package: name: - nginx - dehydrated - name: create folders file: path: "{{ item }}" state: directory with_items: - /srv/http/.well-known/acme-challenge - /etc/nginx/sites.d - /etc/nginx/local.d - /etc/nginx/snippets - name: templates notify: reload nginx template: src: "{{ item.file }}" dest: "/etc/nginx/{{ item.path }}" with_items: - file: nginx.conf path: nginx.conf - file: letsencrypt.nginx path: snippets/letsencrypt.conf - file: 00-tls-redirect.nginx path: sites.d/00-tls-redirect.act - name: started systemd: name: nginx state: started - name: config dehydrated template: src: dehydrated dest: /etc/dehydrated/config - name: get let's encrypt account command: /usr/bin/dehydrated --register --accept-terms args: creates: /etc/dehydrated/accounts - name: get inventory_hostname cert notify: dehydrated lineinfile: path: /etc/dehydrated/domains.txt line: "{{ inventory_hostname }}" create: yes - name: templates tls notify: reload nginx template: src: "10-tls.nginx" dest: "/etc/nginx/sites.d/10-tls.act" - name: templates local.d notify: reload nginx template: src: "10-tls.local.nginx" dest: "/etc/nginx/local.d/10-tls.act" - name: enabled dehydrated systemd: name: dehydrated.timer state: started enabled: yes - name: enabled nginx systemd: name: nginx enabled: yes