- name: Copy nginx configuration files become: true ansible.builtin.template: src: '{{ item.src }}' dest: '{{ item.dest }}' owner: root group: root mode: '0644' loop: - src: 'templates/nginx/default.j2' dest: '/etc/nginx/sites-available/default' - src: 'templates/nginx/forgejo.j2' dest: '/etc/nginx/sites-available/forgejo' - src: 'templates/nginx/woodpecker.j2' dest: '/etc/nginx/sites-available/woodpecker' - src: 'templates/nginx/glitchtip.j2' dest: '/etc/nginx/sites-available/glitchtip' - src: 'templates/nginx/newsreader.j2' dest: '/etc/nginx/sites-available/newsreader' notify: restart nginx - name: Create configuration links become: true ansible.builtin.file: src: '{{ item.src }}' dest: '{{ item.dest }}' state: link loop: - src: '/etc/nginx/sites-available/default' dest: '/etc/nginx/sites-enabled/default' - src: '/etc/nginx/sites-available/forgejo' dest: '/etc/nginx/sites-enabled/forgejo' - src: '/etc/nginx/sites-available/woodpecker' dest: '/etc/nginx/sites-enabled/woodpecker' - src: '/etc/nginx/sites-available/glitchtip' dest: '/etc/nginx/sites-enabled/glitchtip' - src: '/etc/nginx/sites-available/newsreader' dest: '/etc/nginx/sites-enabled/newsreader' notify: restart nginx # Run the folowing command to regenerate a certificate: # # sudo certbot certonly \ # --authenticator standalone \ # --pre-hook 'systemctl stop nginx' \ # --post-hook 'systemctl start nginx' \ # --cert-name fudiggity.nl \ # -d fudiggity.nl \ # -d rss.fudiggity.nl \ # -d ..... # # This will also save its configuration. # - name: Copy letsencrypt configuration become: true ansible.builtin.template: src: 'templates/letsencrypt/cli.j2' dest: '/etc/letsencrypt/cli.ini' owner: root group: root mode: '0644' notify: restart certbot - name: Enable certbot periodic certificate renewal become: true ansible.builtin.systemd: name: certbot.timer state: started enabled: true