- name: copy nginx configuration files become: true template: src: '{{ item.src }}' dest: '{{ item.dest }}' owner: root group: root mode: '0644' loop: - { src: 'templates/nginx/default.j2', dest: '/etc/nginx/sites-available/default' } - { src: 'templates/nginx/forgejo.j2', dest: '/etc/nginx/sites-available/forgejo' } - { src: 'templates/nginx/woodpecker.j2', dest: '/etc/nginx/sites-available/woodpecker' } - { src: 'templates/nginx/sentry.j2', dest: '/etc/nginx/sites-available/sentry' } - { src: 'templates/nginx/vpn.j2', dest: '/etc/nginx/sites-available/vpn' } - { src: 'templates/nginx/newsreader.j2', dest: '/etc/nginx/sites-available/newsreader', } notify: restart nginx - name: create configuration links become: true file: src: '{{ item.src }}' dest: '{{ item.dest }}' state: link loop: - { src: '/etc/nginx/sites-available/default', dest: '/etc/nginx/sites-enabled/default', } - { src: '/etc/nginx/sites-available/forgejo', dest: '/etc/nginx/sites-enabled/forgejo', } - { src: '/etc/nginx/sites-available/woodpecker', dest: '/etc/nginx/sites-enabled/woodpecker', } - { src: '/etc/nginx/sites-available/sentry', dest: '/etc/nginx/sites-enabled/sentry', } - { src: '/etc/nginx/sites-available/vpn', dest: '/etc/nginx/sites-enabled/vpn' } - { src: '/etc/nginx/sites-available/newsreader', dest: '/etc/nginx/sites-enabled/newsreader', } notify: restart nginx # Run the folowing command to regenerate a certificate: # # sudo certbot certonly \ # --authenticator standalone \ # --pre-hook 'systemctl stop nginx' \ # --post-hook 'systemctl start nginx' \ # --cert-name fudiggity.nl \ # -d fudiggity.nl \ # -d rss.fudiggity.nl \ # -d ..... # # This will also save its configuration. # - name: copy letsencrypt configuration become: true template: src: 'templates/letsencrypt/cli.j2' dest: '/etc/letsencrypt/cli.ini' owner: root group: root mode: '0644' notify: restart certbot - name: enable certbot periodic certificate renewal become: true systemd: name: certbot.timer state: started enabled: true