sonny/debian-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-setup/tasks/nginx.yml

70 lines
2 KiB
YAML
Raw Blame History

---
- name: Copy nginx configuration files
become: true
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: root
group: root
mode: "0644"
loop:
- src: "templates/nginx/default.j2"
dest: "/etc/nginx/sites-available/default"
- src: "templates/nginx/forgejo.j2"
dest: "/etc/nginx/sites-available/forgejo"
- src: "templates/nginx/woodpecker.j2"
dest: "/etc/nginx/sites-available/woodpecker"
- src: "templates/nginx/glitchtip.j2"
dest: "/etc/nginx/sites-available/glitchtip"
- src: "templates/nginx/newsreader.j2"
dest: "/etc/nginx/sites-available/newsreader"
notify: restart nginx
- name: Create configuration links
become: true
ansible.builtin.file:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
state: link
loop:
- src: "/etc/nginx/sites-available/default"
dest: "/etc/nginx/sites-enabled/default"
- src: "/etc/nginx/sites-available/forgejo"
dest: "/etc/nginx/sites-enabled/forgejo"
- src: "/etc/nginx/sites-available/woodpecker"
dest: "/etc/nginx/sites-enabled/woodpecker"
- src: "/etc/nginx/sites-available/glitchtip"
dest: "/etc/nginx/sites-enabled/glitchtip"
- src: "/etc/nginx/sites-available/newsreader"
dest: "/etc/nginx/sites-enabled/newsreader"
notify: restart nginx
# Run the folowing command to regenerate a certificate:
#
# sudo certbot certonly \
# --authenticator standalone \
# --pre-hook 'systemctl stop nginx' \
# --post-hook 'systemctl start nginx' \
# --cert-name fudiggity.nl \
# -d fudiggity.nl \
# -d rss.fudiggity.nl \
# -d .....
#
# This will also save its configuration.
#
- name: Copy letsencrypt configuration
become: true
ansible.builtin.template:
src: "templates/letsencrypt/cli.j2"
dest: "/etc/letsencrypt/cli.ini"
owner: root
group: root
mode: "0644"
notify: restart certbot
- name: Enable certbot periodic certificate renewal
become: true
ansible.builtin.systemd:
name: certbot.timer
state: started
enabled: true
Reference in a new issue View git blame Copy permalink