sonny/debian-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-setup/tasks/nginx.yml

70 lines
2 KiB
YAML
Raw Blame History

- name: Copy nginx configuration files
become: true
ansible.builtin.template:
src: '{{ item.src }}'
dest: '{{ item.dest }}'
owner: root
group: root
mode: '0644'
loop:
- src: 'templates/nginx/default.j2'
dest: '/etc/nginx/sites-available/default'
- src: 'templates/nginx/forgejo.j2'
dest: '/etc/nginx/sites-available/forgejo'
- src: 'templates/nginx/woodpecker.j2'
dest: '/etc/nginx/sites-available/woodpecker'
- src: 'templates/nginx/glitchtip.j2'
dest: '/etc/nginx/sites-available/glitchtip'
- src: 'templates/nginx/newsreader.j2'
dest: '/etc/nginx/sites-available/newsreader'
notify: restart nginx
- name: Create configuration links
become: true
ansible.builtin.file:
src: '{{ item.src }}'
dest: '{{ item.dest }}'
state: link
loop:
- src: '/etc/nginx/sites-available/default'
dest: '/etc/nginx/sites-enabled/default'
- src: '/etc/nginx/sites-available/forgejo'
dest: '/etc/nginx/sites-enabled/forgejo'
- src: '/etc/nginx/sites-available/woodpecker'
dest: '/etc/nginx/sites-enabled/woodpecker'
- src: '/etc/nginx/sites-available/glitchtip'
dest: '/etc/nginx/sites-enabled/glitchtip'
- src: '/etc/nginx/sites-available/newsreader'
dest: '/etc/nginx/sites-enabled/newsreader'
notify: restart nginx
# Run the folowing command to regenerate a certificate:
#
# sudo certbot certonly \
# --authenticator standalone \
# --pre-hook 'systemctl stop nginx' \
# --post-hook 'systemctl start nginx' \
# --cert-name fudiggity.nl \
# -d fudiggity.nl \
# -d rss.fudiggity.nl \
# -d .....
#
# This will also save its configuration.
#
- name: Copy letsencrypt configuration
become: true
ansible.builtin.template:
src: 'templates/letsencrypt/cli.j2'
dest: '/etc/letsencrypt/cli.ini'
owner: root
group: root
mode: '0644'
notify: restart certbot
- name: Enable certbot periodic certificate renewal
become: true
ansible.builtin.systemd:
name: certbot.timer
state: started
enabled: true
Reference in a new issue View git blame Copy permalink