You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
70 lines
1.2 KiB
70 lines
1.2 KiB
2 years ago
|
# Main tasks: install base nginx and letsencrypt redirect
|
||
|
|
---
|
||
|
|
|
||
|
|
- name: Install packages
|
||
|
|
community.general.pacman:
|
||
|
|
state: present
|
||
|
|
name:
|
||
|
|
- nginx
|
||
|
|
- php-fpm
|
||
|
|
- mime-types
|
||
|
|
|
||
|
|
- name: Generate dhparam
|
||
|
|
command:
|
||
|
|
cmd: openssl dhparam -out /etc/nginx/dh-4096.pem 4096
|
||
|
|
creates: /etc/nginx/dh-4096.pem
|
||
|
|
|
||
|
|
- name: Enable php-fpm
|
||
|
|
systemd:
|
||
|
|
enabled: true
|
||
|
|
state: started
|
||
|
|
name: php-fpm
|
||
|
|
|
||
|
|
- name: Create letsencrypt directory
|
||
|
|
file:
|
||
|
|
path: /var/lib/letsencrypt/webroot/.well-known/acme-challenge/
|
||
|
|
recurse: true
|
||
|
|
state: directory
|
||
|
|
mode: 0755
|
||
|
|
owner: http
|
||
|
|
group: http
|
||
|
|
|
||
|
|
- name: create cert dir
|
||
|
|
file:
|
||
|
|
path: /etc/nginx/certs/
|
||
|
|
recurse: true
|
||
|
|
state: directory
|
||
|
|
mode: 0711
|
||
|
|
owner: http
|
||
|
|
group: http
|
||
|
|
|
||
|
|
- name: create conf dir
|
||
|
|
file:
|
||
|
|
path: /etc/nginx/conf.d/
|
||
|
|
recurse: true
|
||
|
|
state: directory
|
||
|
|
mode: 0711
|
||
|
|
owner: http
|
||
|
|
group: http
|
||
|
|
|
||
|
|
- name: Install config
|
||
|
|
copy:
|
||
|
|
src: '{{ item }}'
|
||
|
|
dest: "/etc/nginx/{{ item }}"
|
||
|
|
owner: http
|
||
|
|
group: http
|
||
|
|
mode: 0600
|
||
|
|
loop:
|
||
|
|
- nginx.conf
|
||
|
|
- redir.conf
|
||
|
|
- letsencrypt
|
||
|
|
|
||
|
|
- name: Start nginx
|
||
|
|
systemd:
|
||
|
|
enabled: true
|
||
|
|
state: started
|
||
|
|
name: nginx
|
||
|
|
|
||
|
|
- include: add_websites.yml
|
||
|
|
when: websites_enabled is defined
|