websites/tasks/main.yml

70 lines
1.2 KiB
YAML

# Main tasks: install base nginx and letsencrypt redirect
---
- name: Install packages
community.general.pacman:
state: present
name:
- nginx
- php-fpm
- mime-types
- name: Generate dhparam
command:
cmd: openssl dhparam -out /etc/nginx/dh-4096.pem 4096
creates: /etc/nginx/dh-4096.pem
- name: Enable php-fpm
systemd:
enabled: true
state: started
name: php-fpm
- name: Create letsencrypt directory
file:
path: /var/lib/letsencrypt/webroot/.well-known/acme-challenge/
recurse: true
state: directory
mode: 0755
owner: http
group: http
- name: create cert dir
file:
path: /etc/nginx/certs/
recurse: true
state: directory
mode: 0711
owner: http
group: http
- name: create conf dir
file:
path: /etc/nginx/conf.d/
recurse: true
state: directory
mode: 0711
owner: http
group: http
- name: Install config
copy:
src: '{{ item }}'
dest: "/etc/nginx/{{ item }}"
owner: http
group: http
mode: 0600
loop:
- nginx.conf
- redir.conf
- letsencrypt
- name: Start nginx
systemd:
enabled: true
state: started
name: nginx
- include: add_websites.yml
when: websites_enabled is defined