You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
|
---
|
|
|
|
|
|
|
|
- name: Set up Lets Encrypt
|
|
|
|
hosts: ramble-hard
|
|
|
|
vars_files:
|
|
|
|
- ../vars.private
|
|
|
|
tasks:
|
|
|
|
|
|
|
|
- apt:
|
|
|
|
update_cache: yes
|
|
|
|
|
|
|
|
- package:
|
|
|
|
name:
|
|
|
|
- certbot
|
|
|
|
- nginx
|
|
|
|
|
|
|
|
- service:
|
|
|
|
name: nginx
|
|
|
|
state: stopped
|
|
|
|
|
|
|
|
- command: >
|
|
|
|
certbot certonly --standalone --preferred-challenges http
|
|
|
|
-n --agree-tos -m {{ lets_encrypt.email }}
|
|
|
|
-d {{ tld }}
|
|
|
|
vars:
|
|
|
|
tld: "{{ item.value['subdomain'] | default(item.key) }}.{{ domain }}"
|
|
|
|
loop: "{{ apps | dict2items }}"
|
|
|
|
|
|
|
|
- service:
|
|
|
|
name: nginx
|
|
|
|
state: started
|
|
|
|
|
|
|
|
- template:
|
|
|
|
src: renew-certs
|
|
|
|
dest: /etc/cron.daily/renew-certs
|
|
|
|
mode: +x
|
|
|
|
|
|
|
|
- name: Set up nginx proxies
|
|
|
|
hosts: ramble-hard
|
|
|
|
vars_files:
|
|
|
|
- ../vars.private
|
|
|
|
tasks:
|
|
|
|
|
|
|
|
- template:
|
|
|
|
src: nginx.conf
|
|
|
|
dest: /etc/nginx/sites-available/{{ item.key }}.conf
|
|
|
|
vars:
|
|
|
|
server_name: "{{ item.value['subdomain'] | default(item.key) }}.{{ domain }}"
|
|
|
|
port: "{{ item.value['port'] }}"
|
|
|
|
loop: "{{ apps | dict2items }}"
|
|
|
|
notify: Restart nginx
|
|
|
|
|
|
|
|
- file:
|
|
|
|
src: /etc/nginx/sites-available/{{ item.key }}.conf
|
|
|
|
dest: /etc/nginx/sites-enabled/{{ item.key }}.conf
|
|
|
|
state: link
|
|
|
|
loop: "{{ apps | dict2items }}"
|
|
|
|
notify: Restart nginx
|
|
|
|
|
|
|
|
handlers:
|
|
|
|
|
|
|
|
- name: Restart nginx
|
|
|
|
service:
|
|
|
|
name: nginx
|
|
|
|
state: restarted
|