[irregular-apocalypse] nginx

pull/28/head
Alpha Chen 5 years ago
parent fed284254a
commit 3f32a21bca

@ -0,0 +1,24 @@
- hosts: all
become: yes
tasks:
- name: add the package repository key
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
- name: add the package repository
apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu bionic stable
state: present
filename: docker
- name: install Docker
apt:
name: "{{ item }}"
update_cache: yes
with_items:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-compose

@ -28,7 +28,9 @@
- dotfiles - dotfiles
- zsh - zsh
- import_playbook: docker.yml
- import_playbook: js.yml - import_playbook: js.yml
- import_playbook: nginx.yml
- hosts: all - hosts: all
tasks: tasks:

@ -0,0 +1,22 @@
server {
server_name irregular-apocalypse.kejadlen.dev;
# Redirect non-https traffic to https
if ($scheme != "https") {
return 301 https://$host$request_uri;
}
location /dev {
proxy_pass http://localhost:3000/;
}
listen 80; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/irregular-apocalypse.kejadlen.dev/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/irregular-apocalypse.kejadlen.dev/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

@ -0,0 +1,49 @@
- hosts: all
become: yes
tasks:
- name: install nginx
apt:
name: nginx
- name: install certbot
block:
- apt_repository:
repo: ppa:certbot/certbot
state: present
filename: certbot
- apt:
name: python-certbot-nginx
update_cache: yes
- name: setup nginx
copy:
src: nginx.conf
dest: /etc/nginx/conf.d/irregular-apocalypse.kejadlen.dev.conf
notify:
- reload nginx
- name: obtain the certificate
command: >-
certbot --nginx
-d irregular-apocalypse.kejadlen.dev
-m alpha+lets.encrypt@kejadlen.dev
--agree-tos
--non-interactive
args:
creates: /etc/letsencrypt/live/irregular-apocalypse.kejadlen.dev
notify:
- reload nginx
- name: automatically renew certs
cron:
name: renew certs
minute: 0
hour: 12
job: /usr/bin/certbot renew --quiet
handlers:
- name: reload nginx
block:
- command: nginx -t
- command: nginx -s reload
Loading…
Cancel
Save