ansible.roles/nginx.role
1
0
Fork 0
Code Issues Pull requests Releases Activity Actions
nginx.role/tasks/main.yml
sujiba 3bfbd3f7f9 first commit
2024-09-17 00:47:41 +02:00

84 lines
2.1 KiB
YAML
Raw Blame History

---
# tasks file for nginx
- name: Install nginx
ansible.builtin.apt:
name: nginx
state: present
notify: Start and enable nginx
- name: Remove default from sites-enabled
ansible.builtin.file:
path: /etc/nginx/sites-enabled/default
state: absent
- name: Comment ssl_protocols out in nginx.conf, is defined in security.conf
ansible.builtin.replace:
path: /etc/nginx/nginx.conf
regexp: '^(\s*ssl_protocols)'
replace: '#\1'
- name: Second time, because of emptyline ¯\_(ツ)_/¯
ansible.builtin.replace:
path: /etc/nginx/nginx.conf
regexp: '^(\s*ssl_protocols)'
replace: '#\1'
- name: Comment ssl_prefer_server_ciphers out in nginx.conf, is defined in security.conf
ansible.builtin.replace:
path: /etc/nginx/nginx.conf
regexp: '^(\s*ssl_prefer_server_ciphers)'
replace: '#\1'
- name: Create security.conf
ansible.builtin.template:
src: templates/security.conf.j2
dest: /etc/nginx/conf.d/security.conf
owner: root
group: root
mode: '0644'
notify: Reload nginx
- name: Create proxy_params
ansible.builtin.template:
src: templates/proxy_params.j2
dest: /etc/nginx/proxy_params
owner: root
group: root
mode: '0644'
notify: Reload nginx
- name: Create ws_params
ansible.builtin.template:
src: templates/ws_params.j2
dest: /etc/nginx/ws_params
owner: root
group: root
mode: '0644'
notify: Reload nginx
- name: Configure http redirect
ansible.builtin.template:
src: templates/http_redirect.conf.j2
dest: /etc/nginx/conf.d/http_redirect.conf
owner: root
group: root
mode: '0644'
notify: Reload nginx
- name: Configure reverse proxies
ansible.builtin.template:
src: templates/reverse_proxy.conf.j2
dest: /etc/nginx/sites-available/{{ item.key }}.conf
owner: root
group: root
mode: '0644'
loop: "{{ reverse_proxies | dict2items }}"
notify: Reload nginx
- name: Create a symbolic link
ansible.builtin.file:
src: /etc/nginx/sites-available/{{ item.key }}.conf
dest: /etc/nginx/sites-enabled/{{ item.key }}.conf
state: link
loop: "{{ reverse_proxies | dict2items }}"
notify: Reload nginx
Reference in a new issue View git blame Copy permalink