ansible.roles/nginx.role
1
0
Fork 0
Code Issues Pull requests Releases Activity Actions
nginx.role/tasks/main.yml
sujiba c6db4b1a17 feat: added new server token
2025-01-05 01:08:19 +01:00

86 lines
2.2 KiB
YAML
Raw Blame History

---
# tasks file for nginx
- name: Install nginx
ansible.builtin.apt:
name:
- nginx
- libnginx-mod-http-headers-more-filter
state: present
notify: Start and enable nginx
- name: Remove default from sites-enabled
ansible.builtin.file:
path: /etc/nginx/sites-enabled/default
state: absent
- name: Comment out ssl_protocols in nginx.conf, it is defined in security.conf
ansible.builtin.replace:
path: /etc/nginx/nginx.conf
regexp: '^(\s*ssl_protocols)'
replace: '#\1'
- name: Second time, because of emptyline ¯\_(ツ)_/¯
ansible.builtin.replace:
path: /etc/nginx/nginx.conf
regexp: '^(\s*ssl_protocols)'
replace: '#\1'
- name: Comment out ssl_prefer_server_ciphers in nginx.conf, it is defined in security.conf
ansible.builtin.replace:
path: /etc/nginx/nginx.conf
regexp: '^(\s*ssl_prefer_server_ciphers)'
replace: '#\1'
- name: Create security.conf
ansible.builtin.template:
src: templates/security.conf.j2
dest: /etc/nginx/conf.d/security.conf
owner: root
group: root
mode: '0644'
notify: Reload nginx
- name: Create proxy_params
ansible.builtin.template:
src: templates/proxy_params.j2
dest: /etc/nginx/proxy_params
owner: root
group: root
mode: '0644'
notify: Reload nginx
- name: Create ws_params
ansible.builtin.template:
src: templates/ws_params.j2
dest: /etc/nginx/ws_params
owner: root
group: root
mode: '0644'
notify: Reload nginx
- name: Configure http redirect
ansible.builtin.template:
src: templates/http_redirect.conf.j2
dest: /etc/nginx/conf.d/http_redirect.conf
owner: root
group: root
mode: '0644'
notify: Reload nginx
- name: Configure reverse proxies
ansible.builtin.template:
src: templates/reverse_proxy.conf.j2
dest: /etc/nginx/sites-available/{{ item.key }}.conf
owner: root
group: root
mode: '0644'
loop: "{{ reverse_proxies | dict2items }}"
notify: Reload nginx
- name: Create a symbolic link
ansible.builtin.file:
src: /etc/nginx/sites-available/{{ item.key }}.conf
dest: /etc/nginx/sites-enabled/{{ item.key }}.conf
state: link
loop: "{{ reverse_proxies | dict2items }}"
notify: Reload nginx
Reference in a new issue View git blame Copy permalink