init

2025-12-23 19:18:39 -07:00
commit 5282bdcf6d
20 changed files with 430 additions and 0 deletions
--- a/ansible/roles/nginx/tasks/main.yaml
+++ b/ansible/roles/nginx/tasks/main.yaml
@@ -0,0 +1,57 @@
+- name: Install nginx
+  package:
+    name: nginx
+    state: latest
+
+- name: Install nginx.conf
+  template:
+    src: templates/nginx.conf.j2
+    dest: /etc/nginx/nginx.conf
+    owner: nginx
+    group: nginx
+    mode: '0644'
+  notify: Restart nginx
+
+- name: Create nginx ssl directory
+  file:
+    path: /etc/nginx/ssl
+    state: directory
+    mode: '0755'
+
+- name: Generate dhparams
+  command:
+    cmd: openssl dhparam -out /etc/nginx/ssl/dhparam.pem 4096
+    creates: /etc/nginx/ssl/dhparam.pem
+  notify: Restart nginx
+
+- name: Start and enable nginx
+  service:
+    name: nginx
+    state: started
+    enabled: true
+
+- name: Permanently enable http service
+  ansible.posix.firewalld:
+    service: http
+    state: enabled
+    permanent: true
+    immediate: true
+    offline: true
+
+- name: Permanently enable https service
+  ansible.posix.firewalld:
+    service: https
+    state: enabled
+    permanent: true
+    immediate: true
+    offline: true
+
+- name: Create nginx vhosts
+  template:
+    src: templates/vhost.conf.j2
+    dest: /etc/nginx/conf.d/{{ inventory_hostname }}.conf
+    owner: nginx
+    group: nginx
+    mode: '0644'
+  notify: Restart nginx
+