58 lines
1.1 KiB
YAML
58 lines
1.1 KiB
YAML
- name: Install nginx
|
|
package:
|
|
name: nginx
|
|
state: latest
|
|
|
|
- name: Install nginx.conf
|
|
template:
|
|
src: templates/nginx.conf.j2
|
|
dest: /etc/nginx/nginx.conf
|
|
owner: nginx
|
|
group: nginx
|
|
mode: '0644'
|
|
notify: Restart nginx
|
|
|
|
- name: Create nginx ssl directory
|
|
file:
|
|
path: /etc/nginx/ssl
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Generate dhparams
|
|
command:
|
|
cmd: openssl dhparam -out /etc/nginx/ssl/dhparam.pem 4096
|
|
creates: /etc/nginx/ssl/dhparam.pem
|
|
notify: Restart nginx
|
|
|
|
- name: Start and enable nginx
|
|
service:
|
|
name: nginx
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: Permanently enable http service
|
|
ansible.posix.firewalld:
|
|
service: http
|
|
state: enabled
|
|
permanent: true
|
|
immediate: true
|
|
offline: true
|
|
|
|
- name: Permanently enable https service
|
|
ansible.posix.firewalld:
|
|
service: https
|
|
state: enabled
|
|
permanent: true
|
|
immediate: true
|
|
offline: true
|
|
|
|
- name: Create nginx vhosts
|
|
template:
|
|
src: templates/vhost.conf.j2
|
|
dest: /etc/nginx/conf.d/{{ inventory_hostname }}.conf
|
|
owner: nginx
|
|
group: nginx
|
|
mode: '0644'
|
|
notify: Restart nginx
|
|
|