ctucx.git: ansible-configs

My personal ansible roles and playbooks [deprecated in favor of nixos]

path: /roles/nginx/tasks/configure.yml 2.10 KB | plain
1 
2 
3 
4 
5 
6 
7 
8 
9 
10 
11 
12 
13 
14 
15 
16 
17 
18 
19 
20 
21 
22 
23 
24 
25 
26 
27 
28 
29 
30 
31 
32 
33 
34 
35 
36 
37 
38 
39 
40 
41 
42 
43 
44 
45 
46 
47 
48 
49 
50 
51 
52 
53 
54 
55 
56 
57 
58 
59 
60 
61 
62 
63 
64 
65 
66 
67 
68 
69 
70 
71 
---

- name: adding user nginx to group acme-redirect
  user:
    name: "{{ services.nginx.user | default('http') }}"
    groups: acme-redirect
    append: yes
  when: 
    - services.acme_redirect.enable is true

- name: "Remove file: /etc/nginx/conf.d/default.conf"
  file:
    path: /etc/nginx/conf.d/default.conf
    state: absent

- name: Download dh-params from mozilla to /etc/nginx/dhparam
  get_url:
    url: https://ssl-config.mozilla.org/ffdhe2048.txt
    dest: /etc/nginx/dhparam
    owner: "{{ services.nginx.user | default('http') }}"
    group: "{{ services.nginx.group | default('http') }}"
  notify: "Restart nginx"

- name: "Create file: /etc/nginx/nginx.conf"
  template:
    src: nginx.conf.j2
    dest: /etc/nginx/nginx.conf
    owner: "{{ services.nginx.user | default('http') }}"
    group: "{{ services.nginx.group | default('http') }}"
  notify: "Restart nginx"

- name: "Create file: /etc/nginx/ssl.conf"
  copy:
    src: ssl_settings.conf
    dest: /etc/nginx/ssl.conf
    owner: "{{ services.nginx.user | default('http') }}"
    group: "{{ services.nginx.group | default('http') }}"
  notify: "Restart nginx"

- name: "Create file: /etc/nginx/proxy.conf"
  copy:
    src: proxy_settings.conf
    dest: /etc/nginx/proxy.conf
    owner: "{{ services.nginx.user | default('http') }}"
    group: "{{ services.nginx.group | default('http') }}"
    mode: 0755
  notify: "Restart nginx"

- name: "Create file: /etc/nginx/php_fastcgi_params"
  copy:
    src: php_fastcgi_params
    dest: /etc/nginx/php_fastcgi_params
    owner: "{{ services.nginx.user | default('http') }}"
    group: "{{ services.nginx.group | default('http') }}"
    mode: 0755
  notify: "Restart nginx"

- name: "Create directory: /etc/nginx/passwd"
  file:
    path:  /etc/nginx/passwd
    state: directory
    owner: "{{ services.nginx.user | default('http') }}"
    group: "{{ services.nginx.group | default('http') }}"
    mode:  0700

- name: "Create directory: /etc/nginx/conf.d"
  file:
    path: /etc/nginx/conf.d
    state: directory
    owner: "{{ services.nginx.user | default('http') }}"
    group: "{{ services.nginx.group | default('http') }}"