infra/playbooks/alpha/nginx/main.yml

42 lines
1.1 KiB
YAML
Raw Normal View History

# This playbook just installs nginx so that it is ready to configure
# we don't bother with extra user accounts like with Beta because we
# are only concerned with using nginx to serve fully containerized
# applications. Not static files
---
- hosts: alpha
become: yes
vars:
SITES:
- search.project-athens.xyz
- files.leftcoast.space
- clips.shockrah.xyz
tasks:
- name: Install Certbot
community.general.snap:
name: certbot
classic: yes
- name: Push Configs
copy:
src: "{{item}}"
dest: "/etc/nginx/sites-available/{{item}}"
loop: "{{ SITES }}"
- name: Enable Sites in Nginx
file:
src: "/etc/nginx/sites-available/{{item}}"
dest: "/etc/nginx/sites-enabled/{{item}}"
state: link
loop: "{{ SITES }}"
- name: Restart Nginx
service:
name: nginx
state: restarted
- name: Install Certificates for all sites on this host
command: >
certbot -n --nginx -m "{{CERT_EMAIL}}" --agree-tos
--domains "{{item}}"
loop: "{{ SITES }}"