49 lines
1.2 KiB
YAML
49 lines
1.2 KiB
YAML
|
|
# This playbook just installs nginx so that it is ready to configure
|
|
# we don't bother with extra user accounts like with Beta because we
|
|
# are only concerned with using nginx to serve fully containerized
|
|
# applications. Not static files
|
|
---
|
|
- hosts: atlas
|
|
become: yes
|
|
vars:
|
|
CERT_EMAIL: "dev@shockrah.xyz"
|
|
SITES:
|
|
- search.project-athens.xyz
|
|
- files.leftcoast.space
|
|
- clips.shockrah.xyz
|
|
tasks:
|
|
- name: Install nginx
|
|
apt:
|
|
name: nginx
|
|
state: latest
|
|
|
|
- name: Install Certbot
|
|
community.general.snap:
|
|
name: certbot
|
|
classic: yes
|
|
|
|
- name: Push Configs
|
|
copy:
|
|
src: "{{ '../nginx-plain-conf/' ~ item }}"
|
|
dest: "{{ '/etc/nginx/sites-available/' ~ item }}"
|
|
loop: "{{ SITES }}"
|
|
|
|
- name: Enable Sites in Nginx
|
|
file:
|
|
src: "/etc/nginx/sites-available/{{item}}"
|
|
dest: "/etc/nginx/sites-enabled/{{item}}"
|
|
state: link
|
|
loop: "{{ SITES }}"
|
|
|
|
- name: Restart Nginx
|
|
service:
|
|
name: nginx
|
|
state: restarted
|
|
|
|
- name: Install Certificates for all sites on this host
|
|
command: >
|
|
certbot -n --nginx -m "{{ CERT_EMAIL }}" --agree-tos
|
|
--domains "{{item}}"
|
|
loop: "{{ SITES }}"
|