Changeset - 8e342caa159a
Parent rev.
Child rev.
[Not reviewed]
0 1 0
x - 17 months ago 2023-12-14 22:19:30
xbr@c3l.lu
fix: install dhparam for nginx snippets
1 file changed with 8 insertions and 0 deletions:
web/tasks/base_website_setup.yml
8
0 comments (0 inline, 0 general)
web/tasks/base_website_setup.yml
Show inline comments
 
---
 
- name: Install nginx
 
  ansible.builtin.apt:
 
    name: nginx
 
    state: present
 
  become: true
 
- name: Copy snippets
 
  ansible.builtin.copy:
 
    src: "{{ server_config_dir }}/nginx/snippets/"
 
    dest: "/etc/nginx/snippets/"
 
    owner: root
 
    group: root
 
    mode: "0644"
 
  become: true
 
- name: Install dhparam
 
  ansible.builtin.copy:
 
    src: "{{ server_config_dir }}/nginx/dhparam.pem"
 
    dest: "/etc/nginx/dhparam.pem"
 
    owner: root
 
    group: root
 
    mode: "0644"
 
  become: true
 
- name: Change default config
 
  ansible.builtin.copy:
 
    src: "{{ server_config_dir }}/nginx/configs/default"
 
    dest: "/etc/nginx/sites-available/default"
 
    owner: root
 
    group: root
 
    mode: "0644"
 
  become: true
 
- name: Install bogus certificate + group (snakeoil tls)
 
  ansible.builtin.apt:
 
    name: ssl-cert
 
    state: present
 
  become: true
 
- name: Enable + Restart nginx
 
  ansible.builtin.service:
 
    name: nginx
 
    state: reloaded
 
    enabled: true
 
  become: true
 
- name: Make sure acme.sh is installed
 
  ansible.builtin.include_tasks:
 
    file: "{{ ansible_repo_dir }}/web/tasks/install_acme_sh.yml"
 
- name: Issue certificate for domains
 
  ansible.builtin.include_tasks:
0 comments (0 inline, 0 general)
Server instance: saturn-2941165 This site is powered by Kallithea, which is © 2010–2021 by various authors & licensed under GPLv3. – Support