mirror of
https://gitlab.crans.org/bde/nk20
synced 2024-12-22 23:42:25 +00:00
Certbot and Nginx disappeared in Ansible conf
This commit is contained in:
parent
b63fa19644
commit
a64dc9ffc2
21
ansible/roles/4-certbot/tasks/main.yml
Normal file
21
ansible/roles/4-certbot/tasks/main.yml
Normal file
@ -0,0 +1,21 @@
|
||||
---
|
||||
- name: Install basic APT packages
|
||||
apt:
|
||||
update_cache: true
|
||||
name:
|
||||
- certbot
|
||||
- python3-certbot-nginx
|
||||
register: pkg_result
|
||||
retries: 3
|
||||
until: pkg_result is succeeded
|
||||
|
||||
- name: Create /etc/letsencrypt/conf.d
|
||||
file:
|
||||
path: /etc/letsencrypt/conf.d
|
||||
state: directory
|
||||
|
||||
- name: Add Certbot configuration
|
||||
template:
|
||||
src: "letsencrypt/conf.d/nk20.ini.j2"
|
||||
dest: "/etc/letsencrypt/conf.d/nk20.ini"
|
||||
mode: 0644
|
@ -0,0 +1,20 @@
|
||||
{{ ansible_managed | comment }}
|
||||
|
||||
# To generate the certificate, please use the following command
|
||||
# certbot --config /etc/letsencrypt/conf.d/nk20.ini certonly
|
||||
|
||||
# Use a 4096 bit RSA key instead of 2048
|
||||
rsa-key-size = 4096
|
||||
|
||||
# Always use the staging/testing server
|
||||
# server = https://acme-staging.api.letsencrypt.org/directory
|
||||
|
||||
# Uncomment and update to register with the specified e-mail address
|
||||
email = notekfet2020@lists.crans.org
|
||||
|
||||
# Uncomment to use a text interface instead of ncurses
|
||||
text = True
|
||||
|
||||
# Use DNS-01 challenge
|
||||
authenticator = nginx
|
||||
|
44
ansible/roles/5-nginx/tasks/main.yml
Normal file
44
ansible/roles/5-nginx/tasks/main.yml
Normal file
@ -0,0 +1,44 @@
|
||||
---
|
||||
- name: Install NGINX
|
||||
apt:
|
||||
name: nginx
|
||||
register: pkg_result
|
||||
retries: 3
|
||||
until: pkg_result is succeeded
|
||||
|
||||
- name: Copy conf of Nginx
|
||||
template:
|
||||
src: "nginx_note.conf"
|
||||
dest: /etc/nginx/sites-available/nginx_note.conf
|
||||
mode: 0644
|
||||
owner: www-data
|
||||
group: www-data
|
||||
|
||||
- name: Enable Nginx site
|
||||
file:
|
||||
src: /etc/nginx/sites-available/nginx_note.conf
|
||||
dest: /etc/nginx/sites-enabled/nginx_note.conf
|
||||
owner: www-data
|
||||
group: www-data
|
||||
state: link
|
||||
|
||||
- name: Disable default Nginx site
|
||||
file:
|
||||
dest: /etc/nginx/sites-enabled/default
|
||||
state: absent
|
||||
|
||||
- name: Copy conf of UWSGI
|
||||
file:
|
||||
src: /var/www/note_kfet/uwsgi_note.ini
|
||||
dest: /etc/uwsgi/apps-enabled/uwsgi_note.ini
|
||||
state: link
|
||||
|
||||
- name: Reload Nginx
|
||||
systemd:
|
||||
name: nginx
|
||||
state: reloaded
|
||||
|
||||
- name: Restart UWSGI
|
||||
systemd:
|
||||
name: uwsgi
|
||||
state: restarted
|
Loading…
Reference in New Issue
Block a user