init

author: Elizabeth Hunt <elizabeth.hunt@simponic.xyz> 2024-05-01 01:33:35 -0700
committer: Elizabeth Hunt <elizabeth.hunt@simponic.xyz> 2024-05-01 01:33:35 -0700
commit: bbad09e2b15eeca86f83a9d2a97449baf71e326f (patch)
tree: 9d10c3ec94ae11a7cd28131bbcf5d553245006ec /playbooks/roles/nginx/tasks
download: mmt-infra-bbad09e2b15eeca86f83a9d2a97449baf71e326f.tar.gz
mmt-infra-bbad09e2b15eeca86f83a9d2a97449baf71e326f.zip
1 files changed, 44 insertions, 0 deletions
diff --git a/playbooks/roles/nginx/tasks/main.yml b/playbooks/roles/nginx/tasks/main.yml
new file mode 100644
index 0000000..b4cd6ed
--- /dev/null
+++ b/playbooks/roles/nginx/tasks/main.yml
@@ -0,0 +1,44 @@
+---
+
+- name: Allow http
+  community.general.ufw:
+    rule: allow
+    port: '80'
+    proto: tcp
+
+- name: Allow https
+  community.general.ufw:
+    rule: allow
+    port: '443'
+    proto: tcp
+  notify:
+    - Restart ufw
+
+- name: Install nginx
+  ansible.builtin.apt:
+    name: nginx
+    state: present
+  notify:
+    - Restart nginx
+
+- name: Download dhparams
+  ansible.builtin.get_url:
+    url: "{{ dh_params_src }}"
+    dest: /etc/nginx/dhparams.pem
+    mode: '0755'
+
+- name: Add system nginx config
+  ansible.builtin.copy:
+    src: nginx.conf
+    dest: /etc/nginx/nginx.conf
+    mode: '0755'
+
+- name: Copy nginx sites
+  ansible.builtin.template:
+    src: "{{ item }}"
+    dest: "/etc/nginx/sites-enabled/"
+    mode: '0755'
+  with_fileglob:
+    - "templates/{{ inventory_hostname }}/*.conf"
+  notify:
+    - Restart nginx
author	Elizabeth Hunt <elizabeth.hunt@simponic.xyz>	2024-05-01 01:33:35 -0700
committer	Elizabeth Hunt <elizabeth.hunt@simponic.xyz>	2024-05-01 01:33:35 -0700
commit	bbad09e2b15eeca86f83a9d2a97449baf71e326f (patch)
tree	9d10c3ec94ae11a7cd28131bbcf5d553245006ec /playbooks/roles/nginx/tasks
download	mmt-infra-bbad09e2b15eeca86f83a9d2a97449baf71e326f.tar.gz mmt-infra-bbad09e2b15eeca86f83a9d2a97449baf71e326f.zip