From bbad09e2b15eeca86f83a9d2a97449baf71e326f Mon Sep 17 00:00:00 2001
From: Elizabeth Hunt <elizabeth.hunt@simponic.xyz>
Date: Wed, 1 May 2024 01:33:35 -0700
Subject: init

---
 playbooks/roles/nginx/tasks/main.yml | 44 ++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 playbooks/roles/nginx/tasks/main.yml

(limited to 'playbooks/roles/nginx/tasks')

diff --git a/playbooks/roles/nginx/tasks/main.yml b/playbooks/roles/nginx/tasks/main.yml
new file mode 100644
index 0000000..b4cd6ed
--- /dev/null
+++ b/playbooks/roles/nginx/tasks/main.yml
@@ -0,0 +1,44 @@
+---
+
+- name: Allow http
+  community.general.ufw:
+    rule: allow
+    port: '80'
+    proto: tcp
+
+- name: Allow https
+  community.general.ufw:
+    rule: allow
+    port: '443'
+    proto: tcp
+  notify:
+    - Restart ufw
+
+- name: Install nginx
+  ansible.builtin.apt:
+    name: nginx
+    state: present
+  notify:
+    - Restart nginx
+
+- name: Download dhparams
+  ansible.builtin.get_url:
+    url: "{{ dh_params_src }}"
+    dest: /etc/nginx/dhparams.pem
+    mode: '0755'
+
+- name: Add system nginx config
+  ansible.builtin.copy:
+    src: nginx.conf
+    dest: /etc/nginx/nginx.conf
+    mode: '0755'
+
+- name: Copy nginx sites
+  ansible.builtin.template:
+    src: "{{ item }}"
+    dest: "/etc/nginx/sites-enabled/"
+    mode: '0755'
+  with_fileglob:
+    - "templates/{{ inventory_hostname }}/*.conf"
+  notify:
+    - Restart nginx
-- 
cgit v1.2.3-70-g09d2