---
- name: Add nginx.org apt signing key
  apt_key: id=0x573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62 url=https://nginx.org/keys/nginx_signing.key state=present
  register: add_nginx_apt_key
  tags: nginx, packages

- name: Add nginx.org repo
  template: src=nginx_org_sources.list.j2 dest=/etc/apt/sources.list.d/nginx_org_sources.list owner=root group=root mode=0644
  register: add_nginx_apt_repository
  tags: nginx, packages

- name: Update apt cache
  apt:
    update_cache: yes
  when:
    add_nginx_apt_key is changed or
    add_nginx_apt_repository is changed

- name: Install nginx
  apt: pkg=nginx cache_valid_time=3600 state=present
  tags: nginx, packages

- name: Copy nginx.conf
  template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf mode=0644 owner=root group=root
  notify:
    - reload nginx
  tags: nginx

- name: Copy extra nginx configs
  copy: src={{ item }} dest=/etc/nginx/{{ item }} mode=0644 owner=root group=root
  loop:
    - extra-security.conf
    - fastcgi_cache
  notify:
    - reload nginx
  tags: nginx

- name: Remove default nginx vhost
  file: path=/etc/nginx/conf.d/default.conf state=absent
  tags: nginx

- name: Create fastcgi cache dir
  file: path=/var/cache/nginx/cached/fastcgi state=directory owner=nginx group=nginx mode=0755
  tags: nginx

- name: Configure nginx virtual hosts
  include_tasks: vhosts.yml
  when: nginx_vhosts is defined
  tags: nginx

- name: Configure WordPress
  include_tasks: wordpress.yml
  when: nginx_vhosts is defined
  tags: wordpress

- name: Configure blank nginx vhost
  template: src=blank-vhost.conf.j2 dest={{ nginx_confd_path }}/blank-vhost.conf  mode=0644 owner=root group=root
  notify:
    - reload nginx
  tags: nginx

- name: Configure munin vhost
  copy: src=munin.conf dest=/etc/nginx/conf.d/munin.conf mode=0644 owner=root group=root
  notify:
    - reload nginx
  tags: nginx

- name: Start and enable nginx service
  systemd: name=nginx state=started enabled=yes
  tags: nginx

- name: Configure Let's Encrypt
  include_tasks: letsencrypt.yml
  tags: letsencrypt

# vim: set ts=2 sw=2: