Alan Orth
41547defb9
Everything is TLS now (whether self-signed or not), so it's pointless to distinguish. Signed-off-by: Alan Orth <alan.orth@gmail.com>
52 lines
1.4 KiB
YAML
52 lines
1.4 KiB
YAML
---
|
|
- name: Add nginx.org apt signing key
|
|
apt_key: url=http://nginx.org/keys/nginx_signing.key state=present
|
|
tags: nginx
|
|
|
|
- name: Add nginx.org repo
|
|
template: src=nginx_org_sources.list.j2 dest=/etc/apt/sources.list.d/nginx_org_sources.list owner=root group=root mode=0644
|
|
tags: nginx
|
|
|
|
- name: Install nginx
|
|
apt: pkg=nginx update_cache=yes state=latest
|
|
tags: nginx
|
|
|
|
- name: Copy nginx configs
|
|
copy: src={{ item }} dest=/etc/nginx/{{ item }} mode=0644 owner=root group=root
|
|
with_items:
|
|
- extra-security.conf
|
|
- fastcgi_cache
|
|
- nginx.conf
|
|
notify:
|
|
- reload nginx
|
|
tags: nginx
|
|
|
|
- name: Remove default nginx vhost
|
|
file: path=/etc/nginx/conf.d/default.conf state=absent
|
|
tags: nginx
|
|
|
|
- name: Create fastcgi cache dir
|
|
file: path=/var/cache/nginx/cached/fastcgi state=directory owner=nginx group=nginx mode=0755
|
|
|
|
- include: vhosts.yml
|
|
when: nginx_vhosts is defined
|
|
tags: nginx
|
|
|
|
- name: Configure blank nginx vhost
|
|
template: src=blank-vhost.conf.j2 dest={{ nginx_confd_path }}/blank-vhost.conf mode=0644 owner=root group=root
|
|
notify:
|
|
- reload nginx
|
|
tags: nginx
|
|
|
|
- name: Configure munin vhost
|
|
copy: src=munin.conf dest=/etc/nginx/conf.d/munin.conf mode=0644 owner=root group=root
|
|
notify:
|
|
- reload nginx
|
|
tags: nginx
|
|
|
|
- name: Start & enable nginx service
|
|
service: name=nginx state=started enabled=yes
|
|
tags: nginx
|
|
|
|
# vim: set ts=2 sw=2:
|