Skip to content
Snippets Groups Projects
main.yml 1.54 KiB
# Pakete installieren
- name: nginx installieren
  apt:
    name: "{{ packages }}"
    update_cache: yes
    state: present
  vars:
    packages:
    - nginx-light
    - libnginx-mod-http-lua
    - ca-certificates 
    - openssl
    - certbot
    - git


# DH Parameter geneieriern 

- name: check if DH Params exists 
  stat:
    path: /etc/nginx/dhparams.pem
  register: dhparams

- name: generate new DH Params 
  command: openssl dhparam -out /etc/nginx/dhparams.pem 2048
  when: dhparams.stat.exists == False 


# NginX einrichten 

- name: nginx default Konfig entfernen 
  file: 
    path: /etc/nginx/sites-enabled/default 
    state: absent


# LetsEncrypt Script erstellen 

- name: LetsEncrypt Script erstellen 
  template: src=letsencrypt.sh dest=/opt/letsencrypt.sh mode=o+x
  notify: restart nginx

- name: Cronjob für Zertifikatserneuerung
  cron: name="letsencrypt" weekday="*" hour="6" minute="0" job="/opt/letsencrypt.sh"


# nginx konfigurieren 

- include: config_site.yml
  with_items:
    - "{{ webserver_domains }}"
 

- name: Konfig-Datei matrix erstellen
  template: src=nginx-matrix dest=/etc/nginx/sites-enabled/matrix
  notify: restart nginx

- name: Konfig-Datei status erstellen
  template: src=nginx-status dest=/etc/nginx/sites-enabled/status
  notify: restart nginx


# telegraf konfigurieren 

- name: Konfig-Datei status erstellen
  template: src=telegraf.conf dest=/etc/telegraf/telegraf.d/nginx.conf
  notify: restart telegraf 
  
- name: adding existing user 'telegraf' to group adm
  user: