-
Christian Elberfeld authoredChristian Elberfeld authored
main.yml 1.54 KiB
# Pakete installieren
- name: nginx installieren
apt:
name: "{{ packages }}"
update_cache: yes
state: present
vars:
packages:
- nginx-light
- libnginx-mod-http-lua
- ca-certificates
- openssl
- certbot
- git
# DH Parameter geneieriern
- name: check if DH Params exists
stat:
path: /etc/nginx/dhparams.pem
register: dhparams
- name: generate new DH Params
command: openssl dhparam -out /etc/nginx/dhparams.pem 2048
when: dhparams.stat.exists == False
# NginX einrichten
- name: nginx default Konfig entfernen
file:
path: /etc/nginx/sites-enabled/default
state: absent
# LetsEncrypt Script erstellen
- name: LetsEncrypt Script erstellen
template: src=letsencrypt.sh dest=/opt/letsencrypt.sh mode=o+x
notify: restart nginx
- name: Cronjob für Zertifikatserneuerung
cron: name="letsencrypt" weekday="*" hour="6" minute="0" job="/opt/letsencrypt.sh"
# nginx konfigurieren
- include: config_site.yml
with_items:
- "{{ webserver_domains }}"
- name: Konfig-Datei matrix erstellen
template: src=nginx-matrix dest=/etc/nginx/sites-enabled/matrix
notify: restart nginx
- name: Konfig-Datei status erstellen
template: src=nginx-status dest=/etc/nginx/sites-enabled/status
notify: restart nginx
# telegraf konfigurieren
- name: Konfig-Datei status erstellen
template: src=telegraf.conf dest=/etc/telegraf/telegraf.d/nginx.conf
notify: restart telegraf
- name: adding existing user 'telegraf' to group adm
user: