70 lines
1.8 KiB
YAML
70 lines
1.8 KiB
YAML
- name: "Ensure nginx is installed"
|
|
ansible.builtin.apt:
|
|
name:
|
|
- nginx-full
|
|
- ssl-cert
|
|
state: present
|
|
notify: "restart nginx"
|
|
|
|
- name: "Ensure dhparams are present"
|
|
ansible.builtin.copy:
|
|
dest: "{{ nginx_ssl_dhparam_path }}"
|
|
content: "{{ nginx_ssl_dhparam }}"
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
|
|
- name: "Template nginx config"
|
|
ansible.builtin.template:
|
|
src: nginx.conf.j2
|
|
dest: /etc/nginx/nginx.conf
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
# validate: 'nginx -t -c %s'
|
|
notify: "reload nginx"
|
|
|
|
- name: "Ensure default site is not activated"
|
|
ansible.builtin.file:
|
|
path: /etc/nginx/sites-enabled/default
|
|
state: absent
|
|
when: not nginx_keep_default_site
|
|
notify: "reload nginx"
|
|
|
|
- name: "Ensure vhost configs are present"
|
|
ansible.builtin.template:
|
|
src: vhost.conf.j2
|
|
dest: /etc/nginx/sites-available/{{ item.name }}.conf
|
|
mode: '0640'
|
|
owner: root
|
|
group: root
|
|
loop: "{{ nginx_vhosts | default([]) }}"
|
|
notify: "reload nginx"
|
|
|
|
- name: "Ensure vhosts are activated"
|
|
ansible.builtin.file:
|
|
src: /etc/nginx/sites-available/{{ item.name }}.conf
|
|
dest: /etc/nginx/sites-enabled/{{ item.name }}.conf
|
|
state: link
|
|
when: item.enabled | default(true)
|
|
loop: "{{ nginx_vhosts | default([]) }}"
|
|
notify: "reload nginx"
|
|
|
|
- name: "Ensure disabled vhosts are cleaned up"
|
|
ansible.builtin.file:
|
|
path: /etc/nginx/sites-enabled/{{ item.name }}.conf
|
|
state: absent
|
|
when: item.enabled is defined and not item.enabled
|
|
loop: "{{ nginx_vhosts | default([]) }}"
|
|
notify: "reload nginx"
|
|
|
|
- name: Ensure nginx is enabled and started if requested
|
|
ansible.builtin.systemd:
|
|
name: nginx
|
|
enabled: "{{ nginx_service_enabled }}"
|
|
state: "{{ nginx_service_state }}"
|
|
|
|
- name: Validate nginx configuration
|
|
ansible.builtin.command: nginx -t
|
|
changed_when: false
|