2020-06-02 14:52:24 +02:00
|
|
|
---
|
|
|
|
- block:
|
|
|
|
- name: Create the snippets directory
|
|
|
|
file: dest={{ nginx_snippets_dir }} state=directory
|
|
|
|
|
|
|
|
- name: Create the pki directory
|
|
|
|
file: dest={{ pki_dir }}/nginx state=directory
|
|
|
|
|
|
|
|
- name: Create the client body tmp directory, if needed
|
|
|
|
file: dest={{ nginx_client_body_temp_dir }}/nginx state=directory owner=www-data group=www-data mode=0700
|
|
|
|
when: nginx_client_body_temp_dir is defined
|
|
|
|
|
|
|
|
- name: Create a dhparams file 2048 bits long
|
|
|
|
shell: openssl dhparam -out {{ pki_dir }}/nginx/dhparams.pem 2048
|
|
|
|
args:
|
|
|
|
creates: '{{ pki_dir }}/nginx/dhparams.pem'
|
|
|
|
when: nginx_ssl_level == 'intermediate'
|
|
|
|
notify: Reload nginx
|
|
|
|
|
|
|
|
- name: Install the supported configuration snippets
|
|
|
|
template: src={{ item }}.j2 dest=/etc/nginx/snippets/{{ item }} owner=root group=root mode=0444
|
|
|
|
with_items: '{{ nginx_conf_snippets }}'
|
|
|
|
notify: Reload nginx
|
|
|
|
|
2021-05-27 19:41:22 +02:00
|
|
|
- name: Create the modules- directories
|
|
|
|
file:
|
|
|
|
dest: '/etc/nginx/modules-{{ item }}'
|
|
|
|
state: directory
|
|
|
|
loop:
|
|
|
|
- available
|
|
|
|
- enabled
|
|
|
|
|
|
|
|
- name: Install the modules configurations
|
|
|
|
copy:
|
|
|
|
content: "load_module modules/{{ item.mod_name }};"
|
|
|
|
dest: /etc/nginx/modules-available/{{ item.pkg_name }}.conf
|
2021-05-29 12:01:21 +02:00
|
|
|
loop: '{{ nginx_org_modules }}'
|
2021-05-27 19:41:22 +02:00
|
|
|
when:
|
|
|
|
- item.enabled
|
2021-05-29 12:01:21 +02:00
|
|
|
- nginx_use_nginx_org_repo
|
2021-05-27 19:41:22 +02:00
|
|
|
|
|
|
|
- name: Enable the additional modules
|
|
|
|
file:
|
|
|
|
src: /etc/nginx/modules-available/{{ item.pkg_name }}.conf
|
|
|
|
dest: /etc/nginx/modules-enabled/{{ item.pkg_name }}.conf
|
|
|
|
state: link
|
|
|
|
when: item.enabled
|
2021-05-29 12:01:21 +02:00
|
|
|
loop: '{{ nginx_org_modules }}'
|
2021-05-27 19:41:22 +02:00
|
|
|
|
|
|
|
- name: Disable the additional modules that we do not want installed
|
|
|
|
file:
|
|
|
|
dest: /etc/nginx/modules-enabled/{{ item.pkg_name }}.conf
|
|
|
|
state: absent
|
|
|
|
when: not item.enabled
|
2021-05-29 12:01:21 +02:00
|
|
|
loop: '{{ nginx_org_modules }}'
|
2021-05-27 19:41:22 +02:00
|
|
|
|
|
|
|
- name: Remove the default configuration when using the nginx.com repository
|
|
|
|
file:
|
|
|
|
dest: /etc/nginx/conf.d/default.conf
|
|
|
|
state: absent
|
2021-05-29 12:01:21 +02:00
|
|
|
when: nginx_use_nginx_org_repo
|
2021-05-27 19:41:22 +02:00
|
|
|
|
2020-06-02 14:52:24 +02:00
|
|
|
- name: Install the main nginx.conf
|
|
|
|
template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf mode=444
|
|
|
|
notify: Reload nginx
|
|
|
|
|
|
|
|
- name: Remove the old configuration snippets
|
|
|
|
file: dest=/etc/nginx/conf.d/{{ item }} state=absent
|
|
|
|
with_items: '{{ nginx_old_snippets }}'
|
|
|
|
notify: Reload nginx
|
|
|
|
|
2020-06-09 14:44:21 +02:00
|
|
|
when: nginx_enabled
|
2020-06-02 14:52:24 +02:00
|
|
|
tags: [ 'nginx', 'nginx_conf', 'nginx_virtualhost' ]
|
|
|
|
|
|
|
|
- block:
|
|
|
|
- name: remove nginx default virtualhost
|
|
|
|
file: dest=/etc/nginx/sites-enabled/default state=absent
|
|
|
|
notify: Reload nginx
|
|
|
|
|
|
|
|
when:
|
2020-06-09 14:44:21 +02:00
|
|
|
- nginx_enabled
|
2020-06-02 14:52:24 +02:00
|
|
|
- ansible_distribution_file_variety == "Debian"
|
|
|
|
tags: [ 'nginx', 'nginx_conf', 'nginx_virtualhost' ]
|