Something went wrong on our end
-
Nicolas KAROLAK authoredNicolas KAROLAK authored
main.yml 1.59 KiB
---
- name: nginx install
apt:
force_apt_get: true
install_recommends: false
name: "{{ nginx_packages }}"
state: present
- name: nginx remove default vhost
notify: restart nginx
loop:
- /etc/nginx/sites-enabled/default
- /etc/nginx/sites-enabled/default.conf
file:
path: "{{ item }}"
state: absent
- name: nginx check old ssl conf exists
register: nginx_old_ssl_conf
stat:
path: /etc/nginx/conf.d/ssl.conf
- name: nginx migrate old ssl certificate conf
when: nginx_old_ssl_conf.stat.exists
notify: restart nginx
loop:
- grep ssl_certificate /etc/nginx/conf.d/ssl.conf > /etc/nginx/conf.d/ssl_certificate.conf
- mv /etc/nginx/conf.d/ssl.conf /etc/nginx/conf.d/ssl.conf.old
command:
cmd: "{{ item }}"
- name: nginx check ssl cert conf exists
register: nginx_ssl_cert_conf
stat:
path: /etc/nginx/conf.d/ssl_certificate.conf
- name: nginx update ssl certificate conf
when:
- nginx_ssl_cert_conf.stat.exists
- nginx_ssl_certificate != "/etc/ssl/certs/ssl-cert-snakeoil.pem"
notify: restart nginx
lineinfile:
path: /etc/nginx/conf.d/ssl_certificate.conf
regexp: 'ssl_certificate\s+([\w/\-\_\.]+);'
line: 'ssl_certificate {{ nginx_ssl_certificate }};'
- name: nginx update ssl certificate key conf
when:
- nginx_ssl_cert_conf.stat.exists
- nginx_ssl_certificate_key != "/etc/ssl/private/ssl-cert-snakeoil.key"
notify: restart nginx
lineinfile:
path: /etc/nginx/conf.d/ssl_certificate.conf
regexp: 'ssl_certificate_key\s+([\w/\-\_\.]+);'
line: 'ssl_certificate_key {{ nginx_ssl_certificate_key }};'
...