blob: 424c86a0d49d0e73974a8aa66ec2c17e62a29356 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
---
- name: ensure certificate exists (fake it, until you make it)
when: "'acme' in nginx_vhost and nginx_vhost.acme"
import_role:
name: x509/acmetool/cert/prepare
vars:
acmetool_cert_name: "{{ nginx_vhost.name }}"
acmetool_cert_hostnames: "{{ nginx_vhost.hostnames }}"
- name: install nginx configs from template
when: "'template' in nginx_vhost"
template:
src: "{{ nginx_vhost.template }}.conf.j2"
dest: "/etc/nginx/sites-available/{{ nginx_vhost.name }}"
mode: "{{ nginx_vhost.mode | default(omit) }}"
notify: reload nginx
- name: install nginx configs from config data
when: "'content' in nginx_vhost"
copy:
content: "{{ nginx_vhost.content }}"
dest: "/etc/nginx/sites-available/{{ nginx_vhost.name }}"
mode: "{{ nginx_vhost.mode | default(omit) }}"
notify: reload nginx
- name: enable vhost config
file:
src: "../sites-available/{{ nginx_vhost.name }}"
dest: "/etc/nginx/sites-enabled/{{ nginx_vhost.name }}"
state: link
notify: reload nginx
- name: generate acme certificate
when: "'acme' in nginx_vhost and nginx_vhost.acme"
block:
- name: make sure nginx config has been (re)loaded
meta: flush_handlers
- name: actually request the certificate
import_role:
name: x509/acmetool/cert/finalize
vars:
acmetool_cert_name: "{{ nginx_vhost.name }}"
acmetool_cert_hostnames: "{{ nginx_vhost.hostnames }}"
|