2017-12-23 00:13:53 -06:00
|
|
|
---
|
|
|
|
|
- hosts: all
|
|
|
|
|
|
|
|
|
|
vars:
|
|
|
|
|
# Firewall settings.
|
|
|
|
|
firewall_allowed_tcp_ports:
|
|
|
|
|
- "22"
|
|
|
|
|
- "80"
|
|
|
|
|
- "443"
|
|
|
|
|
|
|
|
|
|
# Python settings.
|
|
|
|
|
pip_package: python3-pip
|
|
|
|
|
pip_install_packages: ['pyopenssl']
|
|
|
|
|
|
|
|
|
|
# Nginx settings.
|
|
|
|
|
nginx_vhosts: []
|
|
|
|
|
nginx_remove_default_vhost: True
|
|
|
|
|
nginx_ppa_use: True
|
|
|
|
|
nginx_ppa_version: stable
|
|
|
|
|
nginx_docroot: /var/www/html
|
|
|
|
|
|
|
|
|
|
# Self-signed certificate settings.
|
|
|
|
|
certificate_dir: /etc/letsencrypt/live
|
|
|
|
|
server_hostname: https.test
|
|
|
|
|
|
2017-12-23 12:30:21 -06:00
|
|
|
pre_tasks:
|
|
|
|
|
- name: Ensure apt cache is updated.
|
|
|
|
|
apt: update_cache=yes cache_valid_time=600
|
|
|
|
|
|
2017-12-23 00:13:53 -06:00
|
|
|
roles:
|
|
|
|
|
- geerlingguy.firewall
|
|
|
|
|
- geerlingguy.pip
|
|
|
|
|
- geerlingguy.nginx
|
|
|
|
|
|
|
|
|
|
tasks:
|
|
|
|
|
- import_tasks: tasks/self-signed-cert.yml
|
|
|
|
|
|
|
|
|
|
- name: Ensure docroot exists.
|
|
|
|
|
file:
|
|
|
|
|
path: "{{ nginx_docroot }}"
|
|
|
|
|
state: directory
|
|
|
|
|
|
|
|
|
|
- name: Copy example index.html file in place.
|
|
|
|
|
copy:
|
|
|
|
|
src: files/index.html
|
|
|
|
|
dest: "{{ nginx_docroot }}/index.html"
|
|
|
|
|
mode: 0755
|
|
|
|
|
|
|
|
|
|
- name: Copy Nginx server configuration in place.
|
|
|
|
|
template:
|
|
|
|
|
src: templates/https.test.conf.j2
|
|
|
|
|
dest: /etc/nginx/sites-enabled/https.test.conf
|
|
|
|
|
mode: 0644
|
|
|
|
|
notify: restart nginx
|
