You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
44 lines
1.0 KiB
44 lines
1.0 KiB
- name: Update all packages to their latest version
|
|
apt:
|
|
name: "*"
|
|
state: latest
|
|
update_cache: yes
|
|
|
|
- name: Install packages for webserver support
|
|
apt:
|
|
name: [
|
|
'nginx',
|
|
'rsync', # for letsencrypt-cert-push
|
|
]
|
|
state: present
|
|
|
|
- name: "Install /etc/nginx/sites-available/default"
|
|
template:
|
|
src: "{{ role_path }}/templates/default.j2"
|
|
dest: "/etc/nginx/sites-available/default"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: Restart nginx
|
|
|
|
- name: Generate /etc/nginx/ssl-dhparams.pem
|
|
shell: openssl dhparam -out /etc/nginx/ssl-dhparams.pem 4096
|
|
args:
|
|
creates: /etc/nginx/ssl-dhparams.pem
|
|
|
|
- name: Start & enable nginx
|
|
service:
|
|
name: nginx
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: Get public key contents
|
|
set_fact:
|
|
public_key: "{{ lookup('file', inventory_dir + '/files/ssh/id_rsa.pub' ) }}"
|
|
|
|
- name: "Install ssh public key for builder/certbot"
|
|
lineinfile:
|
|
path: "/root/.ssh/authorized_keys"
|
|
line: "{{ public_key }}"
|
|
search_string: "{{ public_key }}"
|
|
state: present
|
|
|