# Pakete installieren - name: nginx installieren apt: pkg: "{{ item }}" update_cache: no state: installed with_items: - nginx - stat: path=/etc/ssl/fullchain.pem register: sslcert # nginx konfigurieren - name: Konfig-Datei default-init kopieren template: src=default-init.j2 dest=/etc/nginx/sites-available/default notify: restart nginx when: sslcert.stat.exists == False - name: Konfig-Datei graphite kopieren template: src=graphite-init.j2 dest=/etc/nginx/sites-available/graphite notify: restart nginx when: sslcert.stat.exists == False - name: Konfig-Datei graphite aktivieren file: src=/etc/nginx/sites-available/graphite dest=/etc/nginx/sites-enabled/graphite state=link notify: restart nginx - name: nginx restarten wenn initial meta: flush_handlers when: sslcert.stat.exists == False - name: Letsencrypt-Zertifikat beantragen und installieren shell: cd /usr/src && if [ ! -e simp_le ]; then git clone https://github.com/zenhack/simp_le ; fi && cd simp_le && ./bootstrap.sh && if [ ! -e venv/bin/python ]; then ./venv.sh; fi && export PATH=/usr/src/simp_le/venv/bin:$PATH && cd /etc/ssl && simp_le --email {{freifunk.email}} -f account_key.json -f key.pem -f fullchain.pem -d {{bind_zonemaster.server}}:/var/www/html -d graphite.{{freifunk.domain}}:/var/www/html notify: restart nginx when: sslcert.stat.exists == False - name: Konfig-Datei default kopieren template: src=default.j2 dest=/etc/nginx/sites-available/default notify: restart nginx - name: Konfig-Datei graphite kopieren template: src=graphite.j2 dest=/etc/nginx/sites-available/graphite notify: restart nginx - name: index.html kopieren template: src=index.html.j2 dest=/var/www/html/index.html - name: Cronjob für Zertifikatserneuerung cron: name="simp_le" weekday="2" hour="20" minute="0" job="cd /etc/ssl && PATH=/usr/src/simp_le/venv/bin:/usr/sbin:/usr/bin:/sbin:/bin simp_le --email {{freifunk.email}} -f account_key.json -f key.pem -f fullchain.pem -d {{bind_zonemaster.server}}:/var/www/html -d graphite.{{freifunk.domain}}:/var/www/html && systemctl reload nginx"