ffdo-infrastruktur
/
ffdo-ansible-l2tp
mirror of https://github.com/ffdo/ffdo-ansible-l2tp.git


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950
							# Pakete installieren
- name: nginx installieren
  apt:
    pkg: "{{ item }}"
    update_cache: no
    state: installed
  with_items:
    - nginx

- stat: path=/etc/ssl/fullchain.pem
  register: sslcert

# nginx konfigurieren
- name: Konfig-Datei default-init kopieren
  template: src=default-init.j2 dest=/etc/nginx/sites-available/default
  notify: restart nginx
  when: sslcert.stat.exists == False

- name: Konfig-Datei graphite kopieren
  template: src=graphite-init.j2 dest=/etc/nginx/sites-available/graphite
  notify: restart nginx
  when: sslcert.stat.exists == False

- name: Konfig-Datei graphite aktivieren
  file: src=/etc/nginx/sites-available/graphite dest=/etc/nginx/sites-enabled/graphite state=link
  notify: restart nginx

- name: nginx restarten wenn initial
  meta: flush_handlers
  when: sslcert.stat.exists == False

- name: Letsencrypt-Zertifikat beantragen und installieren
  shell: cd /usr/src && if [ ! -e simp_le ]; then git clone https://github.com/zenhack/simp_le ; fi && cd simp_le && ./bootstrap.sh && if [ ! -e venv/bin/python ]; then ./venv.sh; fi && export PATH=/usr/src/simp_le/venv/bin:$PATH && cd /etc/ssl && simp_le --email {{freifunk.email}} -f account_key.json -f key.pem -f fullchain.pem -d {{bind_zonemaster.server}}:/var/www/html -d graphite.{{freifunk.domain}}:/var/www/html
  notify: restart nginx
  when: sslcert.stat.exists == False

- name: Konfig-Datei default kopieren
  template: src=default.j2 dest=/etc/nginx/sites-available/default
  notify: restart nginx

- name: Konfig-Datei graphite kopieren
  template: src=graphite.j2 dest=/etc/nginx/sites-available/graphite
  notify: restart nginx

- name: index.html kopieren
  template: src=index.html.j2 dest=/var/www/html/index.html

- name: Cronjob für Zertifikatserneuerung
  cron: name="simp_le" weekday="2" hour="20" minute="0" job="cd /etc/ssl && PATH=/usr/src/simp_le/venv/bin:/usr/sbin:/usr/bin:/sbin:/bin simp_le --email {{freifunk.email}} -f account_key.json -f key.pem -f fullchain.pem -d {{bind_zonemaster.server}}:/var/www/html -d graphite.{{freifunk.domain}}:/var/www/html && systemctl reload nginx"