| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 |
- ---
- # tasks file for ffdo.mapserver-nginx
- - name: Ensure nginx is installed
- apt: name=nginx state=present
- - name: Install openssl to generate DH params
- apt: name=openssl state=present
- - name: Ensure nginx ssl directory exists
- file: dest=/etc/nginx/ssl/ state=directory
- - name: Create private ssl key from secret var
- copy: content="{{ mapserver_ssl_private_key }}" dest="{{mapserver_ssl_key_path}}"
- notify:
- - Restart nginx
- - name: Create nginx server certificate from secret var
- copy: content="{{ mapserver_ssl_server_cert }}" dest="{{mapserver_ssl_cert_path}}"
- notify:
- - Restart nginx
- - name: Deploy pregenerated DH params
- when: mapserver_use_pregenerated_dh_params
- copy: content="{{mapserver_dh_params}}" dest=/etc/nginx/dhparams.pem
- notify:
- - Restart nginx
- - name: Generate strong dhparams
- when: not mapserver_use_pregenerated_dh_params
- shell: openssl dhparam -out /etc/nginx/dhparams.pem 4096 creates=/etc/nginx/dhparams.pem
- notify:
- - Restart nginx
- - name: Install nginx configs
- template:
- src: "{{item.src}}"
- dest: "{{item.dest}}"
- with_items:
- - src: nginx-default.conf.j2
- dest: /etc/nginx/sites-available/default
- - src: nginx-wiki.conf.j2
- dest: /etc/nginx/sites-available/wiki
- notify:
- - Restart nginx
- - name: Ensure nginx is started and enabled
- service: name=nginx state=started enabled=yes
|
