mirror of
https://github.com/luzifer-ansible/nginx-letsencrypt.git
synced 2024-11-08 21:30:00 +00:00
61 lines
1.9 KiB
YAML
61 lines
1.9 KiB
YAML
---
|
|
|
|
- name: Install nginx package
|
|
apt:
|
|
name: nginx
|
|
cache_valid_time: 86400
|
|
|
|
- name: Ensure nginx service is disabled and stopped
|
|
systemd:
|
|
name: nginx
|
|
enabled: false
|
|
state: stopped
|
|
|
|
- name: Get current nginx-letsencrypt version
|
|
shell: "/usr/local/bin/nginx-letsencrypt --version || true"
|
|
check_mode: no
|
|
register: nginx_letsencrypt_version_cmd
|
|
|
|
- name: Download nginx-letsencrypt release
|
|
get_url:
|
|
url: "https://github.com/Luzifer/nginx-letsencrypt/releases/download/{{ nginx_letsencrypt_version }}/nginx-letsencrypt_linux_amd64"
|
|
dest: /usr/local/bin/nginx-letsencrypt
|
|
force: true
|
|
mode: 0755
|
|
when: nginx_letsencrypt_version not in nginx_letsencrypt_version_cmd.stdout
|
|
register: nginx_letsencrypt_binary
|
|
|
|
- name: Install modified nginx config
|
|
template:
|
|
src: nginx.conf.j2
|
|
dest: /etc/nginx/nginx.conf
|
|
|
|
- name: Install system.d service
|
|
copy:
|
|
content: |
|
|
[Unit]
|
|
Description=nginx wrapper with LetsEncrypt certificate management
|
|
After=network-online.target
|
|
Requires=network-online.target
|
|
|
|
[Service]
|
|
Restart=always
|
|
ExecStart=/usr/local/bin/nginx-letsencrypt \
|
|
--email {{ nginx_letsencrypt_email }} \
|
|
--nginx-config /etc/nginx/nginx.conf \
|
|
--storage-dir {{ nginx_letsencrypt_storage_dir }} \
|
|
--log-level {{ nginx_letsencrypt_log_level }} \
|
|
--buffer {{ nginx_letsencrypt_buffer }} \
|
|
--listen-http :{{ nginx_letsencrypt_port }}
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
dest: /etc/systemd/system/nginx-letsencrypt.service
|
|
register: nginx_letsencrypt_service
|
|
|
|
- name: Restart and enable nginx-letsencrypt service
|
|
systemd:
|
|
name: nginx-letsencrypt
|
|
enabled: true
|
|
state: restarted
|
|
when: nginx_letsencrypt_binary.changed or nginx_letsencrypt_service.changed
|