62 lines
1.7 KiB
YAML
62 lines
1.7 KiB
YAML
---
|
|
|
|
- name: Install packages
|
|
apt:
|
|
name:
|
|
- docker.io
|
|
- docker-compose
|
|
|
|
- name: Create searxng group
|
|
group: name=searxng
|
|
|
|
- name: Create searxng user
|
|
user:
|
|
name: searxng
|
|
home: /opt/searxng
|
|
shell: /bin/bash
|
|
group: searxng
|
|
groups: docker
|
|
|
|
- name: Configure searxng container
|
|
template: src=docker-compose.yml.j2 dest=/opt/searxng/docker-compose.yml
|
|
notify: Restart searxng
|
|
|
|
- name: Ensure certificates are available
|
|
command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ searxng_domain }}.key -out /etc/nginx/ssl/{{ searxng_domain }}.crt -days 730 -subj "/CN={{ searxng_domain }}" creates=/etc/nginx/ssl/{{ searxng_domain }}.crt
|
|
notify: Restart nginx
|
|
|
|
- name: Configure certificate manager for searxng
|
|
template: src=certs.j2 dest=/etc/acertmgr/{{ searxng_domain }}.conf
|
|
notify: Run acertmgr
|
|
|
|
- name: Configure vhost
|
|
template: src=vhost.j2 dest=/etc/nginx/sites-available/searxng
|
|
notify: Restart nginx
|
|
|
|
- name: Enable vhost
|
|
file: src=/etc/nginx/sites-available/searxng dest=/etc/nginx/sites-enabled/searxng state=link
|
|
notify: Restart nginx
|
|
|
|
# TODO config files inside /opt/searxng/searxng
|
|
|
|
- name: Systemd unit for searxng
|
|
template: src=searxng.service.j2 dest=/etc/systemd/system/searxng.service
|
|
notify:
|
|
- Reload systemd
|
|
- Restart searxng
|
|
|
|
- name: Systemd unit for searxng-reload
|
|
template: src=searxng-reload.{{ item }}.j2 dest=/etc/systemd/system/searxng-reload.{{ item }}
|
|
with_items:
|
|
- "service"
|
|
- "timer"
|
|
notify:
|
|
- Reload systemd
|
|
- Restart searxng-reload
|
|
|
|
- name: Start the searxng service
|
|
service: name=searxng state=started enabled=yes
|
|
|
|
- name: Enable auto update timer
|
|
service: name=searxng-reload.timer state=started enabled=yes
|