forked from infra/ansible
50 lines
1.3 KiB
YAML
50 lines
1.3 KiB
YAML
---
|
|
|
|
- name: Install packages
|
|
apt:
|
|
name:
|
|
- docker-compose
|
|
|
|
- name: Create 23b group
|
|
group: name=23b
|
|
|
|
- name: Create 23b user
|
|
user:
|
|
name: 23b
|
|
home: /opt/23b
|
|
shell: /bin/bash
|
|
group: 23b
|
|
groups: docker
|
|
|
|
# docker-compolse.yml is managed outside ansible
|
|
|
|
- name: Ensure certificates are available
|
|
command: openssl req -x509 -nodes -newkey rsa:2048 -keyout /etc/nginx/ssl/{{ bk23b_domain }}.key -out /etc/nginx/ssl/{{ bk23b_domain }}.crt -days 730 -subj "/CN={{ bk23b_domain }}" creates=/etc/nginx/ssl/{{ bk23b_domain }}.crt
|
|
notify: Restart nginx
|
|
|
|
- name: Configure certificate manager for 23b
|
|
template: src=certs.j2 dest=/etc/acertmgr/{{ bk23b_domain }}.conf
|
|
notify: Run acertmgr
|
|
|
|
- name: Configure vhost
|
|
template: src=vhost.j2 dest=/etc/nginx/sites-available/23b
|
|
notify: Restart nginx
|
|
|
|
- name: Enable vhost
|
|
file: src=/etc/nginx/sites-available/23b dest=/etc/nginx/sites-enabled/23b state=link
|
|
notify: Restart nginx
|
|
|
|
#- name: Systemd unit for 23b
|
|
# template: src=23b.service.j2 dest=/etc/systemd/system/23b.service
|
|
# notify:
|
|
# - Reload systemd
|
|
# - Restart 23b
|
|
#
|
|
#- name: Start the 23b service
|
|
# service: name=23b state=started enabled=yes
|
|
|
|
- name: Enable monitoring
|
|
include_role: name=icinga-monitor tasks_from=http
|
|
vars:
|
|
vhost: "{{ bk23b_domain }}"
|