2023-12-16 17:47:04 +00:00
|
|
|
- name: Install nginx
|
|
|
|
import_role:
|
|
|
|
name: nginxinc.nginx
|
|
|
|
when: ansible_os_family != 'Archlinux'
|
|
|
|
become: true
|
|
|
|
|
2023-12-16 18:03:01 +00:00
|
|
|
- name: Install nginx (mainline) on Arch
|
2023-12-16 17:47:04 +00:00
|
|
|
package:
|
2023-12-16 18:03:01 +00:00
|
|
|
name: nginx-mainline
|
2023-12-16 17:47:04 +00:00
|
|
|
when: ansible_os_family == 'Archlinux'
|
|
|
|
become: true
|
|
|
|
|
2023-12-20 22:35:11 +00:00
|
|
|
- name: Install nginx modules
|
2023-12-16 21:57:19 +00:00
|
|
|
package:
|
2023-12-20 22:35:11 +00:00
|
|
|
name: "{{ item }}"
|
|
|
|
loop:
|
|
|
|
- libnginx-mod-http-headers-more-filter
|
|
|
|
- libnginx-mod-http-brotli-filter
|
2023-12-17 18:12:33 +00:00
|
|
|
when: ansible_os_family != 'Archlinux'
|
|
|
|
become: true
|
|
|
|
|
2023-12-20 22:35:11 +00:00
|
|
|
- name: Install nginx modules (on Arch)
|
2023-12-17 18:12:33 +00:00
|
|
|
kewlfft.aur.aur:
|
2023-12-20 22:35:11 +00:00
|
|
|
name: "{{ item }}"
|
|
|
|
loop:
|
|
|
|
- nginx-mainline-mod-headers-more
|
|
|
|
- nginx-mainline-mod-brotli
|
2023-12-17 18:12:33 +00:00
|
|
|
when: ansible_os_family == 'Archlinux'
|
|
|
|
become: true
|
|
|
|
|
2023-12-20 22:29:42 +00:00
|
|
|
- name: Generate Diffie-Hellman parameters
|
|
|
|
community.crypto.openssl_dhparam:
|
|
|
|
path: /etc/nginx/dhparams.pem
|
2023-12-24 19:39:13 +00:00
|
|
|
become: true
|
2023-12-20 22:29:42 +00:00
|
|
|
|
2023-12-16 17:47:04 +00:00
|
|
|
- name: Create config directories
|
|
|
|
file:
|
|
|
|
path: /etc/nginx/{{ item }}
|
|
|
|
state: directory
|
|
|
|
mode: "0755"
|
|
|
|
loop:
|
|
|
|
- http.d
|
|
|
|
- stream.d
|
2023-12-20 22:29:42 +00:00
|
|
|
- includes
|
2023-12-16 17:47:04 +00:00
|
|
|
become: true
|
|
|
|
|
2023-12-21 14:58:04 +00:00
|
|
|
- name: Copy config files
|
2023-12-16 17:47:04 +00:00
|
|
|
template:
|
2023-12-21 14:58:04 +00:00
|
|
|
src: "{{ item }}"
|
2023-12-21 16:13:32 +00:00
|
|
|
dest: /etc/nginx/includes/{{ item | basename }}
|
2023-12-16 17:47:04 +00:00
|
|
|
mode: "0644"
|
2023-12-21 16:13:32 +00:00
|
|
|
with_fileglob: files/includes/*.conf
|
2023-12-16 17:47:04 +00:00
|
|
|
become: true
|
|
|
|
notify: reload nginx
|
|
|
|
|
2023-12-21 14:58:04 +00:00
|
|
|
- name: Install config
|
2023-12-20 22:29:42 +00:00
|
|
|
template:
|
2023-12-21 14:58:04 +00:00
|
|
|
src: files/nginx.conf
|
|
|
|
dest: /etc/nginx/nginx.conf
|
2023-12-20 22:29:42 +00:00
|
|
|
mode: "0644"
|
|
|
|
become: true
|
|
|
|
notify: reload nginx
|
|
|
|
|
2023-12-16 17:47:04 +00:00
|
|
|
- name: Install HTTPS redirect
|
|
|
|
template:
|
|
|
|
src: files/nginx-https-redirect.conf
|
|
|
|
dest: /etc/nginx/http.d/https-redirect.conf
|
|
|
|
mode: "0644"
|
|
|
|
become: true
|
|
|
|
notify: reload nginx
|
2023-12-16 18:13:49 +00:00
|
|
|
when: nginx_https_redirect
|