Jake Howard
0dcc3f7c30
`nginx-mainline` requires modules be recompiled each time, and isn't handled automatically. It's still a very new and maintained release.
66 lines
1.3 KiB
YAML
66 lines
1.3 KiB
YAML
- name: Install nginx
|
|
package:
|
|
name: nginx
|
|
become: true
|
|
|
|
- name: Install nginx modules
|
|
package:
|
|
name: "{{ item }}"
|
|
loop:
|
|
- libnginx-mod-http-headers-more-filter
|
|
- libnginx-mod-http-brotli-filter
|
|
- libnginx-mod-stream
|
|
when: ansible_os_family != 'Archlinux'
|
|
become: true
|
|
|
|
- name: Install nginx modules (on Arch)
|
|
kewlfft.aur.aur:
|
|
name: "{{ item }}"
|
|
loop:
|
|
- nginx-mod-headers-more
|
|
- nginx-mod-brotli
|
|
when: ansible_os_family == 'Archlinux'
|
|
become: true
|
|
|
|
- name: Generate Diffie-Hellman parameters
|
|
community.crypto.openssl_dhparam:
|
|
path: /etc/nginx/dhparams.pem
|
|
become: true
|
|
|
|
- name: Create config directories
|
|
file:
|
|
path: /etc/nginx/{{ item }}
|
|
state: directory
|
|
mode: "0755"
|
|
loop:
|
|
- http.d
|
|
- stream.d
|
|
- includes
|
|
become: true
|
|
|
|
- name: Copy config files
|
|
template:
|
|
src: "{{ item }}"
|
|
dest: /etc/nginx/includes/{{ item | basename }}
|
|
mode: "0644"
|
|
with_fileglob: files/includes/*.conf
|
|
become: true
|
|
notify: reload nginx
|
|
|
|
- name: Install config
|
|
template:
|
|
src: files/nginx.conf
|
|
dest: /etc/nginx/nginx.conf
|
|
mode: "0644"
|
|
become: true
|
|
notify: reload nginx
|
|
|
|
- name: Install HTTPS redirect
|
|
template:
|
|
src: files/nginx-https-redirect.conf
|
|
dest: /etc/nginx/http.d/https-redirect.conf
|
|
mode: "0644"
|
|
become: true
|
|
notify: reload nginx
|
|
when: nginx_https_redirect
|