infrastructure/ansible/roles/nginx/tasks/main.yml
Jake Howard c8211d4756
Some checks failed
/ terraform (push) Successful in 1m3s
/ ansible (push) Failing after 1m53s
Use Debian repo version of nginx
It's older, and doesn't have `stream` compiled in, but the repo one can't link to any of the installed modules, which is a non-starter.
2024-01-04 14:17:36 +00:00

65 lines
1.4 KiB
YAML

- name: Install nginx
package:
name: "{{ 'nginx-mainline' if ansible_os_family == 'Archlinux' else 'nginx' }}"
become: true
- name: Install nginx modules
package:
name: "{{ item }}"
loop:
- libnginx-mod-http-headers-more-filter
- libnginx-mod-http-brotli-filter
- libnginx-mod-stream
when: ansible_os_family != 'Archlinux'
become: true
- name: Install nginx modules (on Arch)
kewlfft.aur.aur:
name: "{{ item }}"
loop:
- nginx-mainline-mod-headers-more
- nginx-mainline-mod-brotli
when: ansible_os_family == 'Archlinux'
become: true
- name: Generate Diffie-Hellman parameters
community.crypto.openssl_dhparam:
path: /etc/nginx/dhparams.pem
become: true
- name: Create config directories
file:
path: /etc/nginx/{{ item }}
state: directory
mode: "0755"
loop:
- http.d
- stream.d
- includes
become: true
- name: Copy config files
template:
src: "{{ item }}"
dest: /etc/nginx/includes/{{ item | basename }}
mode: "0644"
with_fileglob: files/includes/*.conf
become: true
notify: reload nginx
- name: Install config
template:
src: files/nginx.conf
dest: /etc/nginx/nginx.conf
mode: "0644"
become: true
notify: reload nginx
- name: Install HTTPS redirect
template:
src: files/nginx-https-redirect.conf
dest: /etc/nginx/http.d/https-redirect.conf
mode: "0644"
become: true
notify: reload nginx
when: nginx_https_redirect