homelab/roles/nginx/tasks/main.yml

57 lines
1.8 KiB
YAML
Raw Normal View History

2021-05-14 20:45:51 +00:00
# If self_signed = true, in nginx/files: generate root CA (if regenereate_root_ca = true),
# and sign a wildcard certificate. Copy certificates to /etc/ssl/.
2021-04-26 20:35:59 +00:00
- name: ensure directories exist
file:
path: "{{ item }}"
state: directory
mode: '0755'
loop:
2021-05-14 20:45:51 +00:00
- "{{ data_folder }}/nginx"
- "{{ data_folder }}/nginx/conf.d"
- "{{ data_folder }}/nginx/sites-enabled"
- "{{ data_folder }}/nginx/sites-available"
- "{{ data_folder }}/nginx/snippets"
- name: generate self-signed certs
2021-05-05 18:41:28 +00:00
import_tasks: self-signed.yml
when: self_signed
- name: create external bridge network
docker_network:
name: external
attachable: true
internal: false
state: present
2021-05-14 20:45:51 +00:00
- name: copy nginx.conf
template:
src: nginx.conf.j2
dest: "{{ data_folder }}/nginx/nginx.conf"
mode: '0755'
- name: copy snippets
template:
src: "{{ item }}"
dest: "{{ data_folder }}/nginx/snippets/{{ item | basename | regex_replace('.j2$', '') }}"
mode: '0755'
with_fileglob:
- "../templates/snippets/*.conf.j2"
2021-04-26 20:35:59 +00:00
- name: run container
docker_container:
name: 'nginx'
image: nginx
networks:
- name: external
volumes:
2021-05-14 20:45:51 +00:00
- "{{ data_folder }}/nginx/conf.d:/etc/nginx/conf.d"
2021-04-26 20:35:59 +00:00
- "{{ data_folder }}/nginx/nginx.conf:/etc/nginx/nginx.conf"
2021-05-14 20:45:51 +00:00
- "{{ data_folder }}/nginx/sites-available:/etc/nginx/sites-available"
- "{{ data_folder }}/nginx/sites-enabled:/etc/nginx/sites-enabled"
- "{{ data_folder }}/nginx/snippets:/etc/nginx/snippets"
- "{{ data_folder }}/nginx/{{ base_domain }}.key:/etc/ssl/{{ base_domain }}.key"
- "{{ data_folder }}/nginx/{{ base_domain }}.crt:/etc/ssl/{{ base_domain }}.crt"
ports:
- "80:80"
2021-04-26 21:54:10 +00:00
- "443:443"
env:
NGINX_HOST: "{{ base_domain }}"
NGINX_PORT: '80'
state: started
restart: yes