From fe75cf9ee43b6145d8762602d9dd2e2bb4165f52 Mon Sep 17 00:00:00 2001
From: Robert Kaussow <mail@geeklabor.de>
Date: Sun, 23 Feb 2020 16:49:35 +0100
Subject: [PATCH] copy tls certs before creating vhosts to avoid validation
 errors

---
 tasks/install.yml | 26 --------------------------
 tasks/main.yml    |  5 +++--
 tasks/vhost.yml   | 28 ++++++++++++++++++++++++++++
 3 files changed, 31 insertions(+), 28 deletions(-)
 create mode 100644 tasks/vhost.yml

diff --git a/tasks/install.yml b/tasks/install.yml
index c979a1b..ebf1b33 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -106,29 +106,3 @@
         mode: 0750
   become: True
   become_user: "{{ nginx_user }}"
-
-- block:
-    - name: Add vhost configurations
-      template:
-        src: etc/nginx/sites-available/vhost.j2
-        dest: "/etc/nginx/sites-available/{{ item.file }}"
-        owner: root
-        group: root
-        mode: 0640
-        validate: /bin/bash -c 'nginx -t -c /dev/stdin <<< "events {worker_connections 10;} http { include %s; }"'
-      loop: "{{ nginx_vhosts_default + nginx_vhosts_extra }}"
-      loop_control:
-        label: "{{ item.file }}"
-      notify: __nginx_reload
-
-    - name: Enable vhosts
-      file:
-        src: "/etc/nginx/sites-available/{{ item.file }}"
-        dest: "/etc/nginx/sites-enabled/{{ item.file }}"
-        state: "{{ 'link' if item.enabled | default(True) | bool else 'absent' }}"
-      loop: "{{ nginx_vhosts_default + nginx_vhosts_extra }}"
-      loop_control:
-        label: "{{ item.file }}"
-      notify: __nginx_reload
-  become: True
-  become_user: root
diff --git a/tasks/main.yml b/tasks/main.yml
index ce6a9cd..01a41fb 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,5 +1,6 @@
 ---
-- import_tasks: install.yml
+- include_tasks: install.yml
 - import_tasks: tls.yml
   tags: tls_renewal
-- import_tasks: post_tasks.yml
+- include_tasks: vhost.yml
+- include_tasks: post_tasks.yml
diff --git a/tasks/vhost.yml b/tasks/vhost.yml
new file mode 100644
index 0000000..f809716
--- /dev/null
+++ b/tasks/vhost.yml
@@ -0,0 +1,28 @@
+---
+
+
+- block:
+    - name: Add vhost configurations
+      template:
+        src: etc/nginx/sites-available/vhost.j2
+        dest: "/etc/nginx/sites-available/{{ item.file }}"
+        owner: root
+        group: root
+        mode: 0640
+        validate: /bin/bash -c 'nginx -t -c /dev/stdin <<< "events {worker_connections 10;} http { include %s; }"'
+      loop: "{{ nginx_vhosts_default + nginx_vhosts_extra }}"
+      loop_control:
+        label: "{{ item.file }}"
+      notify: __nginx_reload
+
+    - name: Enable vhosts
+      file:
+        src: "/etc/nginx/sites-available/{{ item.file }}"
+        dest: "/etc/nginx/sites-enabled/{{ item.file }}"
+        state: "{{ 'link' if item.enabled | default(True) | bool else 'absent' }}"
+      loop: "{{ nginx_vhosts_default + nginx_vhosts_extra }}"
+      loop_control:
+        label: "{{ item.file }}"
+      notify: __nginx_reload
+  become: True
+  become_user: root