62 lines
1.4 KiB
YAML
62 lines
1.4 KiB
YAML
- block:
|
|
- name: Copy tls certificate
|
|
copy:
|
|
content: "{{ nginx_tls_cert }}"
|
|
dest: "{{ nginx_tls_cert_file }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify:
|
|
- nginx_reload
|
|
|
|
- name: Copy ssl intermediate cert
|
|
copy:
|
|
content: "{{ nginx_tls_intermediate_ca }}"
|
|
dest: "{{ nginx_tls_intermediate_ca_file }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify:
|
|
- nginx_reload
|
|
|
|
- name: Copy tls private key
|
|
copy:
|
|
content: "{{ nginx_tls_private_key }}"
|
|
dest: "{{ nginx_tls_private_key_file }}"
|
|
owner: root
|
|
group: root
|
|
mode: 0600
|
|
notify:
|
|
- nginx_reload
|
|
become: True
|
|
become_user: root
|
|
when: nginx_tls_enabled
|
|
|
|
- block:
|
|
- name: Register dhparam file
|
|
stat:
|
|
path: "{{ nginx_dhparam_file }}"
|
|
register: dh_file
|
|
|
|
- name: Generate Diffie-Hellman parameter file
|
|
shell: "/usr/bin/openssl dhparam -out '{{ nginx_dhparam_file }}' {{ nginx_dhparam_size }}"
|
|
async: 3600
|
|
poll: 60
|
|
when: not dh_file.stat.exists
|
|
notify:
|
|
- nginx_reload
|
|
become: True
|
|
become_user: root
|
|
when: nginx_pfs_enabled
|
|
|
|
- block:
|
|
- name: Add default page
|
|
template:
|
|
src: 'var/www/vhosts/default/index.html.j2'
|
|
dest: '/var/www/vhosts/default/index.html'
|
|
owner: nginx
|
|
group: nginx
|
|
mode: 0750
|
|
become: True
|
|
become_user: nginx
|