-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathdeploy-nginx-test.yml
80 lines (70 loc) · 2.39 KB
/
deploy-nginx-test.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
---
- name: Deploy Nginx as a test instance
hosts: localhost
connection: local
become: true
tasks:
- name: Installing apt key for Docker repository
apt_key:
url: https://download.docker.com/linux/raspbian/gpg
state: present
- name: Adding official repository
apt_repository:
repo: deb [arch=armhf] https://download.docker.com/linux/raspbian bullseye stable
- name: Installing Docker Community Edition
apt:
name: docker-ce
state: latest
update_cache: true
# Docker Compose is needed later and it also pulls in dependencies that are
# needed for community.docker modules, so it is installed now even though
# docker-compose is not being used to deploy the Nginx test container.
- name: Installing Docker Compose
shell:
cmd: pip3 install docker-compose
- name: Deploying Nginx container
community.docker.docker_container:
image: nginx
name: nginx
hostname: nginx
state: started
restart: yes
restart_policy: unless-stopped
ports:
- 80:80
- 443:443
volumes:
- /etc/ssl:/etc/ssl
- name: Checking for host certificate
stat:
path: "/etc/ssl/certs/{{ ansible_hostname }}.{{ ansible_domain }}.crt"
register: host_cert
- name: Checking for host key
stat:
path: "/etc/ssl/private/{{ ansible_hostname }}.{{ ansible_domain }}.key"
register: host_key
- name: Creating an alternate default.conf with SSL enabled
copy:
dest: /tmp/default.conf
force: no
content: |
server {
listen 80;
listen 443 ssl;
server_name {{ ansible_hostname }}.{{ ansible_domain }};
ssl_certificate /etc/ssl/certs/{{ ansible_hostname }}.{{ ansible_domain }}.crt;
ssl_certificate_key /etc/ssl/private/{{ ansible_hostname }}.{{ ansible_domain }}.key;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
}
when: host_cert.stat.exists and host_key.stat.exists
- name: Copying alternate default.conf to Nginx container
shell:
cmd: docker cp /tmp/default.conf nginx:/etc/nginx/conf.d/default.conf
when: host_cert.stat.exists and host_key.stat.exists
- name: Reloading nginx configuration
shell:
cmd: docker exec nginx service nginx reload
when: host_cert.stat.exists and host_key.stat.exists