infra/playbooks/roles/nginx/tasks/main.yml

---

- name: Allow http
  community.general.ufw:
    rule: allow
    port: '80'
    proto: tcp

- name: Allow https
  community.general.ufw:
    rule: allow
    port: '443'
    proto: tcp
  notify:
    - Restart ufw

- name: Install nginx
  ansible.builtin.apt:
    name: nginx
    state: present
  notify:
    - Restart nginx

- name: Download dhparams
  ansible.builtin.get_url:
    url: "{{ dh_params_src }}"
    dest: /etc/nginx/dhparams.pem
    mode: '0755'

- name: Add system nginx config
  ansible.builtin.copy:
    src: nginx.conf
    dest: /etc/nginx/nginx.conf
    mode: '0755'

- name: Copy nginx sites
  ansible.builtin.template:
    src: "{{ item }}"
    dest: "/etc/nginx/sites-enabled/"
    mode: '0755'
  with_fileglob:
    - "templates/{{ inventory_hostname }}/*.conf"
  notify:
    - Restart nginx
add nginx role 2024-03-18 17:49:43 -04:00			`---`

			`- name: Allow http`
			`community.general.ufw:`
			`rule: allow`
			`port: '80'`
			`proto: tcp`

			`- name: Allow https`
			`community.general.ufw:`
			`rule: allow`
			`port: '443'`
			`proto: tcp`
			`notify:`
			`- Restart ufw`

			`- name: Install nginx`
			`ansible.builtin.apt:`
			`name: nginx`
			`state: present`
			`notify:`
			`- Restart nginx`

			`- name: Download dhparams`
			`ansible.builtin.get_url:`
			`url: "{{ dh_params_src }}"`
			`dest: /etc/nginx/dhparams.pem`
			`mode: '0755'`

			`- name: Add system nginx config`
			`ansible.builtin.copy:`
			`src: nginx.conf`
			`dest: /etc/nginx/nginx.conf`
			`mode: '0755'`

			`- name: Copy nginx sites`
			`ansible.builtin.template:`
			`src: "{{ item }}"`
			`dest: "/etc/nginx/sites-enabled/"`
			`mode: '0755'`
			`with_fileglob:`
			`- "templates/{{ inventory_hostname }}/*.conf"`
			`notify:`
			`- Restart nginx`