43 lines
961 B
YAML
43 lines
961 B
YAML
|
- name: Enable community package repo
|
||
|
|
lineinfile:
|
||
|
|
path: /etc/apk/repositories
|
||
|
|
regexp: '^# *(http.*/v[^/]*/community)'
|
||
|
|
line: '\1'
|
||
|
|
backrefs: yes
|
||
|
|
|
||
|
|
- name: Install packages
|
||
|
|
package:
|
||
|
|
name: certbot,nginx
|
||
|
|
|
||
|
|
- name: Create HTTP server directories
|
||
|
|
file:
|
||
|
|
path: /srv/http/.well-known
|
||
|
|
recurse: true
|
||
|
|
state: directory
|
||
|
|
owner: nginx
|
||
|
|
group: nginx
|
||
|
|
|
||
|
|
- name: Set up default HTTP server
|
||
|
|
copy:
|
||
|
|
dest: /etc/nginx/http.d
|
||
|
|
src: default.conf
|
||
|
|
|
||
|
|
- name: Enable nginx service
|
||
|
|
service:
|
||
|
|
name: nginx
|
||
|
|
enabled: true
|
||
|
|
state: started
|
||
|
|
|
||
|
|
- name: Get LE certificate
|
||
|
|
command:
|
||
|
|
cmd: certbot certonly --non-interactive --agree-tos --register-unsafely-without-email --webroot --webroot-path /srv/http -d doku.fri.uni-lj.si
|
||
|
|
creates: '/etc/letsencrypt/renewal/doku.fri.uni-lj.si.conf'
|
||
|
|
|
||
|
|
- name: Enable certbot renewal
|
||
|
|
cron:
|
||
|
|
name: "certbot renew"
|
||
|
|
job: "certbot renew --quiet"
|
||
|
|
user: root
|
||
|
|
hour: "2,14"
|
||
|
|
minute: "18"
|