servers/roles/nginx/tasks/main.yml
Timotej Lazar 6f1c6dd122 nginx: support certificates for multiple domains
Uses `tls_domains` config context property from NetBox.
2024-11-15 12:12:54 +01:00

45 lines
1,022 B
YAML

- name: Install packages
package:
name:
- certbot
- nginx
- name: Create HTTP server directories
file:
path: /srv/http/.well-known
recurse: true
state: directory
owner: nginx
group: nginx
- name: Set up default HTTP server
copy:
dest: /etc/nginx/http.d
src: default.conf
notify: reload nginx
- name: Enable nginx service
service:
name: nginx
enabled: true
state: started
- name: Get LE certificate
command:
cmd: certbot certonly --non-interactive --agree-tos --register-unsafely-without-email --webroot --webroot-path /srv/http -d {{ ([dns_name] + tls_domains|default([])) | join(',') }}
creates: '/etc/letsencrypt/renewal/{{ dns_name }}.conf'
- name: Install certificate renewal deployment hook
copy:
dest: /etc/letsencrypt/renewal-hooks/deploy/
src: reload-nginx.sh
mode: 0755
- name: Enable certbot renewal
cron:
name: "certbot renew"
job: "certbot renew --quiet"
user: root
hour: "2,14"
minute: "18"