64 lines
1.7 KiB
YAML
64 lines
1.7 KiB
YAML
---
|
|
- name: "Configuration | Generate DH Parameters"
|
|
community.crypto.openssl_dhparam:
|
|
path: "{{ dhparam_path }}"
|
|
size: "{{ dhparam_size | default(4096) }}"
|
|
when: nginx_type == 'gateway' or nginx_type == 'standalone'
|
|
|
|
- name: "Configuration | Get bad user agents"
|
|
ansible.builtin.shell: "curl {{ bad_user_agents_url }}"
|
|
register: bad_user_agents
|
|
|
|
- name: "Configuration | Copy main configuration"
|
|
ansible.builtin.template:
|
|
src: nginx.conf.j2
|
|
dest: /etc/nginx/nginx.conf
|
|
mode: "0644"
|
|
notify: reload nginx
|
|
|
|
- name: "Configuration | Copy configuration snippets"
|
|
ansible.builtin.copy:
|
|
src: "{{ item }}"
|
|
dest: "/etc/nginx/snippets/{{ item }}"
|
|
mode: "0644"
|
|
loop:
|
|
- add_headers.conf
|
|
- letsencrypt.conf
|
|
notify: reload nginx
|
|
|
|
- name: "Configuration | Copy configuration templates"
|
|
ansible.builtin.template:
|
|
src: "{{ item }}.j2"
|
|
dest: "/etc/nginx/conf.d/{{ item }}"
|
|
mode: "0644"
|
|
loop:
|
|
- bad_clients.conf
|
|
- bad_bots.conf
|
|
- reverse_proxy.conf
|
|
- ssl.conf
|
|
notify: reload nginx
|
|
when: nginx_type == 'gateway' or nginx_type == 'standalone'
|
|
|
|
- name: "Configuration | Copy request limit configuration"
|
|
ansible.builtin.copy:
|
|
src: request_limits.conf
|
|
dest: /etc/nginx/conf.d/
|
|
mode: "0644"
|
|
notify: reload nginx
|
|
when: nginx_type == 'gateway' or nginx_type == 'standalone'
|
|
|
|
- name: "Configuration | Create systemd override directory"
|
|
ansible.builtin.file:
|
|
path: /etc/systemd/system/nginx.service.d
|
|
state: directory
|
|
mode: "0755"
|
|
|
|
- name: "Configuration | Copy systemd override configuration"
|
|
ansible.builtin.copy:
|
|
src: systemd/override.conf
|
|
dest: /etc/systemd/system/nginx.service.d/override.conf
|
|
mode: "0644"
|
|
notify:
|
|
- Reload systemd
|
|
- reload nginx
|