Divide nginx role into proxy and webserver tasks
This commit is contained in:
@@ -1,37 +1,7 @@
|
|||||||
- name: Create nginx root
|
- import_tasks: proxy.yml
|
||||||
file:
|
tags: proxy
|
||||||
path: "{{ nginx_root }}"
|
when: proxy is defined
|
||||||
state: directory
|
|
||||||
|
|
||||||
- name: Generate deploy keys
|
- import_tasks: webserver.yml
|
||||||
openssh_keypair:
|
tags: nginx
|
||||||
path: "{{ nginx_repo_key }}"
|
when: nginx_domain is defined
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Clone static website files
|
|
||||||
git:
|
|
||||||
repo: "{{ nginx_repo_url }}"
|
|
||||||
dest: "{{ nginx_html }}"
|
|
||||||
version: "{{ nginx_repo_branch }}"
|
|
||||||
key_file: "{{ nginx_repo_key }}"
|
|
||||||
separate_git_dir: "{{ nginx_repo_dest }}"
|
|
||||||
|
|
||||||
- name: Start nginx container
|
|
||||||
docker_container:
|
|
||||||
name: "{{ nginx_name }}"
|
|
||||||
image: nginx:{{ nginx_version }}
|
|
||||||
state: started
|
|
||||||
restart_policy: always
|
|
||||||
networks_cli_compatible: true
|
|
||||||
networks:
|
|
||||||
- name: traefik
|
|
||||||
volumes:
|
|
||||||
- "{{ nginx_html }}:/usr/share/nginx/html:ro"
|
|
||||||
labels:
|
|
||||||
traefik.http.routers.nginx.rule: "Host(`{{ nginx_domain }}`)"
|
|
||||||
traefik.http.middlewares.nginxauth.basicauth.users: "{{ nginx_auth }}"
|
|
||||||
traefik.http.routers.nginx.entrypoints: websecure
|
|
||||||
traefik.http.routers.nginx.tls.certresolver: letsencrypt
|
|
||||||
traefik.http.routers.nginx.middlewares: "securehttps@file,nginxauth"
|
|
||||||
traefik.docker.network: traefik
|
|
||||||
traefik.enable: "true"
|
|
||||||
|
|||||||
0
roles/nginx/tasks/proxy.yml
Normal file
0
roles/nginx/tasks/proxy.yml
Normal file
37
roles/nginx/tasks/webserver.yml
Normal file
37
roles/nginx/tasks/webserver.yml
Normal file
@@ -0,0 +1,37 @@
|
|||||||
|
- name: Create nginx root
|
||||||
|
file:
|
||||||
|
path: "{{ nginx_root }}"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Generate deploy keys
|
||||||
|
openssh_keypair:
|
||||||
|
path: "{{ nginx_repo_key }}"
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Clone static website files
|
||||||
|
git:
|
||||||
|
repo: "{{ nginx_repo_url }}"
|
||||||
|
dest: "{{ nginx_html }}"
|
||||||
|
version: "{{ nginx_repo_branch }}"
|
||||||
|
key_file: "{{ nginx_repo_key }}"
|
||||||
|
separate_git_dir: "{{ nginx_repo_dest }}"
|
||||||
|
|
||||||
|
- name: Start nginx container
|
||||||
|
docker_container:
|
||||||
|
name: "{{ nginx_name }}"
|
||||||
|
image: nginx:{{ nginx_version }}
|
||||||
|
state: started
|
||||||
|
restart_policy: always
|
||||||
|
networks_cli_compatible: true
|
||||||
|
networks:
|
||||||
|
- name: traefik
|
||||||
|
volumes:
|
||||||
|
- "{{ nginx_html }}:/usr/share/nginx/html:ro"
|
||||||
|
labels:
|
||||||
|
traefik.http.routers.nginx.rule: "Host(`{{ nginx_domain }}`)"
|
||||||
|
traefik.http.middlewares.nginxauth.basicauth.users: "{{ nginx_auth }}"
|
||||||
|
traefik.http.routers.nginx.entrypoints: websecure
|
||||||
|
traefik.http.routers.nginx.tls.certresolver: letsencrypt
|
||||||
|
traefik.http.routers.nginx.middlewares: "securehttps@file,nginxauth"
|
||||||
|
traefik.docker.network: traefik
|
||||||
|
traefik.enable: "true"
|
||||||
Reference in New Issue
Block a user