mirror of
https://github.com/krislamo/vagrant-easyredmine
synced 2024-11-10 06:50:35 +00:00
61 lines
1.6 KiB
YAML
61 lines
1.6 KiB
YAML
- get_url: url=https://oss-binaries.phusionpassenger.com/yum/definitions/el-passenger.repo
|
|
dest=/etc/yum.repos.d/passenger.repo
|
|
become: yes
|
|
|
|
- rpm_key: key=https://packagecloud.io/gpg.key
|
|
become: yes
|
|
|
|
# this makecache is mostly because I can not find any other way to fully
|
|
# import the GPG. key for the Passenger repo. 'rpm_key' is not
|
|
# sufficient.
|
|
# The use of /usr/bin/env is a hack to avoid Ansible's "Consider using
|
|
# yum module..." warnings when it sees 'yum' as the primary command.
|
|
- command: /usr/bin/env yum -q makecache -y --disablerepo='*' --enablerepo='passenger*'
|
|
become: yes
|
|
changed_when: False
|
|
|
|
- yum: name=epel-release
|
|
become: yes
|
|
|
|
- name: install nginx, passenger
|
|
yum: name='{{ item }}'
|
|
become: yes
|
|
with_items:
|
|
- nginx
|
|
- passenger
|
|
|
|
- stat: path='{{ dharam_pem_path }}'
|
|
register: dharam_pem
|
|
|
|
# https://michael.lustfield.net/nginx/getting-a-perfect-ssl-labs-score
|
|
- name: generate new Diffie-Hellman group
|
|
command: 'openssl dhparam -out {{ dharam_pem_path }} 2048'
|
|
become: yes
|
|
notify: restart nginx
|
|
when: dharam_pem.stat.exists == False
|
|
|
|
- template: dest='/etc/nginx/conf.d/easyredmine.conf'
|
|
src=easyredmine.conf.j2
|
|
become: yes
|
|
notify: restart nginx
|
|
|
|
- template: dest='/etc/nginx/nginx.conf'
|
|
src=nginx.conf.j2
|
|
become: yes
|
|
notify: restart nginx
|
|
|
|
- template: dest=/etc/nginx/conf.d/passenger.conf
|
|
src=passenger.conf.j2
|
|
become: yes
|
|
notify: restart nginx
|
|
|
|
- copy: dest='/etc/pki/tls/certs/{{ ansible_fqdn }}.pem'
|
|
src='{{ nginx_pem }}'
|
|
become: yes
|
|
notify: restart nginx
|
|
|
|
- service: name=nginx
|
|
state=started
|
|
enabled=yes
|
|
become: yes
|