the-nine-worlds/ansible-edda
the-nine-worlds/ansible-edda
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
4340b894aa
ansible-edda/playbooks/roles/services/deploy/rproxy/tasks/main.yml

105 lines
4.1 KiB
YAML
Raw Blame History

---
- name: "{{ services_service_name }} : set the user variables"
ansible.builtin.import_role:
name: "services/include"
vars_from: "user"
- name: "{{ services_service_name }} : set the rproxy variables"
ansible.builtin.include_vars:
file: "nginx.yml"
- block:
- name: "{{ services_service_name }} : create nginx conf.d"
ansible.builtin.file:
path: "{{ services_service_user_home }}/.config/service/nginx-conf.d"
state: "directory"
mode: 0755
- name: "{{ services_service_name }} : generic nginx reverse proxy configuration"
ansible.builtin.copy:
src: "./config/nginx.conf"
dest: "{{ services_service_user_home }}/.config/service/nginx.conf"
mode: 0644
register: services_deploy_rproxy_generic_config
- name: "{{ services_service_name }} : stream nginx reverse proxy configuration"
ansible.builtin.template:
src: "{{ services_deploy_rproxy_nginx_stream_config }}"
dest: "{{ services_service_user_home }}/.config/service/stream.conf"
mode: 0644
register: services_deploy_rproxy_stream_config
- name: "{{ services_service_name }} : subdomain nginx reverse proxy configuration"
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ services_service_user_home }}/.config/service/nginx-conf.d/{{ item | basename }}"
mode: 0644
loop: "{{ services_deploy_rproxy_nginx_subdomain_config_files }}"
register: services_deploy_rproxy_subdomain_config_files
- name: "{{ services_service_name }} : configure systemd service"
ansible.builtin.template:
src: "./systemd/{{ item }}"
dest: "\
{{ services_service_user_home }}/.config/systemd/user/\
{{ item | replace('rproxy', services_service_name) }}"
mode: 0600
loop:
- "pod-rproxy.service"
- "container-rproxy-nginx.service"
- "container-rproxy-certbot.service"
- "container-rproxy-certbot.timer"
register: services_deploy_rproxy_systemd_files
- name: "{{ services_service_name }} : systemd user daemon reload"
ansible.builtin.systemd:
daemon_reload: true
scope: "user"
when:
services_deploy_rproxy_systemd_files.changed
- name: "{{ services_service_name }} : enable container-{{ services_service_name }}-certbot timer"
ansible.builtin.systemd:
name: "container-{{ services_service_name }}-certbot.timer"
enabled: true
scope: "user"
register: services_deploy_rproxy_certbot_timer
- name: "{{ services_service_name }} : generate diffie hellman ephemeral parameters"
ansible.builtin.command: >-
openssl dhparam --out /{{ services_service_user_home }}/.config/service/dhparam.pem 4096
args:
creates: "{{ services_service_user_home }}/.config/service/dhparam.pem"
register: services_deploy_rproxy_dhparam
- name: "{{ services_service_name }} : get uid"
ansible.builtin.getent:
database: "passwd"
key: "{{ services_service_user_name }}"
- name: "{{ services_service_name }} : get service status"
ansible.builtin.command: >-
systemctl --user show --property ActiveState --value
pod-{{ services_service_name }}.service
environment:
XDG_RUNTIME_DIR: "/run/user/{{ getent_passwd[services_service_user_name].1 }}"
changed_when: false
register: services_deploy_rproxy_service_active_state
- name: "{{ services_service_name }} : restart the service"
ansible.builtin.systemd:
name: "pod-{{ services_service_name }}.service"
state: "restarted"
scope: "user"
when:
(services_deploy_rproxy_generic_config.changed or
services_deploy_rproxy_stream_config.changed or
services_deploy_rproxy_subdomain_config_files.changed or
services_deploy_rproxy_systemd_files.changed or
services_deploy_rproxy_certbot_timer.changed or
services_deploy_rproxy_dhparam.changed) and
services_deploy_rproxy_service_active_state.stdout == "active"
become_user: "{{ services_service_user_name }}"
Reference in New Issue View Git Blame Copy Permalink