summaryrefslogtreecommitdiff
path: root/roles/apache_server/tasks/main.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/apache_server/tasks/main.yml')
-rw-r--r--roles/apache_server/tasks/main.yml47
1 files changed, 43 insertions, 4 deletions
diff --git a/roles/apache_server/tasks/main.yml b/roles/apache_server/tasks/main.yml
index 0f59f67..a66f85e 100644
--- a/roles/apache_server/tasks/main.yml
+++ b/roles/apache_server/tasks/main.yml
@@ -1,9 +1,48 @@
-- name: install rsync (so one can publish files via server)
+- name: install apache and related packages
apt:
- name: rsync
+ name: "{{ item }}"
+ with_items:
+ - rsync
+ - apache2
-- name: install apache2
- apt: name=apache2
+- name: enable apache modules for ssl
+ apache2_module:
+ state: present
+ name: "{{ item }}"
+ with_items:
+ - ssl
+ - rewrite
+
+- name: install certbot
+ apt:
+ name: certbot
+ default_release: stretch-backports
+ when: letsencrypt
+
+- name: "empty list of domains for Let's Encrypt"
+ shell: rm -f /etc/letsencrypt/static_sites/*
+
+- name: "create list of domains for static sites to get Let's Encrypt certs for"
+ shell: |
+ if [ "{{ item.letsencrypt|default(false) }}" = True ]
+ then
+ listdir="/etc/letsencrypt/static_sites"
+ mkdir -p "$listdir"
+ touch "$listdir/{{ item.domain }}"
+ fi
+ with_items: "{{ static_sites }}"
+
+- name: install script to run certbot
+ template:
+ src: deploy_static_site_certs
+ dest: /usr/local/sbin/deploy_static_site_certs
+ owner: root
+ group: root
+ mode: 755
+ when: letsencrypt
+
+- name: "get initial certificate from Let's Encrypt"
+ shell: /usr/local/sbin/deploy_static_site_certs
- name: create dirs for static site contents
file: