You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
42 lines
1.3 KiB
YAML
42 lines
1.3 KiB
YAML
---
|
|
- hosts: webserver
|
|
tasks:
|
|
|
|
# Create the Container for the new Webserver
|
|
- name: Create Webserver for {{ domain }}
|
|
lxc_container:
|
|
name: webserver
|
|
state: sopped
|
|
backing_store: overlayfs
|
|
clone_name: {{ domain }}
|
|
clone_snapshot: true
|
|
container_config:
|
|
- "lxc.mount.entry =/var/lib/nginx.revproxy/rootfs/etc/letsencrypt/archive/{{ domain }} etc/letsencrypt/archive/{{ domain }} none bind 0 0"
|
|
- "lxc.mount.entry =/var/lib/nginx.revproxy/rootfs/etc/letsencrypt/live/{ domain } etc/letsencrypt/live/{{ domain }} none bind 0 0"
|
|
|
|
- name: Set default Nginx
|
|
template:
|
|
src: template/80nginx.j2
|
|
dest: /var/lib/lxc/nginx.revproxy/delta0/etc/nginx/site-available/{{ domain }}.conf
|
|
|
|
- name: Setup Letsencrypt for {{ domain }}
|
|
lxc_container:
|
|
name: rev.proxy
|
|
state: started
|
|
container_command: |
|
|
ln -s /etc/nginx/site-available/{{ domain }}.conf /etc/nginx/site-enabled/{{ domain }}.conf
|
|
systemctl reload nginx
|
|
certbot certonly -d {{ domain }} -d www.{{ domain }}
|
|
|
|
- name: Setup secure Nginx with LetsEncrypt
|
|
template:
|
|
src: template/443nginx.j2
|
|
dest: /var/lib/lxc/nginx.revproxy/delta0/etc/nginx/site-available/{{ domain }}.conf
|
|
|
|
- name: Restart Reverse.Proxy
|
|
lxc_container:
|
|
name: rev.proxy
|
|
state: started
|
|
container_command: |
|
|
systemctl reload nginx
|