moved ddns, partkeepr, hass to podman, selinux
This commit is contained in:
Bastian de Byl
2
ansible/roles/ssl/defaults/main.yml
Normal file
2
ansible/roles/ssl/defaults/main.yml
Normal file
@@ -0,0 +1,2 @@
|
||||
---
|
||||
deps: [certbot]
|
||||
@@ -1,18 +1,28 @@
|
||||
---
|
||||
- name: create nginx ssl directory
|
||||
become: true
|
||||
ansible.builtin.file:
|
||||
path: /etc/nginx/ssl
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
state: directory
|
||||
tags: ssl
|
||||
|
||||
- name: stat dhparam
|
||||
become: true
|
||||
ansible.builtin.stat:
|
||||
path: /etc/ssl/certs/dhparam.pem
|
||||
path: /etc/nginx/ssl/dhparam.pem
|
||||
register: dhparam
|
||||
tags: ssl
|
||||
|
||||
- name: generate openssl dhparam for nginx
|
||||
become: true
|
||||
ansible.builtin.command: |
|
||||
openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048
|
||||
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048
|
||||
when: not dhparam.stat.exists
|
||||
args:
|
||||
creates: /etc/ssl/certs/dhparam.pem
|
||||
creates: /etc/nginx/ssl/dhparam.pem
|
||||
tags: ssl
|
||||
|
||||
- name: create ssl certificate for ci server
|
||||
|
||||
7
ansible/roles/ssl/tasks/deps.yml
Normal file
7
ansible/roles/ssl/tasks/deps.yml
Normal file
@@ -0,0 +1,7 @@
|
||||
---
|
||||
- name: install ssl dependencies
|
||||
become: true
|
||||
ansible.builtin.package:
|
||||
name: "{{ deps }}"
|
||||
state: present
|
||||
tags: deps
|
||||
Reference in New Issue
Block a user