evolix/ansible-roles
22
2
Fork 2
Code Issues 61 Pull requests 18 Releases 33 Wiki Activity
ansible-roles/webapps/jitsimeet/tasks/other_domains.yml
Mathieu Gauthier-Pilote 6f387b029c Fix wrong indentation
2024-04-11 15:44:18 -04:00

72 lines
2.6 KiB
YAML
Raw Blame History

---
# tasks file for other domains if any
- name: Template config files
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: "{{ item.owner }}"
group: "{{ item.group }}"
mode: "{{ item.mode }}"
loop:
- { src: 'meet/config.js.j2', dest: "/etc/jitsi/meet/{{ domain }}-config.js", owner: "root", group: "root", mode: "0644" }
- { src: 'meet/interface_config.js.j2', dest: "/etc/jitsi/meet/{{ domain }}-interface_config.js", owner: "root", group: "root", mode: "0644" }
notify: reload nginx
- name: Check if SSL certificate is present and register result
ansible.builtin.stat:
path: "/etc/letsencrypt/live/{{ domain }}/fullchain.pem"
register: jitsimeet_ssl
- name: Generate certificate only if required (first time)
block:
- name: Template vhost without SSL for successfull LE challengce
ansible.builtin.template:
src: "nginx/other.vhost.conf.j2"
dest: "/etc/nginx/sites-available/{{ domain }}.conf"
notify: reload nginx
- name: Enable temporary nginx vhost
ansible.builtin.file:
src: "/etc/nginx/sites-available/{{ domain }}.conf"
dest: "/etc/nginx/sites-enabled/{{ domain }}.conf"
state: link
notify: reload nginx
- name: Flush handlers
ansible.builtin.meta: flush_handlers
- name: Make sure /var/lib/letsencrypt exists and has correct permissions
ansible.builtin.file:
path: /var/lib/letsencrypt
state: directory
mode: '0755'
- name: Generate certificate with certbot
ansible.builtin.command:
cmd: certbot certonly --webroot --webroot-path /var/lib/letsencrypt --non-interactive --agree-tos --email {{ jitsimeet_certbot_admin_email }} -d {{ domain }}
when: jitsimeet_ssl.stat.exists != true
- name: (Re)check if SSL certificate is present and register result
ansible.builtin.stat:
path: "/etc/letsencrypt/live/{{ domain }}/fullchain.pem"
register: jitsimeet_ssl
- name: (Re)template conf file for nginx vhost with SSL
ansible.builtin.template:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
loop:
- { src: 'nginx/other.vhost.conf.j2', dest: "/etc/nginx/sites-available/{{ domain }}.conf" }
notify: reload nginx
- name: Insert block in multiplex.conf
ansible.builtin.lineinfile:
path: /etc/nginx/modules-enabled/multiplex.conf
insertafter: "web_backend;"
line: "{{ domain }} web_backend;"
notify: reload nginx
- name: Enable nginx vhost
ansible.builtin.file:
src: "/etc/nginx/sites-available/{{ domain }}.conf"
dest: "/etc/nginx/sites-enabled/{{ domain }}.conf"
state: link
notify: reload nginx
Reference in a new issue View git blame Copy permalink