Add role for ilvokhin.com

2 files changed, 72 insertions, 0 deletions

diff --git a/roles/home/files/ilvokhin.com b/roles/home/files/ilvokhin.com
new file mode 100644
index 0000000..f1fafbf
--- /dev/null
+++ b/roles/home/files/ilvokhin.com
@@ -0,0 +1,33 @@
+server {
+    server_name ilvokhin.com www.ilvokhin.com;
+
+    root /srv/http/ilvokhin.com;
+    index index.html;
+
+    location / {
+        try_files $uri $uri/ = 404;
+    }
+
+    listen [::]:443 ssl;
+    listen 443 ssl;
+
+    ssl_certificate /etc/letsencrypt/live/ilvokhin.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/ilvokhin.com/privkey.pem;
+}
+
+server {
+    if ($host = www.ilvokhin.com) {
+        return 301 https://$host$request_uri;
+    }
+
+    if ($host = ilvokhin.com) {
+        return 301 https://$host$request_uri;
+    }
+
+    server_name ilvokhin.com www.ilvokhin.com;
+
+    listen 80;
+    listen [::]:80;
+
+    return 404;
+}
diff --git a/roles/home/tasks/main.yml b/roles/home/tasks/main.yml
new file mode 100644
index 0000000..cd6b19c
--- /dev/null
+++ b/roles/home/tasks/main.yml
@@ -0,0 +1,39 @@
+- name: Create /srv/http/ilvokhin.com directory
+  ansible.builtin.file:
+    path: /srv/http/ilvokhin.com
+    state: directory
+    owner: http
+    group: http
+    mode: u+rw,g+rw,o+r
+
+- name: Request SSL certificate for ilvokhin.com
+  ansible.builtin.include_role:
+    name: certificate
+  vars:
+    domains:
+      - ilvokhin.com
+      - www.ilvokhin.com
+
+- ansible.builtin.include_role:
+    name: nginx
+
+- name: Configure nginx for ilvokhin.com
+  ansible.builtin.copy:
+    src: files/ilvokhin.com
+    dest: /etc/nginx/sites-available
+    owner: root
+    group: root
+    mode: u+rw,g+r,o+r
+  notify:
+    - Reload nginx
+
+- name: Enable ilvokhin.com site
+  ansible.builtin.file:
+    src: /etc/nginx/sites-available/ilvokhin.com
+    dest: /etc/nginx/sites-enabled/ilvokhin.com
+    owner: root
+    group: root
+    mode: u+rw,g+r,o+r
+    state: link
+  notify:
+    - Reload nginx