diff options
Diffstat (limited to 'roles')
| -rw-r--r-- | roles/blog/files/blog.ilvokhin.com | 32 | ||||
| -rw-r--r-- | roles/blog/tasks/main.yml | 39 | ||||
| -rw-r--r-- | roles/users/tasks/main.yml | 1 |
3 files changed, 72 insertions, 0 deletions
diff --git a/roles/blog/files/blog.ilvokhin.com b/roles/blog/files/blog.ilvokhin.com new file mode 100644 index 0000000..b00ec9c --- /dev/null +++ b/roles/blog/files/blog.ilvokhin.com @@ -0,0 +1,32 @@ +server { + server_name blog.ilvokhin.com www.blog.ilvokhin.com; + + root /srv/http/blog.ilvokhin.com; + index index.html; + + location / { + try_files $uri $uri/ = 404; + } + + listen [::]:443 ssl; + listen 443 ssl; + + ssl_certificate /etc/letsencrypt/live/blog.ilvokhin.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/blog.ilvokhin.com/privkey.pem; +} + +server { + if ($host = www.blog.ilvokhin.com) { + return 301 https://$host$request_uri; + } + + if ($host = blog.ilvokhin.com) { + return 301 https://$host$request_uri; + } + + server_name blog.ilvokhin.com www.blog.ilvokhin.com; + + listen 80; + listen [::]:80; + return 404; +} diff --git a/roles/blog/tasks/main.yml b/roles/blog/tasks/main.yml new file mode 100644 index 0000000..5f9288e --- /dev/null +++ b/roles/blog/tasks/main.yml @@ -0,0 +1,39 @@ +- name: Create /srv/http/blog.ilvokhin.com directory + ansible.builtin.file: + path: /srv/http/blog.ilvokhin.com + state: directory + owner: http + group: http + mode: u+rw,g+rw,o+r + +- name: Request SSL certificate for blog.ilvokhin.com + ansible.builtin.include_role: + name: certificate + vars: + domains: + - blog.ilvokhin.com + - www.blog.ilvokhin.com + +- ansible.builtin.include_role: + name: nginx + +- name: Configure nginx for blog.ilvokhin.com + ansible.builtin.copy: + src: files/blog.ilvokhin.com + dest: /etc/nginx/sites-available + owner: root + group: root + mode: u+rw,g+r,o+r + notify: + - Reload nginx + +- name: Enable blog.ilvokhin.com site + ansible.builtin.file: + src: /etc/nginx/sites-available/blog.ilvokhin.com + dest: /etc/nginx/sites-enabled/blog.ilvokhin.com + owner: root + group: root + mode: u+rw,g+r,o+r + state: link + notify: + - Reload nginx diff --git a/roles/users/tasks/main.yml b/roles/users/tasks/main.yml index dea8a82..7bb4f77 100644 --- a/roles/users/tasks/main.yml +++ b/roles/users/tasks/main.yml @@ -11,6 +11,7 @@ home: /home/d groups: - wheel + - http - name: Setup SSH directory for Dmitry Ilvokhin ansible.builtin.file: |