diff --git a/tasks/vhost.yml b/tasks/vhost.yml index 864aeb0..20c6b2f 100644 --- a/tasks/vhost.yml +++ b/tasks/vhost.yml @@ -3,19 +3,44 @@ slurp: src: "/var/lib/tor/{{ item.name }}/hostname" register: "onion_address" - when: item.onion is defined and item.onion == 'true' + when: + - item.onion is defined + - item.onion == 'true' - name: "[NGINX] - Set fact" set_fact: enable_tor: 'false' + +- name: "[NGINX] - Check if the certificate for the vhost exists" + stat: + path: '{{ nginx_ssl_dir }}/{{ item.name }}/privkey.pem' + register: cert_exists + when: + - item.ssl_name is defined -- name: "[NGINX] - Create vhosts" +- name: "[NGINX] - Create HTTPS vhosts" template: src: etc/nginx/sites-available/{{ item.template }}.j2 dest: "{{ nginx_etc_dir }}/sites-available/{{ item.name }}" notify: - reload nginx - when: item.state is defined and item.state != 'delete' + when: + - item.ssl_name is defined + - cert_exists is defined + - cert_exists.stat.exists + - item.state is defined + - item.state != 'delete' + +- name: "[NGINX] - Create HTTP vhosts" + template: + src: etc/nginx/sites-available/{{ item.template }}.j2 + dest: "{{ nginx_etc_dir }}/sites-available/{{ item.name }}" + notify: + - reload nginx + when: + - item.ssl_name is not defined + - item.state is defined + - item.state != 'delete' - name: "[NGINX] - Delete vhosts" file: @@ -23,16 +48,35 @@ state: absent notify: - reload nginx - when: item.state is defined and item.state == 'delete' + when: + - item.state is defined + - item.state == 'delete' -- name: "[NGINX] - Enable vhosts" +- name: "[NGINX] - Enable HTTPS vhosts" file: src: "{{ nginx_etc_dir }}/sites-available/{{ item.name }}" dest: "{{ nginx_etc_dir }}/sites-enabled/{{ item.name }}" state: link notify: - reload nginx - when: item.state is defined and item.state == 'enable' + when: + - item.ssl_name is defined + - cert_exists is defined + - cert_exists.stat.exists + - item.state is defined + - item.state == 'enable' + +- name: "[NGINX] - Enable HTTP vhosts" + file: + src: "{{ nginx_etc_dir }}/sites-available/{{ item.name }}" + dest: "{{ nginx_etc_dir }}/sites-enabled/{{ item.name }}" + state: link + notify: + - reload nginx + when: + - item.ssl_name is not defined + - item.state is defined + - item.state == 'enable' - name: "[NGINX] - Disable vhosts" file: @@ -40,7 +84,10 @@ state: absent notify: - reload nginx - when: item.state is defined and (item.state == 'disable' or item.state == 'delete') + when: + - item.state is defined + - item.state == 'disable' + - item.state == 'delete' - name: "[NGINX] - Delete default vhost when explicitely defined" file: @@ -50,10 +97,30 @@ - reload nginx when: nginx_default_vhost is not none -- name: "[NGINX] - Create maintenance vhosts" +- name: "[NGINX] - Create HTTPS maintenance vhosts" template: src: etc/nginx/sites-available/maintenance.j2 dest: "{{ nginx_etc_dir }}/sites-available/maintenance-{{ item.name }}" notify: - reload nginx - when: (item.state is defined) and (item.state != 'delete') and (item.maintenance is defined) and (item.maintenance == 'true') + when: + - item.ssl_name is defined + - cert_exists is defined + - cert_exists.stat.exists + - item.state is defined + - item.state != 'delete' + - item.maintenance is defined + - item.maintenance == 'true' + +- name: "[NGINX] - Create HTTP maintenance vhosts" + template: + src: etc/nginx/sites-available/maintenance.j2 + dest: "{{ nginx_etc_dir }}/sites-available/maintenance-{{ item.name }}" + notify: + - reload nginx + when: + - item.ssl_name is not defined + - item.state is defined + - item.state != 'delete' + - item.maintenance is defined + - item.maintenance == 'true'