127 lines
3.3 KiB
YAML
127 lines
3.3 KiB
YAML
---
|
|
- name: '[ONION] - register onion address'
|
|
slurp:
|
|
src: "/var/lib/tor/{{ item.name }}/hostname"
|
|
register: "onion_address"
|
|
when:
|
|
- item.onion is defined
|
|
- item.onion == 'true'
|
|
|
|
- name: "[NGINX] - Set fact"
|
|
set_fact:
|
|
enable_tor: 'false'
|
|
|
|
- name: "[NGINX] - Check if the certificate for the vhost exists"
|
|
stat:
|
|
path: '{{ nginx_ssl_dir }}/{{ item.name }}/privkey.pem'
|
|
register: cert_exists
|
|
when:
|
|
- item.ssl_name is defined
|
|
|
|
- name: "[NGINX] - Create HTTPS vhosts"
|
|
template:
|
|
src: etc/nginx/sites-available/{{ item.template }}.j2
|
|
dest: "{{ nginx_etc_dir }}/sites-available/{{ item.name }}"
|
|
notify:
|
|
- reload nginx
|
|
when:
|
|
- item.ssl_name is defined
|
|
- cert_exists is defined
|
|
- cert_exists.stat.exists
|
|
- item.state is defined
|
|
- item.state != 'delete'
|
|
|
|
- name: "[NGINX] - Create HTTP vhosts"
|
|
template:
|
|
src: etc/nginx/sites-available/{{ item.template }}.j2
|
|
dest: "{{ nginx_etc_dir }}/sites-available/{{ item.name }}"
|
|
notify:
|
|
- reload nginx
|
|
when:
|
|
- item.ssl_name is not defined
|
|
- item.state is defined
|
|
- item.state != 'delete'
|
|
|
|
- name: "[NGINX] - Delete vhosts"
|
|
file:
|
|
path: "{{ nginx_etc_dir }}/sites-available/{{ item.name }}"
|
|
state: absent
|
|
notify:
|
|
- reload nginx
|
|
when:
|
|
- item.state is defined
|
|
- item.state == 'delete'
|
|
|
|
- name: "[NGINX] - Enable HTTPS vhosts"
|
|
file:
|
|
src: "{{ nginx_etc_dir }}/sites-available/{{ item.name }}"
|
|
dest: "{{ nginx_etc_dir }}/sites-enabled/{{ item.name }}"
|
|
state: link
|
|
notify:
|
|
- reload nginx
|
|
when:
|
|
- item.ssl_name is defined
|
|
- cert_exists is defined
|
|
- cert_exists.stat.exists
|
|
- item.state is defined
|
|
- item.state == 'enable'
|
|
|
|
- name: "[NGINX] - Enable HTTP vhosts"
|
|
file:
|
|
src: "{{ nginx_etc_dir }}/sites-available/{{ item.name }}"
|
|
dest: "{{ nginx_etc_dir }}/sites-enabled/{{ item.name }}"
|
|
state: link
|
|
notify:
|
|
- reload nginx
|
|
when:
|
|
- item.ssl_name is not defined
|
|
- item.state is defined
|
|
- item.state == 'enable'
|
|
|
|
- name: "[NGINX] - Disable vhosts"
|
|
file:
|
|
path: "{{ nginx_etc_dir}}/sites-enabled/{{ item.name }}"
|
|
state: absent
|
|
notify:
|
|
- reload nginx
|
|
when:
|
|
- item.state is defined
|
|
- item.state == 'disable'
|
|
- item.state == 'delete'
|
|
|
|
- name: "[NGINX] - Delete default vhost when explicitely defined"
|
|
file:
|
|
path: "{{ nginx_etc_dir }}/sites-enabled/default"
|
|
state: absent
|
|
notify:
|
|
- reload nginx
|
|
when: nginx_default_vhost is not none
|
|
|
|
- name: "[NGINX] - Create HTTPS maintenance vhosts"
|
|
template:
|
|
src: etc/nginx/sites-available/maintenance.j2
|
|
dest: "{{ nginx_etc_dir }}/sites-available/maintenance-{{ item.name }}"
|
|
notify:
|
|
- reload nginx
|
|
when:
|
|
- item.ssl_name is defined
|
|
- cert_exists is defined
|
|
- cert_exists.stat.exists
|
|
- item.state is defined
|
|
- item.state != 'delete'
|
|
- item.maintenance is defined
|
|
- item.maintenance == 'true'
|
|
|
|
- name: "[NGINX] - Create HTTP maintenance vhosts"
|
|
template:
|
|
src: etc/nginx/sites-available/maintenance.j2
|
|
dest: "{{ nginx_etc_dir }}/sites-available/maintenance-{{ item.name }}"
|
|
notify:
|
|
- reload nginx
|
|
when:
|
|
- item.ssl_name is not defined
|
|
- item.state is defined
|
|
- item.state != 'delete'
|
|
- item.maintenance is defined
|
|
- item.maintenance == 'true'
|