You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
97 lines
1.9 KiB
97 lines
1.9 KiB
- name: install and configure nginx
|
|
include_role:
|
|
name: nginx
|
|
vars:
|
|
nginx:
|
|
security:
|
|
csp:
|
|
pp:
|
|
headers:
|
|
Cross-Origin-Embedder-Policy:
|
|
Cross-Origin-Opener-Policy:
|
|
Cross-Origin-Resource-Policy:
|
|
|
|
servers:
|
|
- conf: redirect_80_any
|
|
name: '*'
|
|
http: yes
|
|
|
|
- conf: redirect_80_monroe43
|
|
name: '*.monroe43.ru'
|
|
no_tld: yes
|
|
http: yes
|
|
|
|
- conf: redirect_443_monroe43
|
|
name: 'monroe43.ru'
|
|
no_tld: yes
|
|
- conf: redirect_443_monroe43
|
|
name: 'www.monroe43.ru'
|
|
no_tld: yes
|
|
|
|
- conf: shop
|
|
name: shop
|
|
- conf: feedback
|
|
name: feedback
|
|
- conf: welcome-spb
|
|
name: welcome-spb
|
|
- conf: spb-10-8
|
|
name: spb-10-8
|
|
- conf: mta-sts
|
|
name: mta-sts
|
|
|
|
- conf: default
|
|
is_root: yes
|
|
cn: yes
|
|
- conf: default
|
|
name: www
|
|
|
|
certs: yes
|
|
tld: "{{ tld }}"
|
|
security_headers: yes
|
|
|
|
domains:
|
|
- "{{ tld }}"
|
|
- "www.{{ tld }}"
|
|
- "monroe43.ru"
|
|
- "www.monroe43.ru"
|
|
- "feedback.{{ tld }}"
|
|
- "mta-sts.{{ tld }}"
|
|
- "shop.{{ tld }}"
|
|
- "spb-10-8.{{ tld }}"
|
|
- "welcome-spb.{{ tld }}"
|
|
|
|
|
|
- name: create directories
|
|
file:
|
|
path: "{{ webroot_dir ~ '/' ~ item }}"
|
|
state: directory
|
|
loop:
|
|
- acme
|
|
- acme/.well-known
|
|
- acme/.well-known/acme-challenge
|
|
- static
|
|
- mta-sts
|
|
- mta-sts/.well-known
|
|
|
|
|
|
- name: build mta-sts file
|
|
template:
|
|
src: mta-sts-file.j2
|
|
dest: "{{ webroot_dir }}/mta-sts/.well-known/mta-sts.txt"
|
|
force: yes
|
|
lstrip_blocks: yes
|
|
|
|
|
|
- name: upload static bimi logo
|
|
copy:
|
|
src: logo.svg
|
|
dest: "{{ webroot_dir }}/static/logo.svg"
|
|
|
|
|
|
- name: add directories to backup plan
|
|
include_role:
|
|
name: backup
|
|
vars:
|
|
function: add
|
|
backup_items:
|
|
- "{{ webroot_dir }}"
|
|
|