Matrix Docker Ansible eploy
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
- ---
-
- - name: Determine domains to obtain certificates for (Matrix)
- set_fact:
- domains_to_obtain_certificate_for: "['{{ hostname_matrix }}']"
-
- - name: Determine domains to obtain certificates for (Riot)
- set_fact:
- domains_to_obtain_certificate_for: "{{ domains_to_obtain_certificate_for + [hostname_riot] }}"
- when: matrix_riot_web_enabled
-
- - name: Allow access to HTTP/HTTPS in firewalld
- firewalld:
- service: "{{ item }}"
- state: enabled
- immediate: yes
- permanent: yes
- with_items:
- - http
- - https
- when: ansible_os_family == 'RedHat'
-
- - name: Ensure certbot Docker image is pulled
- docker_image:
- name: "{{ matrix_ssl_certbot_docker_image }}"
-
- - name: Ensure SSL certificate paths exists
- file:
- path: "{{ item }}"
- state: directory
- mode: 0770
- owner: "{{ matrix_user_username }}"
- group: "{{ matrix_user_username }}"
- with_items:
- - "{{ matrix_ssl_log_dir_path }}"
- - "{{ matrix_ssl_config_dir_path }}"
-
- - name: Obtain initial certificates
- include_tasks: "tasks/setup/setup_ssl_for_domain.yml"
- with_items: "{{ domains_to_obtain_certificate_for }}"
- loop_control:
- loop_var: domain_name
-
- - name: Ensure SSL renewal script installed
- template:
- src: "{{ role_path }}/templates/usr-local-bin/matrix-ssl-certificates-renew.j2"
- dest: "/usr/local/bin/matrix-ssl-certificates-renew"
- mode: 0750
-
- - name: Ensure periodic SSL renewal cronjob configured
- template:
- src: "{{ role_path }}/templates/cron.d/matrix-ssl-certificate-renewal.j2"
- dest: "/etc/cron.d/matrix-ssl-certificate-renewal"
- mode: 0600
|
