Matrix Docker Ansible eploy
Вы не можете выбрать более 25 тем
Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
|
- ---
-
- - name: Allow access to HTTP/HTTPS in firewalld
- firewalld:
- service: "{{ item }}"
- state: enabled
- immediate: yes
- permanent: yes
- with_items:
- - http
- - https
-
- - name: Ensure acmetool Docker image is pulled
- docker_image:
- name: willwill/acme-docker
-
- - name: Ensure SSL certificates path exists
- file:
- path: "{{ ssl_certs_path }}"
- state: directory
- mode: 0770
- owner: "{{ matrix_user_username }}"
- group: "{{ matrix_user_username }}"
-
- - name: Check matrix-nginx-proxy state
- service: name=matrix-nginx-proxy
- register: matrix_nginx_proxy_state
-
- - name: Ensure matrix-nginx-proxy is stopped (if previously installed & started)
- service: name=matrix-nginx-proxy state=stopped
- when: "matrix_nginx_proxy_state.status.ActiveState|default('missing') == 'active'"
-
- - name: Ensure SSL certificates are marked as wanted in acmetool
- shell: >-
- /usr/bin/docker run --rm --name acmetool-host-grab -p 80:80
- -v {{ ssl_certs_path }}:/certs
- -e ACME_EMAIL={{ ssl_support_email }}
- willwill/acme-docker
- acmetool want {{ hostname_matrix }} {{ hostname_riot }} --xlog.severity=debug
-
- - name: Ensure matrix-nginx-proxy is started (if previously installed & started)
- service: name=matrix-nginx-proxy state=started
- when: "matrix_nginx_proxy_state.status.ActiveState|default('missing') == 'active'"
-
- - name: Ensure periodic SSL renewal cronjob configured
- template:
- src: "{{ role_path }}/templates/cron.d/ssl-certificate-renewal.j2"
- dest: "/etc/cron.d/ssl-certificate-renewal"
- mode: 0600
|
