Matrix Docker Ansible eploy
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
- ---
-
- - name: Allow access to HTTP/HTTPS in firewalld
- firewalld:
- service: "{{ item }}"
- state: enabled
- immediate: yes
- permanent: yes
- with_items:
- - http
- - https
- when: ansible_os_family == 'RedHat'
-
- - name: Ensure acmetool Docker image is pulled
- docker_image:
- name: willwill/acme-docker
-
- - name: Ensure SSL certificates path exists
- file:
- path: "{{ matrix_ssl_certs_path }}"
- state: directory
- mode: 0770
- owner: "{{ matrix_user_username }}"
- group: "{{ matrix_user_username }}"
-
- - name: Check matrix-nginx-proxy state
- service: name=matrix-nginx-proxy
- register: matrix_nginx_proxy_state
-
- - name: Ensure matrix-nginx-proxy is stopped (if previously installed & started)
- service: name=matrix-nginx-proxy state=stopped
- when: "matrix_nginx_proxy_state.status.ActiveState|default('missing') == 'active'"
-
- - name: Ensure SSL certificates are marked as wanted in acmetool
- shell: >-
- /usr/bin/docker run --rm --name acmetool-host-grab -p 80:80
- -v {{ matrix_ssl_certs_path }}:/certs
- -e ACME_EMAIL={{ matrix_ssl_support_email }}
- willwill/acme-docker
- acmetool want {{ item }} --xlog.severity=debug
- with_items:
- - "{{ hostname_matrix }}"
- - "{{ hostname_riot }}"
-
- - name: Ensure matrix-nginx-proxy is started (if previously installed & started)
- service: name=matrix-nginx-proxy state=started
- when: "matrix_nginx_proxy_state.status.ActiveState|default('missing') == 'active'"
-
- - name: Ensure periodic SSL renewal cronjob configured
- template:
- src: "{{ role_path }}/templates/cron.d/matrix-ssl-certificate-renewal.j2"
- dest: "/etc/cron.d/matrix-ssl-certificate-renewal"
- mode: 0600
|
