ops/playbooks/server/addDomainAndEncrypt.yml

---
- name: letsencrypt
  hosts: supermaster
  become: yes
  tasks:
    - name: add domain to nginx with j2 block
      template:
        src: template/nginx-server-block.j2
        dest: /tmp/new-nginx-server-block.{{item.server_name}}.conf
      with_items:
        - server_name: dev.capitan.igarson.app
          server_config: ""
          service_port: 10003
          conf_file: ngrok.conf 

    
    - name: append /tmp/new-nginx-server-block.conf to specific conf
      shell: |
        cat /tmp/new-nginx-server-block.{{item.server_name}}.conf >> /etc/nginx/sites-available/{{ item.conf_file }}
        rm -rf /tmp/new-nginx-server-block.{{item.server_name}}.conf
      with_items:
        - server_name: dev.capitan.igarson.app
          server_config: ""
          service_port: 10003
          conf_file: ngrok.conf 


    - name: encrypt all domains 
      shell: |
        certbot --nginx -d {{item.server_name}} -n --redirect
      with_items:
        - server_name: dev.capitan.igarson.app
          server_config: ""
          service_port: 10003
          conf_file: ngrok.conf 

    - name: Reload nginx to activate specified site
      service: name=nginx state=restarted

    - name: cron job for renew certificates
      cron:
        name: renew_certificates
        special_time: weekly
        job: certbot renew --post-hook "systemctl reload nginx"
ops 2022-01-01 21:29:35 +03:30			`---`
			`- name: letsencrypt`
			`hosts: supermaster`
			`become: yes`
			`tasks:`
devops 2022-01-21 00:40:30 +03:30			`- name: add domain to nginx with j2 block`
			`template:`
			`src: template/nginx-server-block.j2`
			`dest: /tmp/new-nginx-server-block.{{item.server_name}}.conf`
			`with_items:`
sync 2022-02-28 12:50:57 +03:30			`- server_name: dev.capitan.igarson.app`
devops 2022-01-21 00:40:30 +03:30			`server_config: ""`
sync 2022-02-28 12:50:57 +03:30			`service_port: 10003`
			`conf_file: ngrok.conf`
devops 2022-01-21 00:40:30 +03:30
ops 2022-01-01 21:29:35 +03:30
devops 2022-01-21 00:40:30 +03:30			`- name: append /tmp/new-nginx-server-block.conf to specific conf`
			`shell: \|`
			`cat /tmp/new-nginx-server-block.{{item.server_name}}.conf >> /etc/nginx/sites-available/{{ item.conf_file }}`
			`rm -rf /tmp/new-nginx-server-block.{{item.server_name}}.conf`
			`with_items:`
sync 2022-02-28 12:50:57 +03:30			`- server_name: dev.capitan.igarson.app`
devops 2022-01-21 00:40:30 +03:30			`server_config: ""`
sync 2022-02-28 12:50:57 +03:30			`service_port: 10003`
			`conf_file: ngrok.conf`
devops 2022-01-21 00:40:30 +03:30
ops 2022-01-01 21:29:35 +03:30
			`- name: encrypt all domains`
devops 2022-01-21 00:40:30 +03:30			`shell: \|`
			`certbot --nginx -d {{item.server_name}} -n --redirect`
ops 2022-01-01 21:29:35 +03:30			`with_items:`
sync 2022-02-28 12:50:57 +03:30			`- server_name: dev.capitan.igarson.app`
devops 2022-01-21 00:40:30 +03:30			`server_config: ""`
sync 2022-02-28 12:50:57 +03:30			`service_port: 10003`
			`conf_file: ngrok.conf`
devops 2022-01-21 00:40:30 +03:30
			`- name: Reload nginx to activate specified site`
			`service: name=nginx state=restarted`

			`- name: cron job for renew certificates`
			`cron:`
			`name: renew_certificates`
			`special_time: weekly`
sync 2022-02-28 12:50:57 +03:30			`job: certbot renew --post-hook "systemctl reload nginx"`


devops 2022-01-21 00:40:30 +03:30
ops 2022-01-01 21:29:35 +03:30