41 lines
1.3 KiB
YAML
41 lines
1.3 KiB
YAML
---
|
|
# this can accomodate for permissions if necessary, just use list of dicts
|
|
- name: Create directories
|
|
loop:
|
|
- /containers/compose/iconserver
|
|
- /containers/data/nginx/conf.d
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
recurse: true
|
|
|
|
# this too
|
|
- name: Install files from templates
|
|
loop:
|
|
- containers/compose/iconserver/compose.yml
|
|
- containers/data/nginx/conf.d/iconserver.conf
|
|
ansible.builtin.template:
|
|
src: "{{ item }}.j2"
|
|
dest: "/{{ item }}"
|
|
|
|
# I would assume it does not matter how we get the self signed cert to the host
|
|
# so it's nicer (and safer) to generate one for each of the hosts.
|
|
# Another option is to pre-generate it and store it in ansible-vault.
|
|
- name: Install dependencies
|
|
ansible.builtin.package:
|
|
name: python3-cryptography
|
|
state: present
|
|
|
|
- name: Create openssl key
|
|
community.crypto.openssl_privatekey:
|
|
path: /containers/data/nginx/conf.d/iconserver.key
|
|
|
|
- name: Create openssl self-signed cert
|
|
community.crypto.x509_certificate:
|
|
path: /containers/data/nginx/conf.d/iconserver.crt
|
|
privatekey_path: /containers/data/nginx/conf.d/iconserver.key
|
|
provider: selfsigned
|
|
|
|
- name: Deploy software via docker-compose
|
|
community.docker.docker_compose_v2:
|
|
project_src: /containers/compose/iconserver
|