Move certificate generation to after the nginx package is installed
This prevents a problem where the certificate role tries to restart a not yet installed nginx
This commit is contained in:
nd
parent
0e7301a1dc
commit
1bc80fa9ea
1 changed files with 12 additions and 12 deletions
|
|
@ -5,18 +5,6 @@
|
|||
inventory_certs: "{{ certificates.certs|d({}) | dict2items | selectattr ('key', 'regex', '^nginx_') | items2dict }}"
|
||||
selfsigned_cert: "{ '{{ inventory_hostname }}': { 'backend': 'selfsigned' }}"
|
||||
|
||||
- name: generate certificates for vhosts
|
||||
include_role:
|
||||
name: certificates
|
||||
vars:
|
||||
certificates:
|
||||
certs: "{{ {}|combine( (selfsigned_cert|from_yaml if nginx.snakeoil_default else {}), nginx_certs, inventory_certs, recursive=True) }}"
|
||||
|
||||
- name: debug nginx dict
|
||||
debug:
|
||||
verbosity: 1
|
||||
var: nginx
|
||||
|
||||
- name: install nginx
|
||||
apt:
|
||||
pkg:
|
||||
|
|
@ -31,6 +19,18 @@
|
|||
- delete nginx index.nginx-debian.html
|
||||
- restart nginx
|
||||
|
||||
- name: generate certificates for vhosts
|
||||
include_role:
|
||||
name: certificates
|
||||
vars:
|
||||
certificates:
|
||||
certs: "{{ {}|combine( (selfsigned_cert|from_yaml if nginx.snakeoil_default else {}), nginx_certs, inventory_certs, recursive=True) }}"
|
||||
|
||||
- name: debug nginx dict
|
||||
debug:
|
||||
verbosity: 1
|
||||
var: nginx
|
||||
|
||||
- name: copy configs
|
||||
copy:
|
||||
src: config/
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue