Move certificate generation to after the nginx package is installed
This prevents a problem where the certificate role tries to restart a not yet installed nginx
This commit is contained in:
nd
parent
0e7301a1dc
commit
1bc80fa9ea
1 changed files with 12 additions and 12 deletions
|
|
@ -5,18 +5,6 @@
|
||||||
inventory_certs: "{{ certificates.certs|d({}) | dict2items | selectattr ('key', 'regex', '^nginx_') | items2dict }}"
|
inventory_certs: "{{ certificates.certs|d({}) | dict2items | selectattr ('key', 'regex', '^nginx_') | items2dict }}"
|
||||||
selfsigned_cert: "{ '{{ inventory_hostname }}': { 'backend': 'selfsigned' }}"
|
selfsigned_cert: "{ '{{ inventory_hostname }}': { 'backend': 'selfsigned' }}"
|
||||||
|
|
||||||
- name: generate certificates for vhosts
|
|
||||||
include_role:
|
|
||||||
name: certificates
|
|
||||||
vars:
|
|
||||||
certificates:
|
|
||||||
certs: "{{ {}|combine( (selfsigned_cert|from_yaml if nginx.snakeoil_default else {}), nginx_certs, inventory_certs, recursive=True) }}"
|
|
||||||
|
|
||||||
- name: debug nginx dict
|
|
||||||
debug:
|
|
||||||
verbosity: 1
|
|
||||||
var: nginx
|
|
||||||
|
|
||||||
- name: install nginx
|
- name: install nginx
|
||||||
apt:
|
apt:
|
||||||
pkg:
|
pkg:
|
||||||
|
|
@ -31,6 +19,18 @@
|
||||||
- delete nginx index.nginx-debian.html
|
- delete nginx index.nginx-debian.html
|
||||||
- restart nginx
|
- restart nginx
|
||||||
|
|
||||||
|
- name: generate certificates for vhosts
|
||||||
|
include_role:
|
||||||
|
name: certificates
|
||||||
|
vars:
|
||||||
|
certificates:
|
||||||
|
certs: "{{ {}|combine( (selfsigned_cert|from_yaml if nginx.snakeoil_default else {}), nginx_certs, inventory_certs, recursive=True) }}"
|
||||||
|
|
||||||
|
- name: debug nginx dict
|
||||||
|
debug:
|
||||||
|
verbosity: 1
|
||||||
|
var: nginx
|
||||||
|
|
||||||
- name: copy configs
|
- name: copy configs
|
||||||
copy:
|
copy:
|
||||||
src: config/
|
src: config/
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue