- name: Enable nginx PPA apt_repository: repo=ppa:nginx/stable - name: Install nginx apt: name=nginx state=present - name: Ditch default nginx site enabled file: path=/etc/nginx/sites-enabled/default state=absent - name: Create /etc/nginx/ssl file: path=/etc/nginx/ssl state=directory - name: Create self signed SSL cert/key command: bash -lc "openssl req -x509 -sha256 -nodes -newkey rsa:2048 -keyout self-signed.key -out self-signed.crt -subj '/CN=localhost'" args: chdir: /etc/nginx/ssl creates: /etc/nginx/ssl/self-signed.* - stat: path=/etc/nginx/ssl/dhparam.pem register: dhparam - name: Create Diffie Hellman Ephemeral Parameters (this will take some time) command: bash -lc "openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048" creates=/etc/nginx/ssl/dhparam.pem - name: Configure App nginx template: src=nginx_unicorn.j2 dest=/etc/nginx/sites-enabled/{{ app_name }} - name: Install monit nginx config file: src=/etc/monit/conf-available/nginx dest=/etc/monit/conf-enabled/nginx owner=root group=root state=link register: nginx_monit_config - name: Reload Monit command: bash -lc "monit reload && sleep 2" when: nginx_monit_config.changed - name: Stop nginx service: name=nginx state=stopped - name: Start nginx remote_user: "{{ deployer_user.name }}" command: bash -lc "sudo monit start nginx"