- name: Enable nginx PPA apt_repository: repo=ppa:nginx/stable - name: Install nginx apt: name=nginx state=present - name: Ditch default nginx site enabled file: path=/etc/nginx/sites-enabled/default state=absent - name: Create /etc/nginx/ssl file: path=/etc/nginx/ssl state=directory - name: Create self signed SSL cert/key command: bash -lc "openssl req -x509 -sha256 -nodes -newkey rsa:2048 -keyout self-signed.key -out self-signed.crt -subj '/CN=localhost'" args: chdir: /etc/nginx/ssl creates: /etc/nginx/ssl/self-signed.* when: letsencrypt.enabled == false - name: Create Diffie Hellman Ephemeral Parameters (this will take some time) command: bash -lc "openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048" args: creates: /etc/nginx/ssl/dhparam.pem - name: Configure App nginx template: src: nginx_puma.j2 dest: /etc/nginx/sites-enabled/{{ app_name }} register: nginx_config - name: Install nginx config template: src: nginx.conf.j2 dest: /etc/nginx/nginx.conf register: nginx_config - name: Install monit nginx config file: src: /etc/monit/conf-available/nginx dest: /etc/monit/conf-enabled/nginx owner: root group: root state: link register: nginx_monit_config - name: Reload Monit command: bash -lc "monit reload && sleep 2" when: nginx_monit_config.changed - name: Check if nginx running shell: ps -ef | grep nginx | grep -v grep register: nginx_running changed_when: false ignore_errors: true - name: Start nginx remote_user: "{{ deployer_user.name }}" command: bash -lc "sudo monit start nginx" when: nginx_running | failed - name: Restart nginx remote_user: "{{ deployer_user.name }}" command: bash -lc "sudo monit restart nginx" when: nginx_running | success and nginx_config.changed