roles/nginx/tasks/main.yml in taperole-1.4.3 vs roles/nginx/tasks/main.yml in taperole-1.5.0
- old
+ new
@@ -8,9 +8,25 @@
- name: Ditch default nginx site enabled
file: path=/etc/nginx/sites-enabled/default state=absent
tags: [nginx]
+- name: Create /etc/nginx/ssl
+ file: path=/etc/nginx/ssl state=directory
+ tags: [nginx]
+
+- name: Create self signed SSL cert/key
+ command: bash -lc "openssl req -x509 -sha256 -nodes -newkey rsa:2048 -keyout self-signed.key -out self-signed.crt -subj '/CN=localhost'"
+ args:
+ chdir: /etc/nginx/ssl
+ tags: [nginx]
+
+- name: Create Diffie Hellman Ephemeral Parameters (this will take some time)
+ command: bash -lc "openssl dhparam -out dhparam.pem 2048"
+ args:
+ chdir: /etc/nginx/ssl
+ tags: [nginx]
+
- name: Configure App nginx
template: src=nginx_unicorn.j2 dest=/etc/nginx/sites-enabled/{{ app_name }}
tags: [nginx]
- name: Install monit nginx config