|
|
|
---
|
|
|
|
- hosts: frontend
|
|
|
|
gather_facts: no
|
|
|
|
roles:
|
|
|
|
- ubuntu-16-04
|
|
|
|
|
|
|
|
tasks:
|
|
|
|
- name: Install nginx
|
|
|
|
become: yes
|
|
|
|
apt:
|
|
|
|
name: nginx
|
|
|
|
state: latest
|
|
|
|
update_cache: yes
|
|
|
|
|
|
|
|
- name: Disable nginx default site
|
|
|
|
become: yes
|
|
|
|
file:
|
|
|
|
path: /etc/nginx/sites-enabled/default
|
|
|
|
state: absent
|
|
|
|
|
|
|
|
- name: Remove nginx default site config
|
|
|
|
become: yes
|
|
|
|
file:
|
|
|
|
path: /etc/nginx/sites-available/default
|
|
|
|
state: absent
|
|
|
|
|
|
|
|
- name: Create nginx log directory
|
|
|
|
become: yes
|
|
|
|
file:
|
|
|
|
path: /var/log/nginx
|
|
|
|
state: directory
|
|
|
|
|
|
|
|
- name: Copy the nginx config
|
|
|
|
become: yes
|
|
|
|
copy:
|
|
|
|
src: config/xsnexplorer.io
|
|
|
|
dest: /etc/nginx/sites-available/xsnexplorer
|
|
|
|
|
|
|
|
- name: Copy the ssl certificate chain
|
|
|
|
become: yes
|
|
|
|
copy:
|
|
|
|
src: config/ssl/fullchain.pem
|
|
|
|
dest: /etc/letsencrypt/live/xsnexplorer.io/fullchain.pem
|
|
|
|
|
|
|
|
- name: Copy the ssl private key
|
|
|
|
become: yes
|
|
|
|
copy:
|
|
|
|
src: config/ssl/privkey.pem
|
|
|
|
dest: /etc/letsencrypt/live/xsnexplorer.io/privkey.pem
|
|
|
|
|
|
|
|
- name: Copy the ssl nginx config
|
|
|
|
become: yes
|
|
|
|
copy:
|
|
|
|
src: config/ssl/options-ssl-nginx.conf
|
|
|
|
dest: /etc/letsencrypt/options-ssl-nginx.conf
|
|
|
|
|
|
|
|
- name: Copy the ssl-dhparams.pem
|
|
|
|
become: yes
|
|
|
|
copy:
|
|
|
|
src: config/ssl/ssl-dhparams.pem
|
|
|
|
dest: /etc/letsencrypt/ssl-dhparams.pem
|
|
|
|
|
|
|
|
- name: Create the symlink
|
|
|
|
become: yes
|
|
|
|
file:
|
|
|
|
src: /etc/nginx/sites-available/xsnexplorer
|
|
|
|
dest: /etc/nginx/sites-enabled/xsnexplorer
|
|
|
|
state: link
|
|
|
|
|
|
|
|
- name: Restart nginx
|
|
|
|
become: yes
|
|
|
|
service:
|
|
|
|
name: nginx
|
|
|
|
state: restarted
|
|
|
|
|
|
|
|
- name: Enable nginx to run on system startup
|
|
|
|
become: yes
|
|
|
|
systemd:
|
|
|
|
name: nginx
|
|
|
|
enabled: yes
|
|
|
|
|
|
|
|
- name: Build the application
|
|
|
|
shell: ./scripts/build-web-ui.sh
|
|
|
|
delegate_to: 127.0.0.1
|
|
|
|
|
|
|
|
- name: Upload the application
|
|
|
|
synchronize:
|
|
|
|
src: web.zip
|
|
|
|
dest: web.zip
|
|
|
|
|
|
|
|
- name: Create the web data directory
|
|
|
|
become: yes
|
|
|
|
file:
|
|
|
|
path: /var/www/html
|
|
|
|
state: directory
|
|
|
|
owner: www-data
|
|
|
|
group: www-data
|
|
|
|
|
|
|
|
- name: Unpack the application
|
|
|
|
become: yes
|
|
|
|
unarchive:
|
|
|
|
remote_src: yes
|
|
|
|
src: web.zip
|
|
|
|
dest: /var/www/html
|
|
|
|
|
|
|
|
- name: Move the web content
|
|
|
|
become: yes
|
|
|
|
raw: rsync -a /var/www/html/dist/ /var/www/html/ --remove-source-files
|
|
|
|
|
|
|
|
- name: Set the permissions
|
|
|
|
become: yes
|
|
|
|
file:
|
|
|
|
dest: /var/www/html
|
|
|
|
owner: www-data
|
|
|
|
group: www-data
|
|
|
|
recurse: yes
|