aboutsummaryrefslogtreecommitdiff
path: root/infrastructure/roles
diff options
context:
space:
mode:
Diffstat (limited to 'infrastructure/roles')
-rw-r--r--infrastructure/roles/web/handlers/main.yaml4
-rw-r--r--infrastructure/roles/web/tasks/main.yaml26
2 files changed, 30 insertions, 0 deletions
diff --git a/infrastructure/roles/web/handlers/main.yaml b/infrastructure/roles/web/handlers/main.yaml
new file mode 100644
index 0000000..73ed47a
--- /dev/null
+++ b/infrastructure/roles/web/handlers/main.yaml
@@ -0,0 +1,4 @@
+- name: restart web
+ ansible.builtin.service:
+ name: apache2
+ state: restarted
diff --git a/infrastructure/roles/web/tasks/main.yaml b/infrastructure/roles/web/tasks/main.yaml
new file mode 100644
index 0000000..2bf04e2
--- /dev/null
+++ b/infrastructure/roles/web/tasks/main.yaml
@@ -0,0 +1,26 @@
+- name: install apache2
+ ansible.builtin.package:
+ name: apache2
+- name: enable mod_md
+ ansible.builtin.command:
+ cmd: a2enmod md
+ creates: /etc/apache2/mods-enabled/md.load
+ notify: restart web
+- name: enable mod_ssl
+ ansible.builtin.command:
+ cmd: a2enmod ssl
+ creates: /etc/apache2/mods-enabled/ssl.load
+ notify: restart web
+- name: ssl site
+ ansible.builtin.copy:
+ dest: /etc/apache2/sites-enabled/ssl.conf
+ content: |
+ MDomain {{ public_hostname_punycode }}
+ MDCertificateAgreement accepted
+
+ <VirtualHost *:443>
+ ServerName {{ public_hostname_punycode }}
+ SSLEngine on
+ ServerAdmin {{ admin_email }}
+ </VirtualHost>
+ notify: restart web
generated by cgit v1.2.3 (git 2.46.0) at 2026-02-01 23:47:11 +0000