68 lines
1.3 KiB
JSON
68 lines
1.3 KiB
JSON
[
|
|
{
|
|
"name": "install packages",
|
|
"become": true,
|
|
"ansible.builtin.apt": {
|
|
"update_cache": true,
|
|
"pkg": [
|
|
"lighttpd",
|
|
"lighttpd-mod-openssl"
|
|
]
|
|
}
|
|
},
|
|
{
|
|
"name": "activate openssl module | file",
|
|
"become": true,
|
|
"ansible.builtin.template": {
|
|
"src": "10-ssl-custom.conf.j2",
|
|
"dest": "/etc/lighttpd/conf-available/10-ssl-custom.conf"
|
|
}
|
|
},
|
|
{
|
|
"name": "activate openssl module | link",
|
|
"become": true,
|
|
"ansible.builtin.file": {
|
|
"state": "link",
|
|
"src": "/etc/lighttpd/conf-available/10-ssl-custom.conf",
|
|
"dest": "/etc/lighttpd/conf-enabled/10-ssl-custom.conf"
|
|
}
|
|
},
|
|
{
|
|
"name": "ufw | check",
|
|
"check_mode": true,
|
|
"become": true,
|
|
"community.general.ufw": {
|
|
"state": "enabled"
|
|
},
|
|
"register": "ufw_enable_check"
|
|
},
|
|
{
|
|
"name": "ufw | allow port 80",
|
|
"when": "not ufw_enable_check.changed",
|
|
"become": true,
|
|
"community.general.ufw": {
|
|
"rule": "allow",
|
|
"port": "80",
|
|
"proto": "tcp"
|
|
}
|
|
},
|
|
{
|
|
"name": "ufw | allow port 443",
|
|
"when": "not ufw_enable_check.changed",
|
|
"become": true,
|
|
"community.general.ufw": {
|
|
"rule": "allow",
|
|
"port": "443",
|
|
"proto": "tcp"
|
|
}
|
|
},
|
|
{
|
|
"name": "restart service",
|
|
"become": true,
|
|
"ansible.builtin.systemd_service": {
|
|
"state": "restarted",
|
|
"name": "lighttpd"
|
|
}
|
|
}
|
|
]
|
|
|