ansible/03_container_haproxy.yaml

54 lines
1.4 KiB
YAML

---
- name: HAPROXY -- install
hosts: haproxy@lxd.ansol.org
become: true
tasks:
- name: HAPROXY -- install needed packages
become: true
package:
state: present
name: '{{ item }}'
with_items:
- unattended-upgrades
- haproxy
- name: HAPROXY -- Generate Diffie-Hellman parameters with the default size (4096 bits)
community.crypto.openssl_dhparam:
path: /etc/haproxy/dhparam.pem
- name: HAPROXY -- create ssl folder
become: true
file:
path: '/etc/haproxy/ssl'
state: directory
- name: HAPROXY -- new cert script
copy:
src: 'files/ha_new_cert.sh'
dest: '/usr/local/bin/new_certbot'
mode: 0755
- name: HAPROXY -- cert renew script
become: true
copy:
src: 'files/ha_certbot_renew.sh'
dest: '/etc/cron.weekly/certbot_renew.sh'
mode: 0755
- name: HAPROXY -- config file
become: true
template:
src: files/ha_haproxy.cfg.j2
dest: /etc/haproxy/haproxy.cfg
owner: root
group: root
mode: 0644
notify:
- reload haproxy
- name: HAPROXY -- install certbot snap
become: true
snap:
name: certbot
classic: yes
handlers:
- name: reload haproxy
service:
name: haproxy
state: reloaded
enabled: yes