56 lines
1.4 KiB
YAML
56 lines
1.4 KiB
YAML
---
|
|
- name: HAPROXY -- install
|
|
hosts: haproxy
|
|
become: true
|
|
tasks:
|
|
- name: HAPROXY -- install needed packages
|
|
become: true
|
|
package:
|
|
state: present
|
|
name: '{{ item }}'
|
|
with_items:
|
|
- unattended-upgrades
|
|
- haproxy
|
|
- name: HAPROXY -- Generate Diffie-Hellman parameters with the default size (4096 bits)
|
|
community.crypto.openssl_dhparam:
|
|
path: /etc/haproxy/dhparam.pem
|
|
- name: HAPROXY -- create ssl folder
|
|
become: true
|
|
file:
|
|
path: '/etc/haproxy/ssl'
|
|
state: directory
|
|
- name: HAPROXY -- new cert script
|
|
copy:
|
|
src: 'files/ha_new_cert.sh'
|
|
dest: '/usr/local/bin/new_certbot'
|
|
mode: 0755
|
|
- name: HAPROXY -- cert renew script
|
|
become: true
|
|
copy:
|
|
src: 'files/ha_certbot_renew.sh'
|
|
dest: '/etc/cron.weekly/certbot_renew.sh'
|
|
mode: 0755
|
|
- name: HAPROXY -- config file
|
|
become: true
|
|
template:
|
|
src: files/ha_haproxy.cfg.j2
|
|
dest: /etc/haproxy/haproxy.cfg
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
tags:
|
|
- hot
|
|
notify:
|
|
- reload haproxy
|
|
- name: HAPROXY -- install certbot snap
|
|
become: true
|
|
snap:
|
|
name: certbot
|
|
classic: yes
|
|
handlers:
|
|
- name: reload haproxy
|
|
service:
|
|
name: haproxy
|
|
state: reloaded
|
|
enabled: yes
|