--- - name: Install Nginx ansible.builtin.apt: name: nginx state: present - name: Allow ports 80 and 443 loop: - 80 - 443 community.general.ufw: rule: allow to_port: '{{ item }}' - name: Create config directories loop: - /etc/nginx - /etc/nginx/sites-available - /etc/nginx/sites-enabled - /etc/nginx/streams-available - /etc/nginx/streams-enabled ansible.builtin.file: state: directory dest: '{{ item }}' owner: root group: root mode: "0755" - name: Deploy base config file ansible.builtin.copy: src: nginx.conf dest: /etc/nginx/nginx.conf owner: root group: root mode: "0644" notify: Reload nginx - name: Deploy site configurations loop: '{{ sites_available }}' ansible.builtin.template: src: site.j2 dest: /etc/nginx/sites-available/{{ item.fqdn }}.conf owner: root group: root mode: "0644" notify: Reload nginx - name: Enable site configurations loop: '{{ sites_available }}' ansible.builtin.file: src: ../sites-available/{{ item.fqdn }}.conf dest: /etc/nginx/sites-enabled/{{ item.fqdn }}.conf state: '{{ item.enabled|ternary("link", "absent") }}' owner: root group: root notify: Reload nginx - name: Deploy stream configurations loop: '{{ streams_available }}' ansible.builtin.template: src: stream.j2 dest: /etc/nginx/streams-available/{{ item.fqdn }}.conf owner: root group: root mode: "0644" notify: Reload nginx - name: Enable stream configurations loop: '{{ streams_available }}' ansible.builtin.file: src: ../streams-available/{{ item.fqdn }}.conf dest: /etc/nginx/streams-enabled/{{ item.fqdn }}.conf state: '{{ item.enabled|ternary("link", "absent") }}' owner: root group: root notify: Reload nginx - name: Allow connections to enabled streams loop: '{{ streams_available }}' community.general.ufw: rule: allow to_port: '{{ item.listen_port }}' delete: '{{ not item.enabled }}' - name: Enable nginx ansible.builtin.systemd_service: name: nginx enabled: yes state: started