Beginning-Ansible-Concepts-.../chapter06/webservers.yml

49 lines
1 KiB
YAML
Raw Normal View History

2022-03-21 18:17:54 +01:00
---
- hosts: webservers
become: true
tasks:
- name: Ensure nginx is installed
apt:
name: nginx
state: present
- name: Change the nginx port
replace:
path: /etc/nginx/sites-enabled/default
regexp: "listen [0-9]+"
replace: "listen {{ http_port }}"
- name: Reload nginx for new config
service:
name: nginx
state: reloaded
- name: Push website content to the web root
copy:
src: index.html
dest: /var/www/html/
mode: u=rw,g=r,o=r
- name: Firewall - Allow SSH connections
ufw:
rule: allow
name: OpenSSH
- name: Firewall - Allow website connections
ufw:
rule: allow
port: "{{ http_port }}"
- name: Firewall - Deny everything else
ufw:
state: enabled
policy: deny
- name: Validate that the http_port is working
wait_for:
host: "{{ ansible_host }}"
port: "{{ http_port }}"
timeout: 5
connection: local