mirror of
https://github.com/Apress/Beginning-Ansible-Concepts-and-Application.git
synced 2024-09-16 21:17:28 +02:00
48 lines
1 KiB
YAML
48 lines
1 KiB
YAML
---
|
|
- hosts: webservers
|
|
become: true
|
|
tasks:
|
|
- name: Ensure nginx is installed
|
|
apt:
|
|
name: nginx
|
|
state: present
|
|
|
|
- name: Change the nginx port
|
|
replace:
|
|
path: /etc/nginx/sites-enabled/default
|
|
regexp: "listen [0-9]+"
|
|
replace: "listen {{ http_port }}"
|
|
|
|
- name: Reload nginx for new config
|
|
service:
|
|
name: nginx
|
|
state: reloaded
|
|
|
|
- name: Push website content to the web root
|
|
copy:
|
|
src: index.html
|
|
dest: /var/www/html/
|
|
mode: u=rw,g=r,o=r
|
|
|
|
- name: Firewall - Allow SSH connections
|
|
ufw:
|
|
rule: allow
|
|
name: OpenSSH
|
|
|
|
- name: Firewall - Allow website connections
|
|
ufw:
|
|
rule: allow
|
|
port: "{{ http_port }}"
|
|
|
|
- name: Firewall - Deny everything else
|
|
ufw:
|
|
state: enabled
|
|
policy: deny
|
|
|
|
- name: Validate that the http_port is working
|
|
wait_for:
|
|
host: "{{ ansible_host }}"
|
|
port: "{{ http_port }}"
|
|
timeout: 5
|
|
connection: local
|
|
|