58 lines
1.4 KiB
YAML
58 lines
1.4 KiB
YAML
---
|
|
|
|
# v3, nginx, docker
|
|
|
|
- hosts: all
|
|
|
|
vars_files:
|
|
- vars/apps.yml
|
|
|
|
tasks:
|
|
|
|
- include_role:
|
|
name: yatesr.timezone
|
|
vars:
|
|
timezone: UTC
|
|
|
|
- include_role:
|
|
name: geerlingguy.security
|
|
vars:
|
|
security_ssh_permit_root_login: "yes"
|
|
security_autoupdate_enabled: false
|
|
security_fail2ban_enabled: false
|
|
|
|
- include_role:
|
|
name: geerlingguy.nginx
|
|
vars:
|
|
nginx_remove_default_vhost: true
|
|
|
|
- include_role:
|
|
name: geerlingguy.docker
|
|
vars:
|
|
docker_users: '{{ apps | map(attribute="username") | list }}'
|
|
|
|
- include_role:
|
|
name: docker-app
|
|
private: yes
|
|
vars:
|
|
username: '{{ app_item.username }}'
|
|
ssh_keys: '{{ app_item.ssh_keys | default([]) }}'
|
|
env: '{{ app_item.env | default({}) }}'
|
|
with_items: '{{ apps }}'
|
|
loop_control:
|
|
loop_var: app_item
|
|
|
|
- include_role:
|
|
name: nginx-proxy
|
|
private: yes
|
|
vars:
|
|
nginx_proxy_name: '{{ fr_item.name }}'
|
|
nginx_proxy_template: '{{ fr_item.template }}'
|
|
nginx_proxy_params: '{{ fr_item.params | default({}) }}'
|
|
nginx_ssl_type: '{{ fr_item.ssl_type }}'
|
|
nginx_ssl_email: '{{ fr_item.ssl_email }}'
|
|
nginx_ssl_domains: '{{ fr_item.ssl_domains }}'
|
|
with_items: '{{ frontends }}'
|
|
loop_control:
|
|
loop_var: fr_item
|