2015-05-24 17:22:57 +00:00
|
|
|
---
|
|
|
|
|
|
|
|
- name: apply common configuration to all nodes
|
|
|
|
hosts: all
|
|
|
|
user: root
|
|
|
|
|
|
|
|
roles:
|
|
|
|
- common
|
2017-01-13 02:43:11 +00:00
|
|
|
|
|
|
|
- name: install PHP-FPM to required nodes
|
|
|
|
hosts: php
|
|
|
|
user: root
|
|
|
|
|
|
|
|
roles:
|
|
|
|
- php
|
2017-01-13 03:00:01 +00:00
|
|
|
|
2017-01-13 22:21:21 +00:00
|
|
|
- name: Generate LE certs on required servers
|
|
|
|
hosts: webservers
|
|
|
|
user: root
|
|
|
|
|
|
|
|
roles:
|
|
|
|
- letsencrypt
|
|
|
|
|
2017-01-13 03:00:01 +00:00
|
|
|
- hosts: webservers
|
|
|
|
|
|
|
|
roles:
|
|
|
|
- role: jdauphant.nginx
|
|
|
|
nginx_user: "www-data"
|
|
|
|
nginx_http_params:
|
|
|
|
- sendfile "on"
|
2017-01-13 03:15:16 +00:00
|
|
|
- server_names_hash_bucket_size 512
|
2017-01-13 03:00:01 +00:00
|
|
|
nginx_configs:
|
|
|
|
gzip:
|
|
|
|
- gzip on
|
|
|
|
- gzip_disable msie6
|
|
|
|
upstream:
|
2017-01-13 03:05:20 +00:00
|
|
|
- upstream php { server unix:/run/php/php7.0-fpm.sock; }
|
2017-01-13 03:00:01 +00:00
|
|
|
ssl:
|
|
|
|
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2
|
|
|
|
- ssl_prefer_server_ciphers on
|