41 lines
729 B
YAML
41 lines
729 B
YAML
---
|
|
|
|
- name: apply common configuration to all nodes
|
|
hosts: all
|
|
user: root
|
|
|
|
roles:
|
|
- common
|
|
|
|
- name: install PHP-FPM to required nodes
|
|
hosts: php
|
|
user: root
|
|
|
|
roles:
|
|
- php
|
|
|
|
- name: Generate LE certs on required servers
|
|
hosts: webservers
|
|
user: root
|
|
|
|
roles:
|
|
- letsencrypt
|
|
|
|
- hosts: webservers
|
|
|
|
roles:
|
|
- role: jdauphant.nginx
|
|
nginx_user: "www-data"
|
|
nginx_http_params:
|
|
- sendfile "on"
|
|
- server_names_hash_bucket_size 512
|
|
nginx_configs:
|
|
gzip:
|
|
- gzip on
|
|
- gzip_disable msie6
|
|
upstream:
|
|
- upstream php { server unix:/run/php/php7.0-fpm.sock; }
|
|
ssl:
|
|
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2
|
|
- ssl_prefer_server_ciphers on
|