From 1bc80fa9ea87975b3dc1935da4dc1e17fe0cfacf Mon Sep 17 00:00:00 2001 From: nd <git@notandy.de> Date: Fri, 8 Mar 2024 13:50:45 +0100 Subject: [PATCH] Move certificate generation to after the nginx package is installed This prevents a problem where the certificate role tries to restart a not yet installed nginx --- tasks/main.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 043be4c..0c06b23 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -5,18 +5,6 @@ inventory_certs: "{{ certificates.certs|d({}) | dict2items | selectattr ('key', 'regex', '^nginx_') | items2dict }}" selfsigned_cert: "{ '{{ inventory_hostname }}': { 'backend': 'selfsigned' }}" -- name: generate certificates for vhosts - include_role: - name: certificates - vars: - certificates: - certs: "{{ {}|combine( (selfsigned_cert|from_yaml if nginx.snakeoil_default else {}), nginx_certs, inventory_certs, recursive=True) }}" - -- name: debug nginx dict - debug: - verbosity: 1 - var: nginx - - name: install nginx apt: pkg: @@ -31,6 +19,18 @@ - delete nginx index.nginx-debian.html - restart nginx +- name: generate certificates for vhosts + include_role: + name: certificates + vars: + certificates: + certs: "{{ {}|combine( (selfsigned_cert|from_yaml if nginx.snakeoil_default else {}), nginx_certs, inventory_certs, recursive=True) }}" + +- name: debug nginx dict + debug: + verbosity: 1 + var: nginx + - name: copy configs copy: src: config/ -- GitLab