applications/myimmich
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
myimmich/immich-ansible/roles/nginx/tasks/config.yml
Rypeur33 9281354f2e readytouse
2026-06-05 14:53:29 +02:00

63 lines
2.1 KiB
YAML
Raw Permalink Blame History

---
- name: Vérifier les variables obligatoires du rôle Nginx Immich
ansible.builtin.assert:
that:
- immich_domain is defined
- immich_domain | length > 0
- immich_host_http_port is defined
- immich_host_http_port | string | length > 0
- letsencrypt_email is defined
- letsencrypt_email | length > 0
fail_msg: >-
Variables obligatoires manquantes pour le rôle nginx :
immich_domain, immich_host_http_port, letsencrypt_email.
- name: Définir le nom du fichier de site Nginx Immich
ansible.builtin.set_fact:
immich_nginx_site_filename_resolved: "{{ immich_nginx_site_filename | default(immich_domain ~ '.conf') }}"
- name: Supprimer le site Nginx par défaut si présent
ansible.builtin.file:
path: /etc/nginx/sites-enabled/default
state: absent
notify: reload nginx
- name: Déployer la configuration HTTP temporaire Immich
ansible.builtin.template:
src: immich.http-only.conf.j2
dest: "/etc/nginx/sites-available/{{ immich_nginx_site_filename_resolved }}"
owner: root
group: root
mode: "0644"
notify: reload nginx
- name: Activer le site Nginx Immich
ansible.builtin.file:
src: "/etc/nginx/sites-available/{{ immich_nginx_site_filename_resolved }}"
dest: "/etc/nginx/sites-enabled/{{ immich_nginx_site_filename_resolved }}"
state: link
force: true
notify: reload nginx
- name: Appliquer la configuration HTTP temporaire
ansible.builtin.meta: flush_handlers
- name: Obtenir le certificat Let's Encrypt pour Immich
ansible.builtin.command: >-
certbot certonly --non-interactive --agree-tos
--email {{ letsencrypt_email }}
--nginx -d {{ immich_domain }}
args:
creates: "/etc/letsencrypt/live/{{ immich_domain }}/fullchain.pem"
- name: Déployer la configuration HTTPS finale Immich
ansible.builtin.template:
src: immich.https.conf.j2
dest: "/etc/nginx/sites-available/{{ immich_nginx_site_filename_resolved }}"
owner: root
group: root
mode: "0644"
notify: reload nginx
- name: Appliquer la configuration HTTPS finale
ansible.builtin.meta: flush_handlers
Reference in a new issue View git blame Copy permalink