kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-01-22 15:08:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
computer-playbook/roles/nginx-docker-cert-deploy/README.md

3.0 KiB
Raw Blame History

Nginx Docker Cert Deploy Role

🎉 Author: Kevin Veen-Birkenbach (veen.world)

This Ansible role simplifies the deployment of Let's Encrypt certificates into Docker Compose setups with Nginx. It ensures that certificates are copied, directories are created, and Nginx services are reloaded or restarted as needed.

🚀 Features

  • Copies Let's Encrypt certificates to the target directory.
  • Automatically reloads or restarts Nginx services in all Docker Compose containers.
  • Configures and manages a systemd service for automated deployment.
  • Supports periodic execution via a systemd timer.
  • Handles dependent services like systemd-notifier.

🔧 Variables

The following variables can be customized:

Variable Description Default Value
cert_mount_directory Target directory to mount certificates. {{docker_compose_instance_directory}}/certs/
nginx_docker_cert_deploy_script Path to the deployment script. {{path_administrator_scripts}}nginx-docker-cert-deploy.sh
docker_compose_project_name Name of the Docker Compose project. None (must be defined in playbook)
on_calendar_deploy_certificates systemd timer schedule for certificate updates. None (must be defined in playbook)

📋 Tasks Overview

Main Tasks

  1. Add Deployment Script: Copies the nginx-docker-cert-deploy.sh script to the administrator scripts directory.

  2. Create Certificate Directory: Ensures the cert_mount_directory exists with proper permissions.

  3. Configure Systemd Service: Deploys a systemd service file for the deployment process.

  4. Include systemd-timer Role: Schedules automatic deployment tasks using a systemd timer.

Handlers

  • Restart Service: Restarts the nginx-docker-cert-deploy service when configuration changes.

📂 File Structure

roles/
  nginx-docker-cert-deploy/
    vars/
      main.yml
    handlers/
      main.yml
    files/
      nginx-docker-cert-deploy.sh
    tasks/
      main.yml
    templates/
      nginx-docker-cert-deploy.service.j2
    meta/
      main.yml

📖 Usage Example

Here's an example of how to use this role in your playbook:

- name: Deploy Let's Encrypt certificates to Docker Compose
  hosts: all
  roles:
    - role: nginx-docker-cert-deploy
      vars:
        domain: "example.com"
        docker_compose_instance_directory: "/home/administrator/docker-compose/nginx"
        docker_compose_project_name: "nginx"
        on_calendar_deploy_certificates: "daily"

🛠️ Dependencies

This role depends on:

  • systemd-notifier: Notifies about failures in the systemd service.

Feel free to contribute, report issues, or suggest improvements! 😊