Add nginx deployment

Includes documented roles for: - installing nginx & configuring handlers - installing the mTLS certificate for Cloudflare - installing firewall rules They are kept separate for now, for composability. Closes #22.
author: Johannes Christ <[email protected]> 2022-02-16 21:42:22 +0100
committer: Johannes Christ <[email protected]> 2022-02-20 16:37:46 +0100
commit: 01393ae1041335d3ebea78cb7ded1036bc277a29 (patch)
tree: 6bc04409197212412efc30eaa3709eea1e206f39 /roles/nginx-cloudflare-mtls/README.md
parent: Delete projects_automation.yml (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/roles/nginx-cloudflare-mtls/README.md b/roles/nginx-cloudflare-mtls/README.md
new file mode 100644
index 0000000..8d766ae
--- /dev/null
+++ b/roles/nginx-cloudflare-mtls/README.md
@@ -0,0 +1,19 @@
+# Role "nginx-cloudflare-mtls"
+
+Installs the certificate required for performing mutual TLS authentication
+between NGINX and Cloudflare.
+
+To use mutual TLS in your NGINX virtual hosts, add this configuration snippet:
+
+```nginx
+ssl_client_certificate {{ nginx_cloudflare_mtls_certificate_path }};
+ssl_verify_client on;
+```
+
+
+## Variables
+
+See [role defaults](./defaults/main.yml) for an annotated overview.
+
+
+<!-- vim: set textwidth=80 ts=2 ts=2: -->
author	Johannes Christ <[email protected]>	2022-02-16 21:42:22 +0100
committer	Johannes Christ <[email protected]>	2022-02-20 16:37:46 +0100
commit	01393ae1041335d3ebea78cb7ded1036bc277a29 (patch)
tree	6bc04409197212412efc30eaa3709eea1e206f39 /roles/nginx-cloudflare-mtls/README.md
parent	Delete projects_automation.yml (diff)