From 01393ae1041335d3ebea78cb7ded1036bc277a29 Mon Sep 17 00:00:00 2001
From: Johannes Christ <jc@jchri.st>
Date: Wed, 16 Feb 2022 21:42:22 +0100
Subject: Add nginx deployment

Includes documented roles for:
- installing nginx & configuring handlers
- installing the mTLS certificate for Cloudflare
- installing firewall rules

They are kept separate for now, for composability.

Closes #22.
---
 roles/nginx-cloudflare-mtls/tasks/main.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)
 create mode 100644 roles/nginx-cloudflare-mtls/tasks/main.yml

(limited to 'roles/nginx-cloudflare-mtls/tasks')

diff --git a/roles/nginx-cloudflare-mtls/tasks/main.yml b/roles/nginx-cloudflare-mtls/tasks/main.yml
new file mode 100644
index 0000000..c10be7b
--- /dev/null
+++ b/roles/nginx-cloudflare-mtls/tasks/main.yml
@@ -0,0 +1,10 @@
+---
+- name: copy the cloudflare mutual TLS certificate
+  copy:
+    src: cloudflare.crt
+    dest: /etc/nginx/certs/cloudflare.crt;
+    owner: root
+    group: root
+    mode: 0444
+  tags:
+    - role::nginx-cloudflare-mtls
-- 
cgit v1.2.3