--- - name: enable nginx modules ansible.builtin.file: path: "/etc/nginx/modules-enabled/50-mod-{{ item }}.conf" state: link src: "/usr/share/nginx/modules-available/mod-{{ item }}.conf" owner: root group: root loop: "{{ nginx_modules }}" notify: restart nginx - ansible.builtin.meta: flush_handlers - name: check for tls keypair existence ansible.builtin.stat: path: "{{ item }}" follow: yes loop: | {%- set files = [] -%} {%- for name, site in nginx_sites.items() -%} {%- if site.https_enabled | default(nginx_vhost_https_enabled) -%} {%- set _x = files.append(site.tls_certfile | default(nginx_tls_certfile)) -%} {%- set _x = files.append(site.tls_keyfile | default(nginx_tls_keyfile)) -%} {%- endif -%} {%- endfor -%} {{- files | unique | list -}} register: nginx_register_stat_tls_keypairs - name: create nginx document roots ansible.builtin.file: path: "{{ item.documentroot | default(nginx_vhost_documentroot) }}" state: directory owner: www-data group: www-data mode: 0755 loop: "{{ nginx_sites.values() }}" - name: render nginx site configs ansible.builtin.template: src: etc/nginx/sites-available/site.conf.j2 dest: "/etc/nginx/sites-available/{{ item.key }}.conf" owner: root group: root mode: 0644 vars: name: "{{ item.key }}" site: "{{ item.value }}" certfile_exists: "{{ (nginx_register_stat_tls_keypairs.results | selectattr('item', 'equalto', (item.value.tls_certfile | default(nginx_tls_certfile)) ))[0].stat.exists }}" keyfile_exists: "{{ (nginx_register_stat_tls_keypairs.results | selectattr('item', 'equalto', (item.value.tls_certfile | default(nginx_tls_keyfile)) ))[0].stat.exists }}" loop: "{{ nginx_sites | dict2items }}" notify: reload nginx - name: enable nginx sites ansible.builtin.file: path: "/etc/nginx/sites-enabled/{{ item }}.conf" state: link src: "/etc/nginx/sites-available/{{ item }}.conf" owner: root group: root loop: "{{ nginx_sites.keys() }}" notify: reload nginx