INSIGHT-MVP/repos/INSIGHT-Infra/ansible/roles/nginx/tasks/main.yml

---
# Role: nginx
# Installiert und konfiguriert Nginx als Reverse Proxy auf WEB01
# Stellt das React-Frontend bereit und proxied auf APS01

- name: "Nginx installieren"
  apt:
    name:
      - nginx
      - certbot
      - python3-certbot-nginx
    state: present
    update_cache: true

- name: "Nginx Default-Site deaktivieren"
  file:
    path: /etc/nginx/sites-enabled/default
    state: absent
  notify: reload nginx

- name: "Nginx Konfiguration (Haupt)"
  template:
    src: nginx.conf.j2
    dest: /etc/nginx/nginx.conf
    mode: '0644'
    validate: 'nginx -t -c %s'
  notify: reload nginx

- name: "INSIGHT Site Konfiguration"
  template:
    src: insight.conf.j2
    dest: /etc/nginx/sites-available/insight
    mode: '0644'
  notify: reload nginx

- name: "INSIGHT Site aktivieren"
  file:
    src: /etc/nginx/sites-available/insight
    dest: /etc/nginx/sites-enabled/insight
    state: link
  notify: reload nginx

- name: "Web-Root Verzeichnis anlegen"
  file:
    path: "{{ nginx_webroot | default('/var/www/insight') }}"
    state: directory
    owner: www-data
    group: www-data
    mode: '0755'

- name: "Nginx Service aktivieren und starten"
  service:
    name: nginx
    state: started
    enabled: true

- name: "Nginx Version prüfen"
  command: nginx -v
  register: nginx_version
  changed_when: false

- name: "Nginx Version ausgeben"
  debug:
    msg: "{{ nginx_version.stderr }}"