ipv6 migration

wireguard/wireguard.yaml

@@ -0,0 +1,76 @@
+- name: Update nginx stream configuration
+  hosts: colors
+  become: true
+  become_user: root
+  become_method: sudo
+  vars_files:
+    - vars.yaml
+  tasks:
+  - name: Remove http.d dir before repopulating
+    file:
+      path: /etc/nginx/http.d/
+      state: absent
+  - name: Remove stream.d dir before repopulating
+    file:
+      path: /etc/nginx/stream.d/
+      state: absent
+  - name: Create stream.d dir
+    ansible.builtin.file:
+      path: /etc/nginx/stream.d
+      state: directory
+      mode: '0755'
+  - name: Create http.d dir
+    ansible.builtin.file:
+      path: /etc/nginx/http.d
+      state: directory
+      mode: '0755'
+  - name: Copy nginx.conf
+    template:
+      src: nginx.conf
+      dest: /etc/nginx/nginx.conf
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Copy .htpasswd
+    template:
+      src: ../secrets/.htpasswd
+      dest: /etc/nginx/.htpasswd
+      owner: nginx
+      group: nginx
+      mode: '0600'
+  - name: Copy stream configurations
+    template:
+      src: "{{ item }}"
+      dest: /etc/nginx/stream.d/{{ item | basename }}
+      owner: root
+      group: root
+      mode: '0644'
+    with_fileglob:
+    - stream.d/*
+  - name: Template all http configurations
+    template:
+      src: https.conf
+      dest: /etc/nginx/http.d/{{ item.external.domain }}.conf
+      owner: root
+      group: root
+      mode: '0644'
+    loop: "{{ http }}"
+  - name: Test nginx configuration
+    ansible.builtin.shell: /usr/sbin/nginx -t
+  - name: Stop nginx service
+    ansible.builtin.systemd_service:
+      state: stopped
+      name: nginx
+  - name: Remove old socket files
+    file:
+      path: /var/lib/nginx/tmp/nginx_http.sock
+      state: absent
+  - name: Remove old socket files
+    file:
+      path: /var/lib/nginx/tmp/nginx_https.sock
+      state: absent
+  - name: Reload nginx service
+    ansible.builtin.systemd_service:
+      state: started
+      name: nginx
+      enabled: true