configpolicy/websites.yml

- hosts: public-web
  vars:
    apache_default_ssl_vhost: false
  roles:
  - apache
  - role: cert
    vars:
      cert_src: websites/pyrocufflink.net.cer
      cert_dest: /etc/pki/tls/certs/pyrocufflink.net.cer
      cert_key_src: websites/pyrocufflink.net.key
      cert_key_dest: /etc/pki/tls/private/pyrocufflink.net.key
    tags:
    - websites/pyrocufflink.net
    - websites/proxy
    - websites/proxy-bitwarden
    - websites/proxy-gitea
    - websites/proxy-jenkins
    - websites/proxy-nextcloud
    - websites/proxy-openvpn
  - role: websites/pyrocufflink.net
    tags: websites/pyrocufflink.net
  - role: websites/dustin.hatch.name
    tags: websites/dustin.hatch.name
  - role: websites/ebonfire.com
    tags: websites/ebonfire.com
  - role: websites/nratonpass.com
    tags: websites/nratonpass.com
  - role: cert
    cert_src: websites/darkchestofwonders.us.cer
    cert_dest: /etc/pki/tls/certs/darkchestofwonders.us.cer
    cert_key_src: websites/darkchestofwonders.us.key
    cert_key_dest: /etc/pki/tls/private/darkchestofwonders.us.key
  - role: websites/darkchestofwonders.us
    tags: websites/darkchestofwonders.us
  - role: cert
    cert_src: websites/chmod777.sh.cer
    cert_dest: /etc/pki/tls/certs/chmod777.sh.cer
    cert_key_src: websites/chmod777.sh.key
    cert_key_dest: /etc/pki/tls/private/chmod777.sh.key
    tags: websites/chmod777.sh
  - role: websites/chmod777.sh
    tags: websites/chmod777.sh
  - role: websites/proxy-bitwarden
    tags:
    - websites/proxy
    - websites/proxy-bitwarden
  - role: websites/proxy-gitea
    tags:
    - websites/proxy
    - websites/proxy-gitea
  - role: websites/proxy-jenkins
    tags:
    - websites/proxy
    - websites/proxy-jenkins
  - role: websites/proxy-nextcloud
    tags:
    - websites/proxy
    - websites/proxy-nextcloud
  - role: websites/proxy-openvpn
    tags:
    - websites/proxy
    - websites/proxy-openvpn
  tasks:
  - name: ensure httpd service is running
    service:
      name=httpd
      state=started