- hosts: SiteA become: true tasks: - name: Refresh repositories command: 'zypper refresh' ignore_errors: yes - name: Install Nginx zypper: name: nginx state: present force: yes update_cache: yes - name: Create site directories file: path: /var/www/SiteA state: directory mode: '0755' - name: Deploy site content copy: content: | SiteA

SiteA

dest: /var/www/SiteA/index.html - name: Configure Nginx for SiteA copy: content: | server { listen 80; server_name SiteA; location / { root /var/www/SiteA; index index.html; } } dest: /etc/nginx/conf.d/SiteA.conf - name: Restart Nginx service: name: nginx state: restarted - name: Start and enable firewalld service: name: firewalld state: started enabled: true - name: Open port 80 for HTTP ansible.builtin.firewalld: port: 80/tcp permanent: true state: enabled immediate: yes - name: Open port 443 for HTTPS ansible.builtin.firewalld: port: 443/tcp permanent: true state: enabled immediate: yes - name: Reload firewalld to apply changes ansible.builtin.service: name: firewalld state: reloaded - hosts: SiteB become: true tasks: - name: Refresh repositories command: 'zypper refresh' ignore_errors: yes - name: Install Nginx zypper: name: nginx state: present force: yes update_cache: yes - name: Create site directories file: path: /var/www/SiteB state: directory mode: '0755' - name: Deploy site content copy: content: | SiteB

SiteB

dest: /var/www/SiteB/index.html - name: Configure Nginx for SiteB copy: content: | server { listen 80; server_name SiteB; location / { root /var/www/SiteB; index index.html; } } dest: /etc/nginx/conf.d/SiteB.conf - name: Restart Nginx service: name: nginx state: restarted - name: Start and enable firewalld service: name: firewalld state: started enabled: true - name: Open port 80 for HTTP ansible.builtin.firewalld: port: 80/tcp permanent: true state: enabled immediate: yes - name: Open port 443 for HTTPS ansible.builtin.firewalld: port: 443/tcp permanent: true state: enabled immediate: yes - name: Reload firewalld to apply changes ansible.builtin.service: name: firewalld state: reloaded - hosts: proxy become: true tasks: - name: Refresh repositories command: 'zypper refresh' ignore_errors: yes - name: Install Nginx zypper: name: nginx state: present force: yes update_cache: yes - name: Configure Nginx as proxy copy: content: | upstream backend_servers { server 192.168.0.61:80; server 192.168.0.62:80; } server { listen 80; location / { proxy_pass http://backend_servers; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } dest: /etc/nginx/conf.d/proxy.conf - name: Restart Nginx service: name: nginx state: restarted - name: Start and enable firewalld service: name: firewalld state: started enabled: true - name: Open port 80 for HTTP ansible.builtin.firewalld: port: 80/tcp permanent: true state: enabled immediate: yes - name: Open port 443 for HTTPS ansible.builtin.firewalld: port: 443/tcp permanent: true state: enabled immediate: yes - name: Reload firewalld to apply changes ansible.builtin.service: name: firewalld state: reloaded