Introduction to Ansible Transcripts
Lecture: Enhancing Our Playbook and Let's Encrypt
0:00 We need to improve our Ansible playbook and get our domain set up cause right now if we try to go to ansibledeploymentexample.com
0:08 nothing happens and that's to be expected. Cause there is no application currently running and engine.exe is not configured
0:14 to handle responding to this domain name. Let's start modifying our Ansible playbook. You can either take the playbook
0:20 that you've been working with so far or if you go into the book and video code examples repository, intro Ansible
0:28 you can copy configuring servers chapter as a starting point for what we're going to work on in this chapter. Let's actually copy Configuring Servers
0:38 to a new folder name, named flask-deploy because we're going to deploy an example flask application. Move in to the flask-deploy directory
0:48 this will be our starting point for chapter seven. I still have all our variables and roles from the
0:53 previous chapter, let's start off by going under web server. First thing we're going to want to do is make sure
1:01 that we have the Let's Encrypt package installed. You can copy the same lines that we had for entering Nginx installed
1:13 and use the Let's Encrypt package. We'll also want to create a directory for Let's Encrypt. Use the file module for this and with the file module
1:28 we can say state is equal to a directory. Alright, let's run this as our first modification to our playbook.
1:38 Now one step you may or may not have to take if you are working with your existing playbook you'll have your public and private keys already in there.
1:44 If you don't, and you just copied the directory out of the Git repository, you will need to either create public/private keys
1:51 or use the ones that you are already working with. We're going to copy public/private keys from our server config directory used last chapter.
2:03 Now we'll be able to kick off our playbook and it'll use the private key to log into our servers. Okay, so the issue here is that
2:11 we have permission denied, we did not use become:yes in our playbook, let's modify that task for create Let's Encrypt directory
2:25 so that we are using our superuser privileges just as we did with the other tasks. Okay so now we should have the Let's Encrypt package
2:40 installed on our web server only. We can go ahead, upgrading our web server configuration to HTTPS.