infra/roles/discourse/tasks/main.yml

---

- name: Clone the Official Discourse Docker Image
  git:
    repo: https://github.com/discourse/discourse_docker.git
    dest: /var/discourse

- name: Setup nginx
  include_role: name=nginx
  vars:
    nginx_domain: "{{ discourse_domain }}"
    nginx_certificates: ["{{ discourse_domain }}"]
    nginx_conf: |
      server
      {
          listen 80;
          server_name {{ discourse_domain }};
          access_log /var/log/nginx/{{ discourse_domain }}-access.log;
          error_log /var/log/nginx/{{ discourse_domain }}-error.log;
          return 301 https://$host$request_uri;
      }

      server
      {
          listen 443 ssl;
          server_name {{ discourse_domain }};
          access_log /var/log/nginx/{{ discourse_domain }}-access.log;
          error_log /var/log/nginx/{{ discourse_domain }}-error.log;
          include snippets/letsencrypt-{{ discourse_domain }}.conf;
          location / {
              proxy_pass http://unix:/var/discourse/shared/standalone/nginx.http.sock:;
              proxy_set_header Host $http_host;
              proxy_http_version 1.1;
              proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
              proxy_set_header X-Forwarded-Proto https;
              proxy_set_header X-Real-IP $remote_addr;
          }
      }      

- name: Setup discourse
  template:
    src: app.yml
    dest: /var/discourse/containers/app.yml

- name: Allow docker to send emails via exim
  lineinfile:
    path: /etc/exim4/update-exim4.conf.conf
    regexp: ^dc_local_interfaces=
    line: "dc_local_interfaces='127.0.0.1;172.17.0.1'"

- name: Allow docker to send emails via exim
  lineinfile:
    path: /etc/exim4/update-exim4.conf.conf
    regexp: ^dc_relay_nets=
    line: "dc_relay_nets='172.16.0.0/12'"