Wiki: Fix oauth, create role from playbook
This commit is contained in:
parent
73db1dd077
commit
804becdd31
9 changed files with 115 additions and 46 deletions
|
@ -57,6 +57,11 @@
|
|||
roles:
|
||||
- zigbee2mqtt
|
||||
|
||||
- name: Ensure Dokuwiki config
|
||||
hosts: wiki
|
||||
roles:
|
||||
- dokuwiki
|
||||
|
||||
- name: Ensure certificate deployment on cert_hosts
|
||||
hosts: cert_hosts
|
||||
roles:
|
||||
|
@ -81,6 +86,3 @@
|
|||
hosts: nginx_hosts:!public_reverse_proxy_hosts
|
||||
roles:
|
||||
- nginx
|
||||
|
||||
- name: dokuwiki_specific_tasks
|
||||
ansible.builtin.import_playbook: dokuwiki_specific_tasks.yaml
|
||||
|
|
|
@ -1,35 +0,0 @@
|
|||
---
|
||||
- name: dokuwiki on wiki.z9 specific tasks
|
||||
hosts: wiki
|
||||
tasks:
|
||||
# TODO: make this a role
|
||||
- name: Install php-fpm
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- php-fpm
|
||||
- php-xml
|
||||
- php-mbstring
|
||||
- php-zip
|
||||
- php-intl
|
||||
- php-gd
|
||||
diff: false
|
||||
- name: Make sure php-fpm is enabled
|
||||
ansible.builtin.systemd:
|
||||
service: php7.4-fpm.service
|
||||
enabled: true
|
||||
|
||||
# place dokuwiki zip into /var/www/dokuwiki manually!
|
||||
- name: Create www dir
|
||||
become: true
|
||||
ansible.builtin.file:
|
||||
path: /var/www
|
||||
state: directory
|
||||
owner: nginx
|
||||
group: nginx
|
||||
mode: "0755"
|
||||
- name: Custom php-fpm config
|
||||
become: true
|
||||
ansible.builtin.copy:
|
||||
src: configs/wiki/php-fpm-dokuwiki.conf
|
||||
dest: /etc/php/7.4/fpm/pool.d/dokuwiki.conf
|
||||
mode: "0755"
|
|
@ -22,8 +22,8 @@ server {
|
|||
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
|
||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||
|
||||
# Maximum file upload size is 4MB - change accordingly if needed
|
||||
client_max_body_size 4M;
|
||||
# Maximum file upload size is 20MB - change accordingly if needed
|
||||
client_max_body_size 20M;
|
||||
client_body_buffer_size 128k;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
|
|
49
playbooks/roles/dokuwiki/README.md
Normal file
49
playbooks/roles/dokuwiki/README.md
Normal file
|
@ -0,0 +1,49 @@
|
|||
# Role `dokuwiki`
|
||||
|
||||
Makes sure that all required packages for a [DokuWiki](https://www.dokuwiki.org/dokuwiki) powered by php-fpm are installed.
|
||||
|
||||
The DokuWiki tarball has to be unpacked to `/var/www/dokuwiki` (see variable below) manually afterwards.
|
||||
Please download it from https://download.dokuwiki.org.
|
||||
|
||||
## Supported Distributions
|
||||
|
||||
The following distributions are supported:
|
||||
|
||||
- Debian 11
|
||||
|
||||
## Required Arguments
|
||||
|
||||
None.
|
||||
|
||||
## Optional Argument
|
||||
|
||||
- `dokuwiki__installpath`: Where your DokiWiki lives, default `/var/www/dokuwiki`
|
||||
- `dokuwiki__php_version`: Your PHP version, default `7.4`
|
||||
- `dokuwiki__php_user`: User of your php-fpm process, default `www-data`
|
||||
- `dokuwiki__nginx_user`: User of your nginx process, default `nginx`
|
||||
|
||||
## nginx Configuration
|
||||
|
||||
This role does not configure your nginx server.
|
||||
Please take a look at https://www.dokuwiki.org/install:nginx for a starting point.
|
||||
|
||||
This role expects to work with our `nginx` role, which installs nginx from nginx's repo instead of Debian's package.
|
||||
This means, that nginx will not run as the `www-data`, which is used by php-fpm.
|
||||
|
||||
So your `server` directive in the nginx configuration needs to use:
|
||||
```conf
|
||||
root /var/www/dokuwiki;
|
||||
|
||||
[...]
|
||||
|
||||
location ~ \.php$ {
|
||||
[...]
|
||||
fastcgi_pass unix:/var/run/php/php-fpm-dokuwiki.sock;
|
||||
}
|
||||
```
|
||||
|
||||
|
||||
## Updates
|
||||
|
||||
This role doesn't handle updates.
|
||||
Please use the updater from Dokuwiki's admin interface to install updates.
|
5
playbooks/roles/dokuwiki/defaults/main.yml
Normal file
5
playbooks/roles/dokuwiki/defaults/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
dokuwiki__installpath: "/var/www/dokuwiki"
|
||||
dokuwiki__php_version: "7.4"
|
||||
dokuwiki__php_user: "www-data"
|
||||
dokuwiki__nginx_user: "nginx"
|
5
playbooks/roles/dokuwiki/handlers/main.yml
Normal file
5
playbooks/roles/dokuwiki/handlers/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
|||
- name: Restart php-fpm
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
name: "php{{ dokuwiki__php_version }}-fpm.service"
|
||||
state: restarted
|
8
playbooks/roles/dokuwiki/meta/main.yml
Normal file
8
playbooks/roles/dokuwiki/meta/main.yml
Normal file
|
@ -0,0 +1,8 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: distribution_check
|
||||
vars:
|
||||
distribution_check__distribution_support_spec:
|
||||
- name: Debian
|
||||
versions:
|
||||
- 11
|
35
playbooks/roles/dokuwiki/tasks/main.yml
Normal file
35
playbooks/roles/dokuwiki/tasks/main.yml
Normal file
|
@ -0,0 +1,35 @@
|
|||
- name: Install php-fpm
|
||||
become: true
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- php-fpm
|
||||
- php-xml
|
||||
- php-mbstring
|
||||
- php-zip
|
||||
- php-intl
|
||||
- php-gd
|
||||
- php-sqlite3
|
||||
diff: false
|
||||
|
||||
- name: Ensure `php-fpm` is enabled
|
||||
become: true
|
||||
ansible.builtin.systemd:
|
||||
service: "php{{ dokuwiki__php_version }}-fpm.service"
|
||||
enabled: true
|
||||
|
||||
- name: Create custom php-fpm pool
|
||||
become: true
|
||||
ansible.builtin.template:
|
||||
src: "{{ role_path }}/templates/php-fpm-dokuwiki.conf"
|
||||
dest: "/etc/php/{{ dokuwiki__php_version }}/fpm/pool.d/dokuwiki.conf"
|
||||
mode: "0755"
|
||||
notify: Restart php-fpm
|
||||
|
||||
- name: Create `/var/www` directory
|
||||
become: true
|
||||
ansible.builtin.file:
|
||||
path: /var/www
|
||||
state: directory
|
||||
owner: "{{ dokuwiki__nginx_user }}"
|
||||
group: "{{ dokuwiki__nginx_user }}"
|
||||
mode: "0755"
|
|
@ -1,15 +1,15 @@
|
|||
[dokuwiki]
|
||||
user = www-data
|
||||
group = www-data
|
||||
user = {{ dokuwiki__php_user }}
|
||||
group = {{ dokuwiki__php_user }}
|
||||
listen = /var/run/php/php-fpm-dokuwiki.sock
|
||||
listen.owner = nginx
|
||||
listen.group = nginx
|
||||
listen.owner = {{ dokuwiki__nginx_user }}
|
||||
listen.group = {{ dokuwiki__nginx_user }}
|
||||
php_admin_value[disable_functions] = exec,passthru,shell_exec,system
|
||||
php_admin_flag[allow_url_fopen] = off
|
||||
php_admin_flag[allow_url_fopen] = on
|
||||
; Choose how the process manager will control the number of child processes.
|
||||
pm = dynamic
|
||||
pm.max_children = 75
|
||||
pm.start_servers = 10
|
||||
pm.min_spare_servers = 5
|
||||
pm.max_spare_servers = 20
|
||||
pm.process_idle_timeout = 10s
|
||||
pm.process_idle_timeout = 10s
|
Loading…
Reference in a new issue