Wiki: Fix oauth, create role from playbook
This commit is contained in:
parent
73db1dd077
commit
804becdd31
|
@ -57,6 +57,11 @@
|
||||||
roles:
|
roles:
|
||||||
- zigbee2mqtt
|
- zigbee2mqtt
|
||||||
|
|
||||||
|
- name: Ensure Dokuwiki config
|
||||||
|
hosts: wiki
|
||||||
|
roles:
|
||||||
|
- dokuwiki
|
||||||
|
|
||||||
- name: Ensure certificate deployment on cert_hosts
|
- name: Ensure certificate deployment on cert_hosts
|
||||||
hosts: cert_hosts
|
hosts: cert_hosts
|
||||||
roles:
|
roles:
|
||||||
|
@ -81,6 +86,3 @@
|
||||||
hosts: nginx_hosts:!public_reverse_proxy_hosts
|
hosts: nginx_hosts:!public_reverse_proxy_hosts
|
||||||
roles:
|
roles:
|
||||||
- nginx
|
- nginx
|
||||||
|
|
||||||
- name: dokuwiki_specific_tasks
|
|
||||||
ansible.builtin.import_playbook: dokuwiki_specific_tasks.yaml
|
|
||||||
|
|
|
@ -1,35 +0,0 @@
|
||||||
---
|
|
||||||
- name: dokuwiki on wiki.z9 specific tasks
|
|
||||||
hosts: wiki
|
|
||||||
tasks:
|
|
||||||
# TODO: make this a role
|
|
||||||
- name: Install php-fpm
|
|
||||||
ansible.builtin.apt:
|
|
||||||
name:
|
|
||||||
- php-fpm
|
|
||||||
- php-xml
|
|
||||||
- php-mbstring
|
|
||||||
- php-zip
|
|
||||||
- php-intl
|
|
||||||
- php-gd
|
|
||||||
diff: false
|
|
||||||
- name: Make sure php-fpm is enabled
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
service: php7.4-fpm.service
|
|
||||||
enabled: true
|
|
||||||
|
|
||||||
# place dokuwiki zip into /var/www/dokuwiki manually!
|
|
||||||
- name: Create www dir
|
|
||||||
become: true
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: /var/www
|
|
||||||
state: directory
|
|
||||||
owner: nginx
|
|
||||||
group: nginx
|
|
||||||
mode: "0755"
|
|
||||||
- name: Custom php-fpm config
|
|
||||||
become: true
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: configs/wiki/php-fpm-dokuwiki.conf
|
|
||||||
dest: /etc/php/7.4/fpm/pool.d/dokuwiki.conf
|
|
||||||
mode: "0755"
|
|
|
@ -22,8 +22,8 @@ server {
|
||||||
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
|
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
|
||||||
add_header Strict-Transport-Security "max-age=63072000" always;
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||||
|
|
||||||
# Maximum file upload size is 4MB - change accordingly if needed
|
# Maximum file upload size is 20MB - change accordingly if needed
|
||||||
client_max_body_size 4M;
|
client_max_body_size 20M;
|
||||||
client_body_buffer_size 128k;
|
client_body_buffer_size 128k;
|
||||||
|
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
|
|
49
playbooks/roles/dokuwiki/README.md
Normal file
49
playbooks/roles/dokuwiki/README.md
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
# Role `dokuwiki`
|
||||||
|
|
||||||
|
Makes sure that all required packages for a [DokuWiki](https://www.dokuwiki.org/dokuwiki) powered by php-fpm are installed.
|
||||||
|
|
||||||
|
The DokuWiki tarball has to be unpacked to `/var/www/dokuwiki` (see variable below) manually afterwards.
|
||||||
|
Please download it from https://download.dokuwiki.org.
|
||||||
|
|
||||||
|
## Supported Distributions
|
||||||
|
|
||||||
|
The following distributions are supported:
|
||||||
|
|
||||||
|
- Debian 11
|
||||||
|
|
||||||
|
## Required Arguments
|
||||||
|
|
||||||
|
None.
|
||||||
|
|
||||||
|
## Optional Argument
|
||||||
|
|
||||||
|
- `dokuwiki__installpath`: Where your DokiWiki lives, default `/var/www/dokuwiki`
|
||||||
|
- `dokuwiki__php_version`: Your PHP version, default `7.4`
|
||||||
|
- `dokuwiki__php_user`: User of your php-fpm process, default `www-data`
|
||||||
|
- `dokuwiki__nginx_user`: User of your nginx process, default `nginx`
|
||||||
|
|
||||||
|
## nginx Configuration
|
||||||
|
|
||||||
|
This role does not configure your nginx server.
|
||||||
|
Please take a look at https://www.dokuwiki.org/install:nginx for a starting point.
|
||||||
|
|
||||||
|
This role expects to work with our `nginx` role, which installs nginx from nginx's repo instead of Debian's package.
|
||||||
|
This means, that nginx will not run as the `www-data`, which is used by php-fpm.
|
||||||
|
|
||||||
|
So your `server` directive in the nginx configuration needs to use:
|
||||||
|
```conf
|
||||||
|
root /var/www/dokuwiki;
|
||||||
|
|
||||||
|
[...]
|
||||||
|
|
||||||
|
location ~ \.php$ {
|
||||||
|
[...]
|
||||||
|
fastcgi_pass unix:/var/run/php/php-fpm-dokuwiki.sock;
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
## Updates
|
||||||
|
|
||||||
|
This role doesn't handle updates.
|
||||||
|
Please use the updater from Dokuwiki's admin interface to install updates.
|
5
playbooks/roles/dokuwiki/defaults/main.yml
Normal file
5
playbooks/roles/dokuwiki/defaults/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
---
|
||||||
|
dokuwiki__installpath: "/var/www/dokuwiki"
|
||||||
|
dokuwiki__php_version: "7.4"
|
||||||
|
dokuwiki__php_user: "www-data"
|
||||||
|
dokuwiki__nginx_user: "nginx"
|
5
playbooks/roles/dokuwiki/handlers/main.yml
Normal file
5
playbooks/roles/dokuwiki/handlers/main.yml
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
- name: Restart php-fpm
|
||||||
|
become: true
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: "php{{ dokuwiki__php_version }}-fpm.service"
|
||||||
|
state: restarted
|
8
playbooks/roles/dokuwiki/meta/main.yml
Normal file
8
playbooks/roles/dokuwiki/meta/main.yml
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
---
|
||||||
|
dependencies:
|
||||||
|
- role: distribution_check
|
||||||
|
vars:
|
||||||
|
distribution_check__distribution_support_spec:
|
||||||
|
- name: Debian
|
||||||
|
versions:
|
||||||
|
- 11
|
35
playbooks/roles/dokuwiki/tasks/main.yml
Normal file
35
playbooks/roles/dokuwiki/tasks/main.yml
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
- name: Install php-fpm
|
||||||
|
become: true
|
||||||
|
ansible.builtin.apt:
|
||||||
|
name:
|
||||||
|
- php-fpm
|
||||||
|
- php-xml
|
||||||
|
- php-mbstring
|
||||||
|
- php-zip
|
||||||
|
- php-intl
|
||||||
|
- php-gd
|
||||||
|
- php-sqlite3
|
||||||
|
diff: false
|
||||||
|
|
||||||
|
- name: Ensure `php-fpm` is enabled
|
||||||
|
become: true
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
service: "php{{ dokuwiki__php_version }}-fpm.service"
|
||||||
|
enabled: true
|
||||||
|
|
||||||
|
- name: Create custom php-fpm pool
|
||||||
|
become: true
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: "{{ role_path }}/templates/php-fpm-dokuwiki.conf"
|
||||||
|
dest: "/etc/php/{{ dokuwiki__php_version }}/fpm/pool.d/dokuwiki.conf"
|
||||||
|
mode: "0755"
|
||||||
|
notify: Restart php-fpm
|
||||||
|
|
||||||
|
- name: Create `/var/www` directory
|
||||||
|
become: true
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: /var/www
|
||||||
|
state: directory
|
||||||
|
owner: "{{ dokuwiki__nginx_user }}"
|
||||||
|
group: "{{ dokuwiki__nginx_user }}"
|
||||||
|
mode: "0755"
|
|
@ -1,15 +1,15 @@
|
||||||
[dokuwiki]
|
[dokuwiki]
|
||||||
user = www-data
|
user = {{ dokuwiki__php_user }}
|
||||||
group = www-data
|
group = {{ dokuwiki__php_user }}
|
||||||
listen = /var/run/php/php-fpm-dokuwiki.sock
|
listen = /var/run/php/php-fpm-dokuwiki.sock
|
||||||
listen.owner = nginx
|
listen.owner = {{ dokuwiki__nginx_user }}
|
||||||
listen.group = nginx
|
listen.group = {{ dokuwiki__nginx_user }}
|
||||||
php_admin_value[disable_functions] = exec,passthru,shell_exec,system
|
php_admin_value[disable_functions] = exec,passthru,shell_exec,system
|
||||||
php_admin_flag[allow_url_fopen] = off
|
php_admin_flag[allow_url_fopen] = on
|
||||||
; Choose how the process manager will control the number of child processes.
|
; Choose how the process manager will control the number of child processes.
|
||||||
pm = dynamic
|
pm = dynamic
|
||||||
pm.max_children = 75
|
pm.max_children = 75
|
||||||
pm.start_servers = 10
|
pm.start_servers = 10
|
||||||
pm.min_spare_servers = 5
|
pm.min_spare_servers = 5
|
||||||
pm.max_spare_servers = 20
|
pm.max_spare_servers = 20
|
||||||
pm.process_idle_timeout = 10s
|
pm.process_idle_timeout = 10s
|
Loading…
Reference in a new issue