Add website/updates role
This commit is contained in:
parent
28efaaafdc
commit
46b6049ca9
3
host_vars/srv04
Normal file
3
host_vars/srv04
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
ssl_certificate: /etc/ssl/certsync/updates.hamburg.freifunk.net.crt
|
||||||
|
ssl_certificate_key: /etc/ssl/certsync/updates.hamburg.freifunk.net.key
|
||||||
|
nginx_resolver: 80.252.105.162 80.252.105.194
|
|
@ -1,6 +1,9 @@
|
||||||
[services]
|
[services]
|
||||||
srv04 ansible_ssh_host=80.252.100.116
|
srv04 ansible_ssh_host=80.252.100.116
|
||||||
|
|
||||||
|
[updates]
|
||||||
|
srv04
|
||||||
|
|
||||||
[ffhh]
|
[ffhh]
|
||||||
srv04
|
srv04
|
||||||
|
|
||||||
|
|
4
roles/website/updates/defaults/main.yml
Normal file
4
roles/website/updates/defaults/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
site: updates
|
||||||
|
ssl_certificate: /etc/letsencrypt/live/updates.hamburg.freifunk.net/fullchain.pem
|
||||||
|
ssl_certificate_key: /etc/letsencrypt/live/updates.hamburg.freifunk.net/privkey.pem
|
9
roles/website/updates/files/updates_common.conf
Normal file
9
roles/website/updates/files/updates_common.conf
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
# Basis-Konfiguration für updates.
|
||||||
|
|
||||||
|
root /var/www/updates;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
access_log off;
|
||||||
|
log_not_found off;
|
||||||
|
autoindex on;
|
||||||
|
}
|
3
roles/website/updates/meta/main.yml
Normal file
3
roles/website/updates/meta/main.yml
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
dependencies:
|
||||||
|
- role: nginx
|
19
roles/website/updates/tasks/main.yml
Normal file
19
roles/website/updates/tasks/main.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
---
|
||||||
|
- name: copy updates_common.conf
|
||||||
|
copy:
|
||||||
|
src: files/updates_common.conf
|
||||||
|
dest: /etc/nginx/include
|
||||||
|
notify: reload nginx
|
||||||
|
|
||||||
|
- name: template site
|
||||||
|
template:
|
||||||
|
src: templates/site.j2
|
||||||
|
dest: /etc/nginx/sites-available/{{ site }}
|
||||||
|
notify: reload nginx
|
||||||
|
|
||||||
|
- name: enable site
|
||||||
|
file:
|
||||||
|
src: /etc/nginx/sites-available/{{ site }}
|
||||||
|
dest: /etc/nginx/sites-enabled/{{ site }}
|
||||||
|
state: link
|
||||||
|
notify: reload nginx
|
31
roles/website/updates/templates/site.j2
Normal file
31
roles/website/updates/templates/site.j2
Normal file
|
@ -0,0 +1,31 @@
|
||||||
|
server {
|
||||||
|
listen 443 ssl;
|
||||||
|
listen [::]:443 ssl;
|
||||||
|
|
||||||
|
server_name updates.hamburg.freifunk.net;
|
||||||
|
|
||||||
|
ssl_certificate {{ ssl_certificate }};
|
||||||
|
ssl_certificate_key {{ ssl_certificate_key }};
|
||||||
|
|
||||||
|
include /etc/nginx/include/updates_common.conf;
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
|
||||||
|
server_name updates.hamburg.freifunk.net;
|
||||||
|
|
||||||
|
include /etc/nginx/include/updates_common.conf;
|
||||||
|
|
||||||
|
# Kein HTTPS Redirect wg. Paketinstallation auf Routern
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
|
||||||
|
server_name 1.updates.services.ffhh;
|
||||||
|
|
||||||
|
include /etc/nginx/include/updates_common.conf;
|
||||||
|
}
|
|
@ -2,3 +2,7 @@
|
||||||
- hosts: services
|
- hosts: services
|
||||||
roles:
|
roles:
|
||||||
- ntp-server
|
- ntp-server
|
||||||
|
|
||||||
|
- hosts: updates
|
||||||
|
roles:
|
||||||
|
- website/updates
|
||||||
|
|
Loading…
Reference in a new issue