Add website/updates role

This commit is contained in:
Alexander Dietrich 2017-02-10 22:51:55 +01:00
parent 28efaaafdc
commit 46b6049ca9
8 changed files with 76 additions and 0 deletions

3
host_vars/srv04 Normal file
View file

@ -0,0 +1,3 @@
ssl_certificate: /etc/ssl/certsync/updates.hamburg.freifunk.net.crt
ssl_certificate_key: /etc/ssl/certsync/updates.hamburg.freifunk.net.key
nginx_resolver: 80.252.105.162 80.252.105.194

View file

@ -1,6 +1,9 @@
[services] [services]
srv04 ansible_ssh_host=80.252.100.116 srv04 ansible_ssh_host=80.252.100.116
[updates]
srv04
[ffhh] [ffhh]
srv04 srv04

View file

@ -0,0 +1,4 @@
---
site: updates
ssl_certificate: /etc/letsencrypt/live/updates.hamburg.freifunk.net/fullchain.pem
ssl_certificate_key: /etc/letsencrypt/live/updates.hamburg.freifunk.net/privkey.pem

View file

@ -0,0 +1,9 @@
# Basis-Konfiguration für updates.
root /var/www/updates;
location / {
access_log off;
log_not_found off;
autoindex on;
}

View file

@ -0,0 +1,3 @@
---
dependencies:
- role: nginx

View file

@ -0,0 +1,19 @@
---
- name: copy updates_common.conf
copy:
src: files/updates_common.conf
dest: /etc/nginx/include
notify: reload nginx
- name: template site
template:
src: templates/site.j2
dest: /etc/nginx/sites-available/{{ site }}
notify: reload nginx
- name: enable site
file:
src: /etc/nginx/sites-available/{{ site }}
dest: /etc/nginx/sites-enabled/{{ site }}
state: link
notify: reload nginx

View file

@ -0,0 +1,31 @@
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name updates.hamburg.freifunk.net;
ssl_certificate {{ ssl_certificate }};
ssl_certificate_key {{ ssl_certificate_key }};
include /etc/nginx/include/updates_common.conf;
}
server {
listen 80;
listen [::]:80;
server_name updates.hamburg.freifunk.net;
include /etc/nginx/include/updates_common.conf;
# Kein HTTPS Redirect wg. Paketinstallation auf Routern
}
server {
listen 80;
listen [::]:80;
server_name 1.updates.services.ffhh;
include /etc/nginx/include/updates_common.conf;
}

View file

@ -2,3 +2,7 @@
- hosts: services - hosts: services
roles: roles:
- ntp-server - ntp-server
- hosts: updates
roles:
- website/updates