Remove unused roles and variables
This commit is contained in:
parent
a2baf0f1a7
commit
7e739c8c70
|
@ -1,6 +1,5 @@
|
|||
ansible_python_interpreter: /usr/bin/python3
|
||||
|
||||
basics_autoupdate_mail: backend@hamburg.freifunk.net
|
||||
basics_autoupdate_reboot_time: "04:00"
|
||||
|
||||
nginx_error_log: "/dev/null error"
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
nginx_ciphers: "ECDH+aRSA+CHACHA20:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384"
|
||||
nginx_resolver: "[2a03:2267:2::10] [2a03:2267:2::20] [2a03:2267:2::30]"
|
||||
openssl_ciphersuites: "TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384"
|
|
@ -3,9 +3,6 @@ basics_autoupdate_origins:
|
|||
- o=Prosody,n=${distro_codename}
|
||||
- o=TorProject,n=${distro_codename}
|
||||
|
||||
hopglass_frontend_tls_crt: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/fullchain.pem
|
||||
hopglass_frontend_tls_key: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/privkey.pem
|
||||
|
||||
media_tls_crt: /etc/letsencrypt/live/media.hamburg.freifunk.net/fullchain.pem
|
||||
media_tls_key: /etc/letsencrypt/live/media.hamburg.freifunk.net/privkey.pem
|
||||
|
||||
|
|
|
@ -1,3 +0,0 @@
|
|||
---
|
||||
hopglass_frontend_path: /opt/hopglass-frontend
|
||||
nodejs_version: node_8.x
|
|
@ -1,3 +0,0 @@
|
|||
---
|
||||
dependencies:
|
||||
- role: nginx
|
|
@ -1,42 +0,0 @@
|
|||
---
|
||||
- name: clone hopglass
|
||||
git:
|
||||
repo: "https://github.com/hopglass/hopglass"
|
||||
dest: "{{ hopglass_frontend_path }}"
|
||||
accept_hostkey: yes
|
||||
update: no
|
||||
|
||||
- name: create build directory
|
||||
file:
|
||||
path: "{{ hopglass_frontend_path }}/build"
|
||||
state: directory
|
||||
|
||||
- name: template config.json
|
||||
template:
|
||||
src: hopglass-config.j2
|
||||
dest: "{{ hopglass_frontend_path }}/build/config.json"
|
||||
|
||||
- name: template nginx site
|
||||
template:
|
||||
src: nginx-site.j2
|
||||
dest: /etc/nginx/sites-available/hopglass
|
||||
notify: reload nginx
|
||||
|
||||
- name: enable site
|
||||
file:
|
||||
src: ../sites-available/hopglass
|
||||
dest: /etc/nginx/sites-enabled/hopglass
|
||||
state: link
|
||||
notify: reload nginx
|
||||
|
||||
- name: template make-hopglass-frontend
|
||||
template:
|
||||
src: make-hopglass-frontend.j2
|
||||
dest: /usr/local/bin/make-hopglass-frontend
|
||||
mode: 0755
|
||||
register: make
|
||||
|
||||
- name: show usage information
|
||||
debug:
|
||||
msg: ">>> Because Node.js is terrible, please run make-hopglass-frontend manually. <<<"
|
||||
when: make.changed
|
|
@ -1,33 +0,0 @@
|
|||
---
|
||||
- name: check for npm
|
||||
find:
|
||||
paths: [/bin, /usr/bin, /usr/local/bin]
|
||||
patterns: npm
|
||||
file_type: any
|
||||
register: npm
|
||||
|
||||
- name: install APT HTTPS transport
|
||||
apt:
|
||||
name: apt-transport-https
|
||||
cache_valid_time: 86400
|
||||
when: npm.matched == 0
|
||||
|
||||
- name: add NodeSource signing key
|
||||
apt_key:
|
||||
url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
|
||||
id: 9FD3B784BC1C6FC31A8A0A1C1655A0AB68576280
|
||||
when: npm.matched == 0
|
||||
|
||||
- name: add NodeSource repository
|
||||
apt_repository:
|
||||
repo: "deb https://deb.nodesource.com/{{ nodejs_version }} {{ ansible_lsb.codename }} main"
|
||||
filename: nodesource
|
||||
when: npm.matched == 0
|
||||
|
||||
- name: install Node.js
|
||||
apt:
|
||||
name:
|
||||
- build-essential
|
||||
- nodejs
|
||||
cache_valid_time: 86400
|
||||
when: npm.matched == 0
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
- include: install-nodejs.yml
|
||||
tags: nodejs
|
||||
- include: install-hopglass.yml
|
||||
tags: hopglass-frontend
|
|
@ -1,63 +0,0 @@
|
|||
{
|
||||
"dataPath": "https://hopglass-backend.hamburg.freifunk.net/",
|
||||
"siteName": "Freifunk Hamburg",
|
||||
"mapSigmaScale": 1.1,
|
||||
"showContact": false,
|
||||
"maxAge": 2,
|
||||
"mapLayers": [
|
||||
{
|
||||
"name": "OpenStreetMap",
|
||||
"url": "https://{s}.tile.openstreetmap.de/tiles/osmde/{z}/{x}/{y}.png",
|
||||
"config": {
|
||||
"maxZoom": 18,
|
||||
"attribution": "© <a href=\"https://www.openstreetmap.org/copyright\">OpenStreetMap</a>"
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "Satellitenbild",
|
||||
"url": "https://server.arcgisonline.com/ArcGIS/rest/services/World_Imagery/MapServer/tile/{z}/{y}/{x}",
|
||||
"config": {
|
||||
"attribution": "Tiles © Esri — Source: Esri, i-cubed, USDA, USGS, AEX, GeoEye, Getmapping, Aerogrid, IGN, IGP, UPR-EGP, and the GIS User Community"
|
||||
}
|
||||
},
|
||||
{
|
||||
"name": "Stamen (TonerLite)",
|
||||
"url": "https://stamen-tiles-{s}.a.ssl.fastly.net/toner-lite/{z}/{x}/{y}.png",
|
||||
"config": {
|
||||
"maxZoom": 20,
|
||||
"attribution": "Map tiles by <a href=\"https://stamen.com\">Stamen Design</a>, <a href=\"https://creativecommons.org/licenses/by/3.0\">CC BY 3.0</a> — Map data © <a href=\"https://www.openstreetmap.org/copyright\">OpenStreetMap</a>"
|
||||
}
|
||||
}
|
||||
],
|
||||
"nodeInfos": [
|
||||
{
|
||||
"name": "Clientstatistik",
|
||||
"href": "https://statistik.hamburg.freifunk.net/dashboard/db/freifunk-knoteninfo-knoten-id?var-region=ffhh&var-knoten={NODE_ID}",
|
||||
"thumbnail": "https://statistik.hamburg.freifunk.net/render/dashboard-solo/db/freifunk-knoteninfo-knoten-id?panelId=1&var-region=ffhh&var-knoten={NODE_ID}&theme=light&width=530&height=332&from=now-3d",
|
||||
"caption": "Verbundene Clients in den letzten 3 Tage an Knoten {NODE_ID}"
|
||||
}
|
||||
],
|
||||
"globalInfos": [
|
||||
{
|
||||
"name": "Clientstatistik (gesamt)",
|
||||
"href": "https://statistik.hamburg.freifunk.net/dashboard/db/freifunk-ubersicht?var-region=ffhh",
|
||||
"thumbnail": "https://statistik.hamburg.freifunk.net/render/dashboard-solo/db/freifunk-ubersicht?panelId=1&var-region=ffhh&theme=light&width=530&height=332&from=now-3d",
|
||||
"caption": "Verbundene Clients in den letzten 3 Tagen"
|
||||
}
|
||||
],
|
||||
"linkInfos": [],
|
||||
"siteNames": [
|
||||
{ "site": "ffhh", "name": "Hamburg" },
|
||||
{ "site": "ffhh-nowe", "name": "Hamburg-NordWest" },
|
||||
{ "site": "ffhh-ost", "name": "Hamburg-Ost" },
|
||||
{ "site": "ffhh-sued", "name": "Hamburg-Sued" },
|
||||
{ "site": "ffhh-west", "name": "Hamburg-West" }
|
||||
],
|
||||
"domainNames": [
|
||||
{ "domain": "ffhh_nowe", "name": "Hamburg-NordWest" },
|
||||
{ "domain": "ffhh_ost", "name": "Hamburg-Ost" },
|
||||
{ "domain": "ffhh_sued", "name": "Hamburg-Sued" },
|
||||
{ "domain": "ffhh_west", "name": "Hamburg-West" }
|
||||
],
|
||||
"hwImg": []
|
||||
}
|
|
@ -1,8 +0,0 @@
|
|||
#!/bin/bash
|
||||
|
||||
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
|
||||
|
||||
cd {{ hopglass_frontend_path }}
|
||||
npm install
|
||||
npm install grunt-cli
|
||||
node_modules/.bin/grunt
|
|
@ -1,40 +0,0 @@
|
|||
{% if hopglass_frontend_tls_crt is defined %}
|
||||
server {
|
||||
server_name map.hamburg.freifunk.net hopglass.hamburg.freifunk.net;
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
ssl_certificate {{ hopglass_frontend_tls_crt }};
|
||||
ssl_certificate_key {{ hopglass_frontend_tls_key }};
|
||||
|
||||
include snippets/header-hsts.conf;
|
||||
include snippets/no-unsafe-files.conf;
|
||||
|
||||
add_header Referrer-Policy same-origin;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
proxy_hide_header Referrer-Policy;
|
||||
proxy_hide_header X-Content-Type-Options;
|
||||
proxy_hide_header X-XSS-Protection;
|
||||
|
||||
root {{ hopglass_frontend_path }}/build;
|
||||
}
|
||||
|
||||
{% endif %}
|
||||
server {
|
||||
server_name map.hamburg.freifunk.net hopglass.hamburg.freifunk.net;
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
{% if hopglass_frontend_tls_crt is defined %}
|
||||
location / {
|
||||
return 302 https://$host$request_uri;
|
||||
}
|
||||
{% else %}
|
||||
include snippets/header-security.conf;
|
||||
include snippets/no-unsafe-files.conf;
|
||||
|
||||
root {{ hopglass_frontend_path }}/build;
|
||||
{% endif %}
|
||||
|
||||
include snippets/location-acme.conf;
|
||||
}
|
|
@ -1,5 +0,0 @@
|
|||
---
|
||||
- name: restart ntpd
|
||||
service:
|
||||
name: ntp
|
||||
state: restarted
|
|
@ -1,21 +0,0 @@
|
|||
---
|
||||
- name: install ntpd
|
||||
apt:
|
||||
name: ntp
|
||||
state: present
|
||||
tags: ntp
|
||||
|
||||
- name: template ntp.conf
|
||||
template:
|
||||
src: ntp.conf.j2
|
||||
dest: /etc/ntp.conf
|
||||
backup: yes
|
||||
notify: restart ntpd
|
||||
tags: ntp
|
||||
|
||||
- name: start and enable ntpd
|
||||
service:
|
||||
name: ntp
|
||||
state: started
|
||||
enabled: yes
|
||||
tags: ntp
|
|
@ -1,36 +0,0 @@
|
|||
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
|
||||
|
||||
driftfile /var/lib/ntp/ntp.drift
|
||||
|
||||
logfile /var/log/ntpstats/ntp.log
|
||||
|
||||
statistics loopstats peerstats clockstats
|
||||
filegen loopstats file loopstats type day enable
|
||||
filegen peerstats file peerstats type day enable
|
||||
filegen clockstats file clockstats type day enable
|
||||
|
||||
server 127.127.1.0
|
||||
fudge 127.127.1.0 stratum 10
|
||||
|
||||
server ptbtime1.ptb.de
|
||||
server ptbtime2.ptb.de
|
||||
server ptbtime3.ptb.de
|
||||
|
||||
# Restrict all incoming connection
|
||||
restrict -4 default ignore
|
||||
restrict -6 default ignore
|
||||
|
||||
restrict 192.53.103.108 nomodify notrap nopeer noquery
|
||||
restrict 192.53.103.104 nomodify notrap nopeer noquery
|
||||
restrict 192.53.103.103 nomodify notrap nopeer noquery
|
||||
|
||||
# Local users may interrogate the ntp server more closely.
|
||||
restrict 127.0.0.1
|
||||
restrict -6 ::1
|
||||
|
||||
# Disable the monlist request as this is associated with ntp
|
||||
# amplification attacks
|
||||
disable monitor
|
||||
restrict {{ prefix4.split("/")[0] }} mask {{ prefix4 | ipaddr('netmask') }} nomodify notrap nopeer
|
||||
restrict {{ prefix6.split("/")[0] }} mask {{ prefix6 | ipaddr('netmask') }} nomodify notrap nopeer
|
||||
|
|
@ -1,12 +1,4 @@
|
|||
---
|
||||
- hosts: hopglass-frontend
|
||||
roles:
|
||||
- hopglass-frontend
|
||||
|
||||
- hosts: services
|
||||
roles:
|
||||
- ntp-server
|
||||
|
||||
- hosts: media
|
||||
roles:
|
||||
- website/media
|
||||
|
|
Loading…
Reference in a new issue