Konfiguration von media und meta als statische Sites.

2015-11-14 20:05:42 +01:00 · 2015-11-14 20:05:42 +01:00 · b0d42a931d
parent 3c917ce4b2
commit b0d42a931d
6 changed files with 94 additions and 6 deletions
--- a/group_vars/web.yml
+++ b/group_vars/web.yml
@ -10,3 +10,24 @@ web:
      cert:    /etc/ssl/certs/WILDCARD.hamburg.freifunk.net.crt
      key:     /etc/ssl/private/WILDCARD.hamburg.freifunk.net.key
      dhparam: /etc/ssl/dhparam/WILDCARD.hamburg.freifunk.net.dh
  sites:
    static:
      ffhh_media:
        domains:
          - media.services.ffhh
          - media.hamburg.freifunk.net
        ports:
          - { number: 80, ssl: false }
          - { number: 443, ssl: true }
        document_root: { path: /var/www/media, create: true }
        listing: true
      ffhh_meta:
        domains:
          - meta.hamburg.freifunk.net
        ports:
          - { number: 80, ssl: false }
          - { number: 443, ssl: true }
        document_root: { path: /var/www/meta, create: true }
        listing: true
--- a/roles/ntp-server/templates/ntp.conf.j2
+++ b/roles/ntp-server/templates/ntp.conf.j2
@ -1,3 +1,9 @@
 #
 # ACTHUNG:
 #
 # Wird via Ansible konfiguriert. Bitte nicht manuell ändern!
 #
 # /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
 driftfile /var/lib/ntp/ntp.drift
--- a/roles/web-server/updates/handlers/main.yml
+++ b/roles/web-server/updates/handlers/main.yml
@ -1,6 +1,3 @@
 ---
 - name: restart nginx
  service: name=nginx state=restarted
 - name: reload nginx config
  service: name=nginx state=reloaded
--- a/roles/web-server/static/tasks/main.yml
+++ b/roles/web-server/static/tasks/main.yml
@ -0,0 +1,39 @@
 ---
 - name: configure static sites
  template: >
    backup=yes
    src=site.j2
    dest="/etc/nginx/sites-available/{{ item[0] }}"
    owner=root
    group=root
    mode=0644
  with_items: "{{ web.sites.static.items() }}"
  notify: reload nginx config
  tags:
    - nginx
    - website
    - static
 - name: create static site roots
  file: path="{{ item.document_root.path }}" state=directory owner=www-data group=www-data mode=0755
  with_items: "{{ web.sites.static.values() }}"
  when: item.document_root.create
  tags:
    - nginx
    - website
    - static
 - name: enable static sites
  file: >
    src="/etc/nginx/sites-available/{{ item }}"
    dest="/etc/nginx/sites-enabled/{{ item }}"
    owner=root
    group=root
    mode=0644
    state=link
  with_items: "{{ web.sites.static.keys() }}"
  notify: reload nginx config
  tags:
    - nginx
    - website
    - static
--- a/roles/web-server/static/templates/site.j2
+++ b/roles/web-server/static/templates/site.j2
@ -0,0 +1,25 @@
 #
 # ACTHUNG:
 #
 # Wird via Ansible konfiguriert. Bitte nicht manuell ändern!
 #
 {% for port in item[1].ports %}
 server {
    include /etc/nginx/include/no_logging.conf;
    include /etc/nginx/include/no_dotfiles.conf;
    include /etc/nginx/include/no_symlinks.conf;
    {% if item[1].listing %}
        include /etc/nginx/include/listing.conf;
    {% endif %}
    listen {{ port.number }}{% if port.ssl %} ssl{% endif %};
    listen [::]:{{ port.number }}{% if port.ssl %} ssl{% endif %};
    server_name {{ item[1].domains | join(" ") }};
    root {{ item[1].document_root.path }};
 }
 {% endfor %}
--- a/site.yml
+++ b/site.yml
@ -12,6 +12,6 @@
  roles:
    - web-server/base
-#- hosts: srv02
+- hosts: srv02
-#  roles:
+  roles:
-#    - web-server/updates
+    - web-server/static