Update website/meta role
This commit is contained in:
parent
e8b7f0c6da
commit
b3d0c76949
|
@ -6,4 +6,6 @@ hopglass_frontend_tls_crt: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/f
|
||||||
hopglass_frontend_tls_key: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/privkey.pem
|
hopglass_frontend_tls_key: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/privkey.pem
|
||||||
media_tls_crt: /etc/letsencrypt/live/media.hamburg.freifunk.net/fullchain.pem
|
media_tls_crt: /etc/letsencrypt/live/media.hamburg.freifunk.net/fullchain.pem
|
||||||
media_tls_key: /etc/letsencrypt/live/media.hamburg.freifunk.net/privkey.pem
|
media_tls_key: /etc/letsencrypt/live/media.hamburg.freifunk.net/privkey.pem
|
||||||
|
meta_tls_crt: /etc/letsencrypt/live/hamburg.freifunk.net/fullchain.pem
|
||||||
|
meta_tls_key: /etc/letsencrypt/live/hamburg.freifunk.net/privkey.pem
|
||||||
nginx_resolver: 127.0.0.1
|
nginx_resolver: 127.0.0.1
|
||||||
|
|
|
@ -16,6 +16,9 @@ srv02
|
||||||
[media]
|
[media]
|
||||||
srv02
|
srv02
|
||||||
|
|
||||||
|
[meta]
|
||||||
|
srv02
|
||||||
|
|
||||||
[nginx]
|
[nginx]
|
||||||
gw03-new ansible_host=gw03-new.hamburg.freifunk.net
|
gw03-new ansible_host=gw03-new.hamburg.freifunk.net
|
||||||
|
|
||||||
|
|
3
roles/website/meta/defaults/main.yml
Normal file
3
roles/website/meta/defaults/main.yml
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
meta_root: /var/www/meta
|
||||||
|
site: meta
|
|
@ -1,2 +0,0 @@
|
||||||
---
|
|
||||||
- include: "{{ playbook_dir }}/roles/website/includes/base-static/handlers/main.yml"
|
|
|
@ -1,4 +1,3 @@
|
||||||
---
|
---
|
||||||
dependencies:
|
dependencies:
|
||||||
- role: nginx
|
- role: nginx
|
||||||
|
|
||||||
|
|
|
@ -1,12 +1,13 @@
|
||||||
---
|
---
|
||||||
- include: "{{ playbook_dir }}/roles/website/includes/base-static/tasks/main.yml"
|
- name: template site
|
||||||
vars:
|
template:
|
||||||
site: ffhh_meta
|
src: templates/site.j2
|
||||||
domains:
|
dest: /etc/nginx/sites-available/{{ site }}
|
||||||
- meta.hamburg.freifunk.net
|
notify: reload nginx
|
||||||
ports:
|
|
||||||
- { number: 80, ssl: false }
|
|
||||||
- { number: 443, ssl: true }
|
|
||||||
document_root: { path: /var/www/ffhh/meta, create: true }
|
|
||||||
listing: true
|
|
||||||
|
|
||||||
|
- name: enable site
|
||||||
|
file:
|
||||||
|
src: ../sites-available/{{ site }}
|
||||||
|
dest: /etc/nginx/sites-enabled/{{ site }}
|
||||||
|
state: link
|
||||||
|
notify: reload nginx
|
||||||
|
|
30
roles/website/meta/templates/site.j2
Normal file
30
roles/website/meta/templates/site.j2
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
{% if meta_tls_crt is defined %}
|
||||||
|
server {
|
||||||
|
server_name meta.hamburg.freifunk.net;
|
||||||
|
listen 443 ssl;
|
||||||
|
listen [::]:443 ssl;
|
||||||
|
ssl_certificate {{ meta_tls_crt }};
|
||||||
|
ssl_certificate_key {{ meta_tls_key }};
|
||||||
|
|
||||||
|
root {{ meta_root }};
|
||||||
|
include snippets/autoindex.conf;
|
||||||
|
include snippets/header-hsts.conf;
|
||||||
|
include snippets/no-unsafe-files.conf;
|
||||||
|
|
||||||
|
location ~ \.php$ {
|
||||||
|
fastcgi_pass unix:/var/run/php5-fpm.sock;
|
||||||
|
fastcgi_param SCRIPT_FILENAME /var/www/meta$fastcgi_script_name;
|
||||||
|
include fastcgi_params;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
{% endif %}
|
||||||
|
server {
|
||||||
|
server_name meta.hamburg.freifunk.net;
|
||||||
|
listen 80;
|
||||||
|
listen [::]:80;
|
||||||
|
|
||||||
|
return 302 https://$server_name$request_uri;
|
||||||
|
|
||||||
|
include snippets/location-acme.conf;
|
||||||
|
}
|
|
@ -12,6 +12,11 @@
|
||||||
- website/media
|
- website/media
|
||||||
tags: media
|
tags: media
|
||||||
|
|
||||||
|
- hosts: meta
|
||||||
|
roles:
|
||||||
|
- website/meta
|
||||||
|
tags: meta
|
||||||
|
|
||||||
- hosts: updates
|
- hosts: updates
|
||||||
roles:
|
roles:
|
||||||
- website/updates
|
- website/updates
|
||||||
|
|
Loading…
Reference in a new issue