freifunk/ansible-config
8
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Update website/meta role

Browse source
This commit is contained in:
Alexander Dietrich 2018-11-07 22:36:43 +01:00
parent e8b7f0c6da
commit b3d0c76949
8 changed files with 54 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
host_vars/srv02
View file

@ -6,4 +6,6 @@ hopglass_frontend_tls_crt: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/f
hopglass_frontend_tls_key: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/privkey.pem hopglass_frontend_tls_key: /etc/letsencrypt/live/hopglass.hamburg.freifunk.net/privkey.pem
media_tls_crt: /etc/letsencrypt/live/media.hamburg.freifunk.net/fullchain.pem media_tls_crt: /etc/letsencrypt/live/media.hamburg.freifunk.net/fullchain.pem
media_tls_key: /etc/letsencrypt/live/media.hamburg.freifunk.net/privkey.pem media_tls_key: /etc/letsencrypt/live/media.hamburg.freifunk.net/privkey.pem
meta_tls_crt: /etc/letsencrypt/live/hamburg.freifunk.net/fullchain.pem
meta_tls_key: /etc/letsencrypt/live/hamburg.freifunk.net/privkey.pem
nginx_resolver: 127.0.0.1 nginx_resolver: 127.0.0.1

3
production
View file

@ -16,6 +16,9 @@ srv02
[media] [media]
srv02 srv02
[meta]
srv02
[nginx] [nginx]
gw03-new ansible_host=gw03-new.hamburg.freifunk.net gw03-new ansible_host=gw03-new.hamburg.freifunk.net

3
roles/website/meta/defaults/main.yml Normal file
View file

@ -0,0 +1,3 @@
---
meta_root: /var/www/meta
site: meta

2
roles/website/meta/handlers/main.yml
View file

@ -1,2 +0,0 @@
---
- include: "{{ playbook_dir }}/roles/website/includes/base-static/handlers/main.yml"

1
roles/website/meta/meta/main.yml
View file

@ -1,4 +1,3 @@
--- ---
dependencies: dependencies:
- role: nginx - role: nginx

21
roles/website/meta/tasks/main.yml
View file

@ -1,12 +1,13 @@
--- ---
- include: "{{ playbook_dir }}/roles/website/includes/base-static/tasks/main.yml" - name: template site
vars: template:
site: ffhh_meta src: templates/site.j2
domains: dest: /etc/nginx/sites-available/{{ site }}
- meta.hamburg.freifunk.net notify: reload nginx
ports:
- { number: 80, ssl: false }
- { number: 443, ssl: true }
document_root: { path: /var/www/ffhh/meta, create: true }
listing: true
- name: enable site
file:
src: ../sites-available/{{ site }}
dest: /etc/nginx/sites-enabled/{{ site }}
state: link
notify: reload nginx

30
roles/website/meta/templates/site.j2 Normal file
View file

@ -0,0 +1,30 @@
{% if meta_tls_crt is defined %}
server {
server_name meta.hamburg.freifunk.net;
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate {{ meta_tls_crt }};
ssl_certificate_key {{ meta_tls_key }};
root {{ meta_root }};
include snippets/autoindex.conf;
include snippets/header-hsts.conf;
include snippets/no-unsafe-files.conf;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME /var/www/meta$fastcgi_script_name;
include fastcgi_params;
}
}
{% endif %}
server {
server_name meta.hamburg.freifunk.net;
listen 80;
listen [::]:80;
return 302 https://$server_name$request_uri;
include snippets/location-acme.conf;
}

5
services.yml
View file

@ -12,6 +12,11 @@
- website/media - website/media
tags: media tags: media
- hosts: meta
roles:
- website/meta
tags: meta
- hosts: updates - hosts: updates
roles: roles:
- website/updates - website/updates