Use Ansible collection for some roles, config updates

This commit is contained in:
Alexander Dietrich 2022-05-21 14:47:31 +02:00
parent 1fe1ce6bbc
commit c6802f992e
14 changed files with 21 additions and 70 deletions

View file

@ -1,20 +1,20 @@
---
- hosts: ffhh
roles:
- basics
- alxndr42.commons.basics
- basics-ffhh
tags: basics
- hosts: nginx
roles:
- nginx
- alxndr42.commons.nginx
- nginx-ffhh
- error-pages
tags: nginx
- hosts: certbot
roles:
- certbot
- alxndr42.commons.certbot
tags: certbot
- hosts: certsync

View file

@ -1,5 +1,5 @@
ansible_python_interpreter: /usr/bin/python3
basics_autoupdate_mail: backend@hamburg.freifunk.net
certbot_email: backend@hamburg.freifunk.net
nginx_error_log: "/dev/null error"

View file

@ -1,6 +1,5 @@
basics_autoupdate_origins:
- o=Node Source,n=${distro_codename}
- o=Prosody,n=${distro_codename}
- o=TorProject,n=${distro_codename}
media_tls_crt: /etc/letsencrypt/live/media.hamburg.freifunk.net/fullchain.pem

View file

@ -1,7 +1,4 @@
---
- src: alxndr42.basics
name: basics
version: v1.11.0
- src: alxndr42.nginx
name: nginx
version: v1.4.0
collections:
- name: alxndr42.commons
version: 1.0.0

View file

@ -1,7 +1,5 @@
---
- src: https://github.com/alxndr42/ansible-basics.git
name: basics
version: v1.11.0
- src: https://github.com/alxndr42/ansible-nginx.git
name: nginx
version: v1.4.0
collections:
- name: https://github.com/alxndr42/ansible-commons.git
type: git
version: v1.0.0

View file

@ -1,13 +0,0 @@
# Because we are using logrotate for greater flexibility, disable the
# internal certbot logrotation.
max-log-backups = 0
email = backend@hamburg.freifunk.net
rsa-key-size = 4096
authenticator = webroot
webroot-path = /var/www/_acme-challenge
agree-tos = True
non-interactive = True
text = True

View file

@ -1,5 +0,0 @@
#!/bin/bash
PATH="/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin"
systemctl reload nginx

View file

@ -1,25 +0,0 @@
---
- name: install certbot
apt:
name: certbot
cache_valid_time: 86400
- name: create webroot directory
file:
path: /var/www/_acme-challenge
state: directory
- name: copy cli.ini
copy:
src: cli.ini
dest: /etc/letsencrypt/
- name: populate service facts
service_facts:
- name: copy reload-nginx hook
copy:
src: reload-nginx
dest: /etc/letsencrypt/renewal-hooks/post/
mode: 0755
when: "'nginx' in services"

View file

@ -1,5 +1,5 @@
error_page 502 /_error-pages/502.html;
error_page 502 /error-pages/502.html;
location ^~ /_error-pages {
location ^~ /error-pages {
root /var/www;
}

View file

@ -3,8 +3,8 @@
<head>
<meta charset="utf-8">
<title>Bad Gateway</title>
<link rel="stylesheet" href="/_error-pages/style.css">
<link rel="stylesheet" href="/error-pages/style.css">
</head>
<body>
<img src="/_error-pages/bad_gateway.png" alt="Bad Gateway Traffic Sign">
<img src="/error-pages/bad_gateway.png" alt="Bad Gateway Traffic Sign">
</body>

View file

@ -1,13 +1,13 @@
---
- name: create directory
file:
path: /var/www/_error-pages
path: /var/www/error-pages
state: directory
- name: copy error-pages
copy:
src: error-pages/
dest: /var/www/_error-pages/
dest: /var/www/error-pages/
- name: copy error-pages.conf
copy:

View file

@ -1,3 +1,3 @@
---
dependencies:
- role: nginx
- role: alxndr42.commons.nginx

View file

@ -1,3 +1,3 @@
---
dependencies:
- role: nginx
- role: alxndr42.commons.nginx

View file

@ -1,3 +1,3 @@
---
dependencies:
- role: nginx
- role: alxndr42.commons.nginx