Use Ansible collection for some roles, config updates
This commit is contained in:
Alexander Dietrich
parent
1fe1ce6bbc
commit
c6802f992e
|
|
@ -1,20 +1,20 @@
|
||||||
---
|
---
|
||||||
- hosts: ffhh
|
- hosts: ffhh
|
||||||
roles:
|
roles:
|
||||||
- basics
|
- alxndr42.commons.basics
|
||||||
- basics-ffhh
|
- basics-ffhh
|
||||||
tags: basics
|
tags: basics
|
||||||
|
|
||||||
- hosts: nginx
|
- hosts: nginx
|
||||||
roles:
|
roles:
|
||||||
- nginx
|
- alxndr42.commons.nginx
|
||||||
- nginx-ffhh
|
- nginx-ffhh
|
||||||
- error-pages
|
- error-pages
|
||||||
tags: nginx
|
tags: nginx
|
||||||
|
|
||||||
- hosts: certbot
|
- hosts: certbot
|
||||||
roles:
|
roles:
|
||||||
- certbot
|
- alxndr42.commons.certbot
|
||||||
tags: certbot
|
tags: certbot
|
||||||
|
|
||||||
- hosts: certsync
|
- hosts: certsync
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
ansible_python_interpreter: /usr/bin/python3
|
|
||||||
|
|
||||||
basics_autoupdate_mail: backend@hamburg.freifunk.net
|
basics_autoupdate_mail: backend@hamburg.freifunk.net
|
||||||
|
|
||||||
|
certbot_email: backend@hamburg.freifunk.net
|
||||||
|
|
||||||
nginx_error_log: "/dev/null error"
|
nginx_error_log: "/dev/null error"
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,5 @@
|
||||||
basics_autoupdate_origins:
|
basics_autoupdate_origins:
|
||||||
- o=Node Source,n=${distro_codename}
|
- o=Node Source,n=${distro_codename}
|
||||||
- o=Prosody,n=${distro_codename}
|
|
||||||
- o=TorProject,n=${distro_codename}
|
- o=TorProject,n=${distro_codename}
|
||||||
|
|
||||||
media_tls_crt: /etc/letsencrypt/live/media.hamburg.freifunk.net/fullchain.pem
|
media_tls_crt: /etc/letsencrypt/live/media.hamburg.freifunk.net/fullchain.pem
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,4 @@
|
||||||
---
|
---
|
||||||
- src: alxndr42.basics
|
collections:
|
||||||
name: basics
|
- name: alxndr42.commons
|
||||||
version: v1.11.0
|
version: 1.0.0
|
||||||
- src: alxndr42.nginx
|
|
||||||
name: nginx
|
|
||||||
version: v1.4.0
|
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,5 @@
|
||||||
---
|
---
|
||||||
- src: https://github.com/alxndr42/ansible-basics.git
|
collections:
|
||||||
name: basics
|
- name: https://github.com/alxndr42/ansible-commons.git
|
||||||
version: v1.11.0
|
type: git
|
||||||
- src: https://github.com/alxndr42/ansible-nginx.git
|
version: v1.0.0
|
||||||
name: nginx
|
|
||||||
version: v1.4.0
|
|
||||||
|
|
|
||||||
|
|
@ -1,13 +0,0 @@
|
||||||
# Because we are using logrotate for greater flexibility, disable the
|
|
||||||
# internal certbot logrotation.
|
|
||||||
max-log-backups = 0
|
|
||||||
|
|
||||||
email = backend@hamburg.freifunk.net
|
|
||||||
rsa-key-size = 4096
|
|
||||||
|
|
||||||
authenticator = webroot
|
|
||||||
webroot-path = /var/www/_acme-challenge
|
|
||||||
|
|
||||||
agree-tos = True
|
|
||||||
non-interactive = True
|
|
||||||
text = True
|
|
||||||
|
|
@ -1,5 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
PATH="/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin"
|
|
||||||
|
|
||||||
systemctl reload nginx
|
|
||||||
|
|
@ -1,25 +0,0 @@
|
||||||
---
|
|
||||||
- name: install certbot
|
|
||||||
apt:
|
|
||||||
name: certbot
|
|
||||||
cache_valid_time: 86400
|
|
||||||
|
|
||||||
- name: create webroot directory
|
|
||||||
file:
|
|
||||||
path: /var/www/_acme-challenge
|
|
||||||
state: directory
|
|
||||||
|
|
||||||
- name: copy cli.ini
|
|
||||||
copy:
|
|
||||||
src: cli.ini
|
|
||||||
dest: /etc/letsencrypt/
|
|
||||||
|
|
||||||
- name: populate service facts
|
|
||||||
service_facts:
|
|
||||||
|
|
||||||
- name: copy reload-nginx hook
|
|
||||||
copy:
|
|
||||||
src: reload-nginx
|
|
||||||
dest: /etc/letsencrypt/renewal-hooks/post/
|
|
||||||
mode: 0755
|
|
||||||
when: "'nginx' in services"
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
error_page 502 /_error-pages/502.html;
|
error_page 502 /error-pages/502.html;
|
||||||
|
|
||||||
location ^~ /_error-pages {
|
location ^~ /error-pages {
|
||||||
root /var/www;
|
root /var/www;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -3,8 +3,8 @@
|
||||||
<head>
|
<head>
|
||||||
<meta charset="utf-8">
|
<meta charset="utf-8">
|
||||||
<title>Bad Gateway</title>
|
<title>Bad Gateway</title>
|
||||||
<link rel="stylesheet" href="/_error-pages/style.css">
|
<link rel="stylesheet" href="/error-pages/style.css">
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<img src="/_error-pages/bad_gateway.png" alt="Bad Gateway Traffic Sign">
|
<img src="/error-pages/bad_gateway.png" alt="Bad Gateway Traffic Sign">
|
||||||
</body>
|
</body>
|
||||||
|
|
|
||||||
|
|
@ -1,13 +1,13 @@
|
||||||
---
|
---
|
||||||
- name: create directory
|
- name: create directory
|
||||||
file:
|
file:
|
||||||
path: /var/www/_error-pages
|
path: /var/www/error-pages
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: copy error-pages
|
- name: copy error-pages
|
||||||
copy:
|
copy:
|
||||||
src: error-pages/
|
src: error-pages/
|
||||||
dest: /var/www/_error-pages/
|
dest: /var/www/error-pages/
|
||||||
|
|
||||||
- name: copy error-pages.conf
|
- name: copy error-pages.conf
|
||||||
copy:
|
copy:
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
---
|
---
|
||||||
dependencies:
|
dependencies:
|
||||||
- role: nginx
|
- role: alxndr42.commons.nginx
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
---
|
---
|
||||||
dependencies:
|
dependencies:
|
||||||
- role: nginx
|
- role: alxndr42.commons.nginx
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,3 @@
|
||||||
---
|
---
|
||||||
dependencies:
|
dependencies:
|
||||||
- role: nginx
|
- role: alxndr42.commons.nginx
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue