2019-12-16 21:09:24 +00:00
|
|
|
---
|
|
|
|
|
2021-11-18 06:06:56 +00:00
|
|
|
# After running this playbook on a new machine, you'll need either to:
|
|
|
|
# - Rsync /var/www/pycon/fr/ from another server or a backup.
|
|
|
|
# - Redeploy every sites (to run pelican / frozen-flask / ...).
|
|
|
|
|
2019-12-16 22:58:06 +00:00
|
|
|
- hosts: webservers
|
|
|
|
vars:
|
2020-08-02 09:28:24 +00:00
|
|
|
nginx_public_deploy_key: |
|
|
|
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINbgxOufHY7SxQrJNTlHmye+xeNHBA1O5SGtGhGeOVZM
|
|
|
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIvF5rwjx5lpjzH6B4Uce9kZhz260kkwzYvIieR189Q1
|
2022-10-21 12:22:40 +00:00
|
|
|
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFRY4/MaxUs8+mTrCKCXpHiXdrTjpNK9MqIpSpdLtxST pyconfr-2023
|
2019-12-16 21:09:24 +00:00
|
|
|
tasks:
|
|
|
|
- name: Basic setup
|
|
|
|
include_role: name=common
|
|
|
|
|
2019-12-19 14:50:06 +00:00
|
|
|
- name: Setup PyConFr
|
2021-09-10 12:09:00 +00:00
|
|
|
include_role: name=nginx
|
2019-12-19 14:50:06 +00:00
|
|
|
vars:
|
|
|
|
nginx_owner: pyconfr
|
2021-11-18 07:08:04 +00:00
|
|
|
nginx_domain: pycon.fr
|
2021-09-10 12:09:00 +00:00
|
|
|
nginx_certificates: ['pycon.fr', 'www.pycon.fr']
|
2019-12-19 14:50:06 +00:00
|
|
|
nginx_path: /var/www/pycon.fr/
|
|
|
|
nginx_conf: |
|
|
|
|
server
|
|
|
|
{
|
2021-12-30 20:33:48 +00:00
|
|
|
listen [::]:80; listen 80;
|
2021-09-10 12:09:00 +00:00
|
|
|
server_name .pycon.fr;
|
2023-01-18 22:46:45 +00:00
|
|
|
return 301 https://$host$request_uri;
|
2019-12-19 14:58:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
server
|
|
|
|
{
|
2023-02-13 21:40:47 +00:00
|
|
|
listen [::]:443 ssl http2; listen 443 ssl http2;
|
2019-12-19 14:58:06 +00:00
|
|
|
server_name pycon.fr;
|
|
|
|
include snippets/letsencrypt-pycon.fr.conf;
|
|
|
|
return 301 https://www.pycon.fr$request_uri;
|
2019-12-19 14:50:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
server
|
|
|
|
{
|
2023-02-13 21:40:47 +00:00
|
|
|
listen [::]:443 ssl http2; listen 443 ssl http2;
|
2019-12-19 14:58:06 +00:00
|
|
|
server_name www.pycon.fr;
|
2019-12-19 14:50:06 +00:00
|
|
|
include snippets/letsencrypt-pycon.fr.conf;
|
|
|
|
root /var/www/pycon.fr/;
|
2022-10-21 12:22:46 +00:00
|
|
|
charset utf-8;
|
2019-12-19 14:50:06 +00:00
|
|
|
location = / {
|
2022-11-04 20:34:58 +00:00
|
|
|
return 302 https://www.pycon.fr/2023$request_uri;
|
2019-12-19 14:50:06 +00:00
|
|
|
}
|
2023-01-18 22:46:45 +00:00
|
|
|
location ~ ^/2021 {
|
|
|
|
return 301 https://www.pycon.fr/2023/;
|
|
|
|
}
|
|
|
|
location ~ ^/2022 {
|
|
|
|
return 301 https://www.pycon.fr/2023/;
|
|
|
|
}
|
|
|
|
location ~ ^/2023/ {
|
2023-01-29 20:18:38 +00:00
|
|
|
add_header Content-Security-Policy "default-src 'none'; frame-ancestors 'self'; form-action 'none'; base-uri 'none'; frame-src 'self' https://framacarte.org; font-src 'self'; img-src 'self' https://openstreetmap.fr; script-src 'self' https://framasoft.org https://framacarte.org; style-src 'self'";
|
2023-01-18 22:46:45 +00:00
|
|
|
add_header Strict-Transport-Security "max-age=63072000";
|
|
|
|
add_header X-Content-Type-Options "nosniff";
|
|
|
|
}
|
|
|
|
# Prevent browsers from incorrectly detecting non-scripts as scripts
|
|
|
|
add_header X-Content-Type-Options "nosniff";
|
2019-12-19 14:50:06 +00:00
|
|
|
rewrite ^/2018/$ /2018/fr/index/ last;
|
|
|
|
rewrite ^/2018/(A-Za-z-)+/$ /2018/fr/$1/ last;
|
|
|
|
}
|
|
|
|
|
2021-09-10 12:09:00 +00:00
|
|
|
- name: Setup PyConFr 2016
|
|
|
|
include_role: name=nginx
|
|
|
|
vars:
|
2021-11-18 07:08:04 +00:00
|
|
|
nginx_domain: 2016.pycon.fr
|
2021-09-10 12:09:00 +00:00
|
|
|
nginx_certificates: [2016.pycon.fr]
|
|
|
|
nginx_conf: |
|
|
|
|
server
|
|
|
|
{
|
2021-12-30 20:33:48 +00:00
|
|
|
listen [::]:80; listen 80;
|
2021-09-10 12:09:00 +00:00
|
|
|
server_name 2016.pycon.fr;
|
|
|
|
return 301 https://www.pycon.fr/2016/;
|
|
|
|
}
|
|
|
|
|
|
|
|
server
|
|
|
|
{
|
2023-02-13 21:40:47 +00:00
|
|
|
listen [::]:443 ssl http2; listen 443 ssl http2;
|
2021-09-10 12:09:00 +00:00
|
|
|
server_name 2016.pycon.fr;
|
|
|
|
include snippets/letsencrypt-2016.pycon.fr.conf;
|
|
|
|
return 301 https://www.pycon.fr/2016/;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2019-12-19 14:50:06 +00:00
|
|
|
- name: Setup PyConFr 2012
|
2021-09-10 12:09:00 +00:00
|
|
|
include_role: name=nginx
|
2019-12-19 14:50:06 +00:00
|
|
|
vars:
|
2021-11-18 07:08:04 +00:00
|
|
|
nginx_domain: 2012.pycon.fr
|
2019-12-19 14:50:06 +00:00
|
|
|
nginx_certificates: [2012.pycon.fr]
|
|
|
|
nginx_conf: |
|
|
|
|
server
|
|
|
|
{
|
2021-12-30 20:33:48 +00:00
|
|
|
listen [::]:80; listen 80;
|
2019-12-19 14:50:06 +00:00
|
|
|
server_name 2012.pycon.fr;
|
2019-12-19 14:58:06 +00:00
|
|
|
return 301 https://www.pycon.fr/2012/;
|
2019-12-19 14:50:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
server
|
|
|
|
{
|
2023-02-13 21:40:47 +00:00
|
|
|
listen [::]:443 ssl http2; listen 443 ssl http2;
|
2019-12-19 14:50:06 +00:00
|
|
|
server_name 2012.pycon.fr;
|
|
|
|
include snippets/letsencrypt-2012.pycon.fr.conf;
|
2019-12-19 14:58:06 +00:00
|
|
|
return 301 https://www.pycon.fr/2012/;
|
2019-12-19 14:50:06 +00:00
|
|
|
}
|
|
|
|
|
2019-12-16 21:09:24 +00:00
|
|
|
- name: Setup PyConFr 2011
|
2021-09-10 12:09:00 +00:00
|
|
|
include_role: name=nginx
|
2019-12-16 21:09:24 +00:00
|
|
|
vars:
|
2021-11-18 07:08:04 +00:00
|
|
|
nginx_domain: 2011.pycon.fr
|
2019-12-18 12:37:55 +00:00
|
|
|
nginx_certificates: [2011.pycon.fr]
|
2019-12-19 14:50:06 +00:00
|
|
|
nginx_conf: |
|
|
|
|
server
|
|
|
|
{
|
2021-12-30 20:33:48 +00:00
|
|
|
listen [::]:80; listen 80;
|
2019-12-19 14:50:06 +00:00
|
|
|
server_name 2011.pycon.fr;
|
2019-12-19 14:58:06 +00:00
|
|
|
return 301 https://www.pycon.fr/2011/;
|
2019-12-19 14:50:06 +00:00
|
|
|
}
|
2019-12-16 21:09:24 +00:00
|
|
|
|
2019-12-19 14:50:06 +00:00
|
|
|
server
|
|
|
|
{
|
2023-02-13 21:40:47 +00:00
|
|
|
listen [::]:443 ssl http2; listen 443 ssl http2;
|
2019-12-19 14:50:06 +00:00
|
|
|
server_name 2011.pycon.fr;
|
|
|
|
include snippets/letsencrypt-2011.pycon.fr.conf;
|
2019-12-19 14:58:06 +00:00
|
|
|
return 301 https://www.pycon.fr/2011/;
|
2019-12-19 14:50:06 +00:00
|
|
|
}
|
2019-12-16 21:09:24 +00:00
|
|
|
|
2019-12-19 14:53:22 +00:00
|
|
|
- name: Setup PyConFr 2010
|
2021-09-10 12:09:00 +00:00
|
|
|
include_role: name=nginx
|
2019-12-19 14:53:22 +00:00
|
|
|
vars:
|
2021-11-18 07:08:04 +00:00
|
|
|
nginx_domain: 2010.pycon.fr
|
2019-12-19 14:53:22 +00:00
|
|
|
nginx_certificates: [2010.pycon.fr]
|
|
|
|
nginx_conf: |
|
|
|
|
server
|
|
|
|
{
|
2021-12-30 20:33:48 +00:00
|
|
|
listen [::]:80; listen 80;
|
2019-12-19 14:53:22 +00:00
|
|
|
server_name 2010.pycon.fr;
|
2019-12-19 14:58:06 +00:00
|
|
|
return 301 https://www.pycon.fr/2010/;
|
2019-12-19 14:53:22 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
server
|
|
|
|
{
|
2023-02-13 21:40:47 +00:00
|
|
|
listen [::]:443 ssl http2; listen 443 ssl http2;
|
2019-12-19 14:53:22 +00:00
|
|
|
server_name 2010.pycon.fr;
|
|
|
|
include snippets/letsencrypt-2010.pycon.fr.conf;
|
2019-12-19 14:58:06 +00:00
|
|
|
return 301 https://www.pycon.fr/2010/;
|
2019-12-19 14:53:22 +00:00
|
|
|
}
|
|
|
|
|
2019-12-16 21:09:24 +00:00
|
|
|
- name: Setup sigal of paullaroid.pycon.fr
|
2021-09-10 12:09:00 +00:00
|
|
|
include_role: name=nginx
|
2019-12-16 21:09:24 +00:00
|
|
|
vars:
|
2019-12-18 12:37:55 +00:00
|
|
|
nginx_owner: paullaroid
|
2021-11-18 07:08:04 +00:00
|
|
|
nginx_domain: paullaroid.pycon.fr
|
2019-12-18 12:37:55 +00:00
|
|
|
nginx_certificates: [paullaroid.pycon.fr]
|
|
|
|
nginx_path: /var/www/paullaroid.pycon.fr/
|
2021-09-10 12:09:00 +00:00
|
|
|
nginx_conf: |
|
|
|
|
server
|
|
|
|
{
|
2021-12-30 20:33:48 +00:00
|
|
|
listen [::]:80; listen 80;
|
2021-09-10 12:09:00 +00:00
|
|
|
server_name paullaroid.pycon.fr;
|
|
|
|
|
|
|
|
return 301 https://$host$request_uri;
|
|
|
|
}
|
|
|
|
|
|
|
|
server
|
|
|
|
{
|
2023-02-13 21:40:47 +00:00
|
|
|
listen [::]:443 ssl http2; listen 443 ssl http2;
|
2021-09-10 12:09:00 +00:00
|
|
|
charset utf-8;
|
|
|
|
server_name paullaroid.pycon.fr;
|
|
|
|
include snippets/letsencrypt-paullaroid.pycon.fr.conf;
|
|
|
|
|
|
|
|
root /var/www/paullaroid.pycon.fr/;
|
|
|
|
index index.html;
|
|
|
|
}
|
2019-12-19 14:50:06 +00:00
|
|
|
|
|
|
|
- name: Setup fr.pycon.org
|
|
|
|
include_role: name=julienpalard.nginx
|
|
|
|
vars:
|
|
|
|
nginx_domain: fr.pycon.org
|
|
|
|
nginx_certificates: [fr.pycon.org]
|
|
|
|
nginx_conf: |
|
|
|
|
server
|
|
|
|
{
|
2021-12-30 20:33:48 +00:00
|
|
|
listen [::]:80; listen 80;
|
2019-12-19 14:50:06 +00:00
|
|
|
server_name fr.pycon.org;
|
2019-12-19 14:58:06 +00:00
|
|
|
return 301 https://www.pycon.fr/;
|
2019-12-19 14:50:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
server
|
|
|
|
{
|
2023-02-13 21:40:47 +00:00
|
|
|
listen [::]:443 ssl http2; listen 443 ssl http2;
|
2019-12-19 14:50:06 +00:00
|
|
|
server_name fr.pycon.org;
|
|
|
|
include snippets/letsencrypt-fr.pycon.org.conf;
|
2019-12-19 14:58:06 +00:00
|
|
|
return 301 https://www.pycon.fr/;
|
2019-12-19 14:50:06 +00:00
|
|
|
}
|