2019-12-18 16:14:53 +00:00
|
|
|
---
|
|
|
|
|
|
|
|
- hosts: webservers
|
|
|
|
tasks:
|
|
|
|
- name: Basic setup
|
|
|
|
include_role: name=common
|
|
|
|
|
|
|
|
- name: Setup logs.afpy.org
|
2021-11-18 08:42:13 +00:00
|
|
|
include_role: name=nginx
|
2019-12-18 16:14:53 +00:00
|
|
|
vars:
|
|
|
|
nginx_owner: logs-afpy-org
|
|
|
|
nginx_domain: logs.afpy.org
|
|
|
|
nginx_certificates: [logs.afpy.org]
|
|
|
|
nginx_public_deploy_key: "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA8BxBkDeX8exqUzvU813yOUx7mu1Ax5cfntFJo8a80CZ4m/jKNXwqd5eW7Vp6hVNvKuKcb58SgUzQ/Yl2AaMqF2KMD+aAwSYaqtJCFVYG+zjpGhQuxvQVKb9Pvdu9clpRHAYUw9bD/GG2YLdaryLqr54XCF6h/bCc6gHcj/UhByoQJwCbkBTCvCzHHEOe+Je2RAQc5nDWACXffO1LduHtjDvRH5wpnfubYy96fLfwFhFNNvci4vRxKA0JTFlU5URds5Y+Uk5pH+yRzN3DBZhdXTg5w2Ox9d+Xd5NxpInMiHJzI+Ldax7DolYXEFx5ZT+gSOo3VOzvo6fjHYEp2LALOQ== gawel@boiboite"
|
|
|
|
nginx_conf: |
|
|
|
|
server
|
|
|
|
{
|
2021-12-30 20:33:48 +00:00
|
|
|
listen [::]:80; listen 80;
|
2019-12-18 16:14:53 +00:00
|
|
|
server_name logs.afpy.org;
|
|
|
|
return 301 https://$host$request_uri;
|
|
|
|
}
|
|
|
|
|
|
|
|
server
|
|
|
|
{
|
2023-02-13 21:40:47 +00:00
|
|
|
listen [::]:443 ssl http2; listen 443 ssl http2;
|
2019-12-18 16:14:53 +00:00
|
|
|
server_name logs.afpy.org;
|
|
|
|
include snippets/letsencrypt-logs.afpy.org.conf;
|
|
|
|
location /
|
|
|
|
{
|
|
|
|
include proxy_params;
|
|
|
|
proxy_pass http://unix:/run/logs-afpy-org/website.sock;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-12-18 21:55:49 +00:00
|
|
|
- name: Logs are written by alain
|
|
|
|
file:
|
|
|
|
path: /var/www/logs.afpy.org/
|
|
|
|
owner: alain
|
|
|
|
mode: 0755
|
|
|
|
state: directory
|
|
|
|
|
2019-12-18 16:14:53 +00:00
|
|
|
- name: logs-afpy-org user can reload own website
|
|
|
|
lineinfile:
|
|
|
|
path: /etc/sudoers
|
|
|
|
state: present
|
|
|
|
regexp: '^logs-afpy-org '
|
|
|
|
line: "logs-afpy-org ALL = NOPASSWD: /bin/systemctl restart logs-afpy-org.service"
|
|
|
|
validate: /usr/sbin/visudo -cf %s
|
|
|
|
|
|
|
|
- name: Initial clone
|
|
|
|
become: true
|
|
|
|
become_user: logs-afpy-org
|
|
|
|
git:
|
|
|
|
repo: https://github.com/AFPy/AfpyLogs/
|
|
|
|
dest: /home/logs-afpy-org/src/
|
2021-05-01 15:30:02 +00:00
|
|
|
update: yes
|
2019-12-18 16:14:53 +00:00
|
|
|
|
2023-03-30 12:52:05 +00:00
|
|
|
- name: Setup or upgrade venv
|
|
|
|
become: true
|
|
|
|
become_user: logs-afpy-org
|
|
|
|
command: python3 -m venv --upgrade-deps /home/logs-afpy-org/venv/
|
|
|
|
changed_when: False
|
|
|
|
|
2019-12-18 16:14:53 +00:00
|
|
|
- name: pip install logs.afpy.org website
|
|
|
|
become: true
|
|
|
|
become_user: logs-afpy-org
|
|
|
|
pip:
|
2021-05-01 15:30:02 +00:00
|
|
|
requirements: /home/logs-afpy-org/src/requirements.txt
|
2019-12-18 16:14:53 +00:00
|
|
|
virtualenv_command: /usr/bin/python3 -m venv
|
|
|
|
virtualenv: "/home/logs-afpy-org/venv/"
|
|
|
|
|
2021-05-01 15:30:02 +00:00
|
|
|
- name: Configure afpy logs server
|
|
|
|
copy:
|
|
|
|
dest: /home/logs-afpy-org/src/config-production.py
|
|
|
|
content: |
|
|
|
|
SECRET_KEY = "Currently unused
|
|
|
|
|
|
|
|
JINJA_ENV = {
|
|
|
|
"TRIM_BLOCKS": True,
|
|
|
|
"LSTRIP_BLOCKS": True,
|
|
|
|
}
|
|
|
|
|
|
|
|
LOG_PATH = "/var/www/logs.afpy.org/"
|
|
|
|
|
|
|
|
# IRSSI log pattern:
|
|
|
|
DATE_FORMAT = "(\d+-\d+-\d+ )?(?P<time>\d\d:\d\d)"
|
|
|
|
LOG_PATTERN = r"^%s\s+[<*]\s*(?P<nick>[^> ]+)[> ]\s+(?P<message>.*)$" % DATE_FORMAT
|
|
|
|
|
|
|
|
BOLD_PATTERN = r"\*[^*\s]+\*"
|
|
|
|
BOLD_HTML = "<b>{text}</b>"
|
|
|
|
notify: logs-afpy-org.service
|
|
|
|
|
2019-12-18 16:14:53 +00:00
|
|
|
- name: systemd logs.afpy.org service
|
|
|
|
copy:
|
|
|
|
dest: /etc/systemd/system/logs-afpy-org.service
|
|
|
|
content: |
|
|
|
|
[Unit]
|
|
|
|
Description=IRC Logs website
|
|
|
|
After=network.target
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
PIDFile=/run/logs-afpy-org/website.pid
|
|
|
|
User=logs-afpy-org
|
|
|
|
Group=logs-afpy-org
|
|
|
|
RuntimeDirectory=logs-afpy-org
|
|
|
|
WorkingDirectory=/home/logs-afpy-org/src/
|
|
|
|
ExecStart=/home/logs-afpy-org/venv/bin/gunicorn -w 2 \
|
|
|
|
--pid /run/logs-afpy-org/website.pid \
|
|
|
|
--bind unix:/run/logs-afpy-org/website.sock \
|
2021-05-01 15:30:02 +00:00
|
|
|
app
|
2019-12-18 16:14:53 +00:00
|
|
|
ExecReload=/bin/kill -s HUP $MAINPID
|
|
|
|
ExecStop=/bin/kill -s TERM $MAINPID
|
|
|
|
PrivateTmp=true
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
WantedBy=multi-user.target
|
|
|
|
|
|
|
|
- service: name=logs-afpy-org state=started enabled=yes
|
|
|
|
|
|
|
|
handlers:
|
|
|
|
- name: reload nginx
|
|
|
|
service: name=nginx state=reloaded
|
2021-05-01 15:30:02 +00:00
|
|
|
|
|
|
|
- name: logs-afpy-org.service
|
|
|
|
systemd:
|
|
|
|
name: logs-afpy-org.service
|
|
|
|
state: restarted
|
|
|
|
daemon_reload: yes
|