2021-04-04 17:26:30 +00:00
|
|
|
---
|
|
|
|
|
|
|
|
- hosts: dl
|
2021-04-06 19:49:04 +00:00
|
|
|
vars:
|
|
|
|
uploaders:
|
|
|
|
- login: mdk
|
|
|
|
authorized_keys: |
|
|
|
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8vv8vwmbyhFEa0chj8LklnnY6DRLKj2OM0NgaMTd9SsrtBeLMqTt34pU+kKl6/9EIe9P8Z1/fWFyOiTsE7Khf3rkNsoILPmEV14i18Bvtp4nMtljqZaKVkAcRjPvo7flRWNxxL2Zbo+BEr3wVCl3Sc6YV8oQzCwVPKf34AB39b+PW4f3580Aqcd4Ci6zca0Ol95tLDv1slX1A7QcpoZAne8kj5h6bb4cC7FLBC9+xOSKmzoLOlP7LsyxaUUGRyi/FeMoma1VES65aIJ5U23GtZrzZI3tKz+vpQvOVaozNTDkNLiiJkjd3Ew1I10wArpZixjwSndP8CvGFyJc1XUXZ julien+yubikey5@palard.fr
|
|
|
|
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKA7DgTQ0G7+kdsX0lIUOAAOllwGSCu8s8TxPvr/61Y8q+pIO5mrZycI0xYcKP5NZaABqlFyXUUNfLj7RLqteBxqq2QZP4NOJ1MutYRIkzJ9YW0f565jHaOqSguz0MY+1sCHtuEPiUUZoNexkKN7SIx60SfoaMEvGjAj46txA7VFbJUuKcJtA1Yvmn0C0KoXUUQ/G+JqvjQ7QuKLQYdTZ8S9OEvNaqNfwNSwvy1/LCnuajFw0O+H5bz7AcS5Iuj+9k8wgHPK1a1rQEdteOcn2XBCvta/VOVlFLv6/9K3iU3EJ1pyaZ88UkuJef8aWnH/AJGaF2gLqUbBuL+UeXyD41 julien+yubikey4@palard.fr
|
|
|
|
- login: hs-157
|
|
|
|
authorized_keys: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILQxDNqPx1uYblrbeliQZ5scDPFuMElTRBJmjUFwUMUB hs-157@jirafenn-2021-04-06"
|
|
|
|
- login: pilou
|
|
|
|
authorized_keys: []
|
|
|
|
- login: entwanne
|
|
|
|
authorized_keys: []
|
|
|
|
|
2021-04-04 17:26:30 +00:00
|
|
|
tasks:
|
|
|
|
- name: Basic setup
|
|
|
|
include_role: name=common
|
|
|
|
|
2021-04-06 19:49:04 +00:00
|
|
|
- name: Create uploaders group
|
|
|
|
group:
|
|
|
|
name: uploaders
|
|
|
|
state: present
|
|
|
|
|
|
|
|
- name: Create uploaders accounts
|
|
|
|
user:
|
|
|
|
group: uploaders
|
|
|
|
name: "{{ item.login }}"
|
|
|
|
state: present
|
|
|
|
loop: "{{ uploaders }}"
|
|
|
|
loop_control:
|
|
|
|
label: "{{ item.login }}"
|
|
|
|
|
|
|
|
- name: mkdir uploaders .ssh
|
|
|
|
file:
|
|
|
|
path: "~/.ssh"
|
|
|
|
state: directory
|
|
|
|
mode: 0755
|
|
|
|
become: yes
|
|
|
|
become_user: "{{ item.login }}"
|
|
|
|
loop: "{{ uploaders }}"
|
|
|
|
loop_control:
|
|
|
|
label: "{{ item.login }}"
|
|
|
|
|
|
|
|
- name: Set user authorized keys
|
|
|
|
copy:
|
|
|
|
content: "{{ item.authorized_keys }}"
|
|
|
|
dest: "~/.ssh/authorized_keys"
|
|
|
|
mode: 0644
|
|
|
|
become: yes
|
|
|
|
become_user: "{{ item.login }}"
|
|
|
|
loop: "{{ uploaders }}"
|
|
|
|
loop_control:
|
|
|
|
label: "{{ item.login }}"
|
|
|
|
|
2021-04-04 17:26:30 +00:00
|
|
|
- name: Install nginx fancyindex
|
|
|
|
apt:
|
|
|
|
name: libnginx-mod-http-fancyindex
|
|
|
|
state: present
|
|
|
|
|
|
|
|
- name: Setup afpy.org
|
|
|
|
include_role: name=julienpalard.nginx
|
|
|
|
vars:
|
|
|
|
nginx_owner: dl-afpy-org
|
|
|
|
nginx_domain: dl.afpy.org
|
|
|
|
nginx_certificates: [dl.afpy.org, videos-2015.pycon.fr]
|
|
|
|
nginx_conf: |
|
|
|
|
server
|
|
|
|
{
|
|
|
|
listen 80;
|
|
|
|
server_name dl.afpy.org videos-2015.pycon.fr;
|
|
|
|
access_log /var/log/nginx/http-access.log;
|
|
|
|
error_log /var/log/nginx/http-error.log;
|
|
|
|
return 301 https://$host$request_uri;
|
|
|
|
}
|
|
|
|
|
|
|
|
server
|
|
|
|
{
|
|
|
|
listen 443 ssl;
|
|
|
|
server_name dl.afpy.org;
|
|
|
|
access_log /var/log/nginx/dl.afpy.org-access.log;
|
|
|
|
error_log /var/log/nginx/dl.afpy.org-error.log;
|
|
|
|
include snippets/letsencrypt-dl.afpy.org.conf;
|
|
|
|
|
|
|
|
root /var/www/dl.afpy.org/;
|
|
|
|
|
|
|
|
location /
|
|
|
|
{
|
|
|
|
fancyindex on;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
server
|
|
|
|
{
|
|
|
|
listen 443 ssl;
|
|
|
|
server_name videos-2015.pycon.fr;
|
|
|
|
access_log /var/log/nginx/videos-2015.pycon.fr-access.log;
|
|
|
|
error_log /var/log/nginx/videos-2015.pycon.fr-error.log;
|
|
|
|
include snippets/letsencrypt-dl.afpy.org.conf;
|
|
|
|
|
|
|
|
root /var/www/videos-2015.pycon.fr/;
|
|
|
|
|
|
|
|
location /
|
|
|
|
{
|
|
|
|
index index.html;
|
|
|
|
}
|
|
|
|
}
|