Drop unused role.
This commit is contained in:
parent
8a11c7ffee
commit
2cb3aa2a77
19
README.md
19
README.md
|
@ -113,29 +113,16 @@ Est une machine de test de Julien, configurée via Ansible, elle héberge:
|
|||
|
||||
On utilies ces rôles Ansible :
|
||||
|
||||
## julienpalard.nginx
|
||||
|
||||
## gallery
|
||||
|
||||
C'est le rôle pour installer https://github.com/AFPy/pycon-fr-gallery
|
||||
sur http://paullaroid.pycon.fr/.
|
||||
|
||||
Une démo est actuellement sur une machine de test de Julien:
|
||||
|
||||
curl --resolve paullaroid.pycon.fr:80:163.172.45.2 http://paullaroid.pycon.fr
|
||||
|
||||
|
||||
## letsencrypt
|
||||
|
||||
*letsencrypt* est un rôle pour gérer un certificat HTTPS et son stub
|
||||
nginx pour un domaine. Il s'utilise typiquement comme dépendance d'un
|
||||
autre rôle, voir le `meta/main.yml` du rôle `gallery` par exemple.
|
||||
Voir la [doc](https://github.com/JulienPalard/ansible-role-nginx).
|
||||
|
||||
|
||||
## common
|
||||
|
||||
*common* est un rôle "de base" permettant d'avoir une conf "normale"
|
||||
sur toutes nos machines (emacs et vim installés, nos authorized-keys,
|
||||
pas de mlocate, ce genre de broutilles)
|
||||
pas de mlocate, hostname propre, firewall, ce genre de broutilles).
|
||||
|
||||
|
||||
# Backups
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
|
||||
- name: reload nftables
|
||||
service: name=nftables state=reloaded
|
|
@ -1,7 +0,0 @@
|
|||
---
|
||||
|
||||
gallery_user: gallery
|
||||
gallery_https: false
|
||||
gallery_domain: paullaroid.pycon.fr
|
||||
gallery_repo: https://github.com/AFPy/pycon-fr-gallery.git
|
||||
gallery_home: /srv/gallery/
|
|
@ -1,4 +0,0 @@
|
|||
---
|
||||
|
||||
- name: reload nginx
|
||||
service: name=nginx state=reloaded
|
|
@ -1,6 +0,0 @@
|
|||
---
|
||||
|
||||
dependencies:
|
||||
- role: julienpalard.nginx_letsencrypt
|
||||
when: gallery_https
|
||||
certificates: "{{ [[ gallery_domain]] }}"
|
|
@ -1,50 +0,0 @@
|
|||
---
|
||||
|
||||
- name: Install nginx
|
||||
apt:
|
||||
name: [nginx, git, python3, python3-venv]
|
||||
state: present
|
||||
|
||||
- name: Gallery user
|
||||
user:
|
||||
name: "{{ gallery_user }}"
|
||||
system: yes
|
||||
home: "{{ gallery_home }}"
|
||||
|
||||
- name: Clone gallery repo
|
||||
git:
|
||||
repo: "{{ gallery_repo }}"
|
||||
dest: "{{ gallery_home }}/repo"
|
||||
register: clone_repo
|
||||
|
||||
- name: pip install sigal
|
||||
pip:
|
||||
name: sigal
|
||||
virtualenv_command: /usr/bin/python3 -m venv
|
||||
virtualenv: "{{ gallery_home }}/venv"
|
||||
|
||||
- name: Ensure sigal can write in its output dir
|
||||
file:
|
||||
path: "{{ gallery_home }}/repo/_build/"
|
||||
state: directory
|
||||
owner: "{{ gallery_user }}"
|
||||
mode: 0755
|
||||
|
||||
- name: Build gallery
|
||||
when: clone_repo.changed
|
||||
command: "{{ gallery_home }}/venv/bin/sigal build"
|
||||
args:
|
||||
chdir: "{{ gallery_home }}/repo"
|
||||
become: true
|
||||
become_method: su
|
||||
become_user: "{{ gallery_user }}"
|
||||
become_flags: "-s /bin/sh"
|
||||
|
||||
- name: Configure nginx
|
||||
template:
|
||||
src: nginx-vhost
|
||||
dest: "/etc/nginx/conf.d/{{ gallery_domain }}.conf"
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify: reload nginx
|
|
@ -1,33 +0,0 @@
|
|||
{% if gallery_https %}
|
||||
server {
|
||||
listen 80;
|
||||
server_name {{ gallery_domain }};
|
||||
|
||||
location / {
|
||||
return 301 https://{{ gallery_domain }}$request_uri;
|
||||
}
|
||||
}
|
||||
|
||||
server
|
||||
{
|
||||
listen 443 ssl;
|
||||
server_name {{ gallery_domain }};
|
||||
|
||||
include snippets/letsencrypt-{{ gallery_domain }}.conf;
|
||||
|
||||
location / {
|
||||
root {{ gallery_home }}/repo/_build/;
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
}
|
||||
{% else %}
|
||||
server {
|
||||
listen 80;
|
||||
server_name {{ gallery_domain }};
|
||||
|
||||
location / {
|
||||
root {{ gallery_home }}/repo/_build/;
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
}
|
||||
{% endif %}
|
Loading…
Reference in New Issue