Drop unused role.
This commit is contained in:
parent
8a11c7ffee
commit
2cb3aa2a77
19
README.md
19
README.md
|
@ -113,29 +113,16 @@ Est une machine de test de Julien, configurée via Ansible, elle héberge:
|
||||||
|
|
||||||
On utilies ces rôles Ansible :
|
On utilies ces rôles Ansible :
|
||||||
|
|
||||||
|
## julienpalard.nginx
|
||||||
|
|
||||||
## gallery
|
Voir la [doc](https://github.com/JulienPalard/ansible-role-nginx).
|
||||||
|
|
||||||
C'est le rôle pour installer https://github.com/AFPy/pycon-fr-gallery
|
|
||||||
sur http://paullaroid.pycon.fr/.
|
|
||||||
|
|
||||||
Une démo est actuellement sur une machine de test de Julien:
|
|
||||||
|
|
||||||
curl --resolve paullaroid.pycon.fr:80:163.172.45.2 http://paullaroid.pycon.fr
|
|
||||||
|
|
||||||
|
|
||||||
## letsencrypt
|
|
||||||
|
|
||||||
*letsencrypt* est un rôle pour gérer un certificat HTTPS et son stub
|
|
||||||
nginx pour un domaine. Il s'utilise typiquement comme dépendance d'un
|
|
||||||
autre rôle, voir le `meta/main.yml` du rôle `gallery` par exemple.
|
|
||||||
|
|
||||||
|
|
||||||
## common
|
## common
|
||||||
|
|
||||||
*common* est un rôle "de base" permettant d'avoir une conf "normale"
|
*common* est un rôle "de base" permettant d'avoir une conf "normale"
|
||||||
sur toutes nos machines (emacs et vim installés, nos authorized-keys,
|
sur toutes nos machines (emacs et vim installés, nos authorized-keys,
|
||||||
pas de mlocate, ce genre de broutilles)
|
pas de mlocate, hostname propre, firewall, ce genre de broutilles).
|
||||||
|
|
||||||
|
|
||||||
# Backups
|
# Backups
|
||||||
|
|
4
roles/common/handlers/main.yml
Normal file
4
roles/common/handlers/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: reload nftables
|
||||||
|
service: name=nftables state=reloaded
|
|
@ -1,7 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
gallery_user: gallery
|
|
||||||
gallery_https: false
|
|
||||||
gallery_domain: paullaroid.pycon.fr
|
|
||||||
gallery_repo: https://github.com/AFPy/pycon-fr-gallery.git
|
|
||||||
gallery_home: /srv/gallery/
|
|
|
@ -1,4 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: reload nginx
|
|
||||||
service: name=nginx state=reloaded
|
|
|
@ -1,6 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
dependencies:
|
|
||||||
- role: julienpalard.nginx_letsencrypt
|
|
||||||
when: gallery_https
|
|
||||||
certificates: "{{ [[ gallery_domain]] }}"
|
|
|
@ -1,50 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: Install nginx
|
|
||||||
apt:
|
|
||||||
name: [nginx, git, python3, python3-venv]
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Gallery user
|
|
||||||
user:
|
|
||||||
name: "{{ gallery_user }}"
|
|
||||||
system: yes
|
|
||||||
home: "{{ gallery_home }}"
|
|
||||||
|
|
||||||
- name: Clone gallery repo
|
|
||||||
git:
|
|
||||||
repo: "{{ gallery_repo }}"
|
|
||||||
dest: "{{ gallery_home }}/repo"
|
|
||||||
register: clone_repo
|
|
||||||
|
|
||||||
- name: pip install sigal
|
|
||||||
pip:
|
|
||||||
name: sigal
|
|
||||||
virtualenv_command: /usr/bin/python3 -m venv
|
|
||||||
virtualenv: "{{ gallery_home }}/venv"
|
|
||||||
|
|
||||||
- name: Ensure sigal can write in its output dir
|
|
||||||
file:
|
|
||||||
path: "{{ gallery_home }}/repo/_build/"
|
|
||||||
state: directory
|
|
||||||
owner: "{{ gallery_user }}"
|
|
||||||
mode: 0755
|
|
||||||
|
|
||||||
- name: Build gallery
|
|
||||||
when: clone_repo.changed
|
|
||||||
command: "{{ gallery_home }}/venv/bin/sigal build"
|
|
||||||
args:
|
|
||||||
chdir: "{{ gallery_home }}/repo"
|
|
||||||
become: true
|
|
||||||
become_method: su
|
|
||||||
become_user: "{{ gallery_user }}"
|
|
||||||
become_flags: "-s /bin/sh"
|
|
||||||
|
|
||||||
- name: Configure nginx
|
|
||||||
template:
|
|
||||||
src: nginx-vhost
|
|
||||||
dest: "/etc/nginx/conf.d/{{ gallery_domain }}.conf"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
mode: 0644
|
|
||||||
notify: reload nginx
|
|
|
@ -1,33 +0,0 @@
|
||||||
{% if gallery_https %}
|
|
||||||
server {
|
|
||||||
listen 80;
|
|
||||||
server_name {{ gallery_domain }};
|
|
||||||
|
|
||||||
location / {
|
|
||||||
return 301 https://{{ gallery_domain }}$request_uri;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
server
|
|
||||||
{
|
|
||||||
listen 443 ssl;
|
|
||||||
server_name {{ gallery_domain }};
|
|
||||||
|
|
||||||
include snippets/letsencrypt-{{ gallery_domain }}.conf;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
root {{ gallery_home }}/repo/_build/;
|
|
||||||
try_files $uri $uri/ =404;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
{% else %}
|
|
||||||
server {
|
|
||||||
listen 80;
|
|
||||||
server_name {{ gallery_domain }};
|
|
||||||
|
|
||||||
location / {
|
|
||||||
root {{ gallery_home }}/repo/_build/;
|
|
||||||
try_files $uri $uri/ =404;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
{% endif %}
|
|
Loading…
Reference in New Issue
Block a user