--- - hosts: dl vars: uploaders: - mdk - hs-157 - pilou - entwanne - merwyn tasks: - name: Basic setup include_role: name=common - name: Create uploaders group group: name: uploaders state: present - name: Create uploaders accounts user: group: uploaders name: "{{ item }}" state: present loop: "{{ uploaders }}" - name: mkdir uploaders .ssh file: path: "~/.ssh" state: directory mode: 0755 become: yes become_user: "{{ item }}" loop: "{{ uploaders }}" - name: Set user authorized keys copy: content: "{{ authorized_keys[item]|join('\n') }}" dest: "~/.ssh/authorized_keys" mode: 0644 become: yes become_user: "{{ item }}" loop: "{{ uploaders }}" - name: Install dependencies apt: name: [libnginx-mod-http-fancyindex, rsync] state: present - name: Setup afpy.org tags: nginx include_role: name: nginx apply: tags: nginx vars: nginx_owner: dl-afpy-org nginx_domain: dl.afpy.org nginx_certificates: [dl.afpy.org, videos-2015.pycon.fr] nginx_conf: | server { listen [::]:80; listen 80; server_name dl.afpy.org; return 301 https://$host$request_uri; } server { listen [::]:80; listen 80; server_name videos-2015.pycon.fr; return 301 https://dl.afpy.org/pycon-fr-15$request_uri; } server { listen [::]:443 ssl http2; listen 443 ssl http2; server_name videos-2015.pycon.fr; include snippets/letsencrypt-dl.afpy.org.conf; return 301 https://dl.afpy.org/pycon-fr-15$request_uri; } server { listen [::]:443 ssl http2; listen 443 ssl http2; server_name dl.afpy.org; charset utf-8; include snippets/letsencrypt-dl.afpy.org.conf; root /var/www/dl.afpy.org/; add_header Content-Security-Policy "default-src 'none'; style-src 'unsafe-inline'; frame-ancestors 'self'; media-src 'self'"; add_header X-Content-Type-Options "nosniff"; location / { fancyindex on; fancyindex_exact_size off; # Output human-readable file sizes. fancyindex_name_length 150; } }