AFPy/infra
AFPy
/
infra
9
0
Fork 2
Code Issues 5 Pull Requests Projects Releases Wiki Activity
infra/roles/pasteque/tasks/main.yml

142 lines
4.1 KiB
YAML
Raw Blame History

---
- name: Setup nginx
include_role: name=nginx
vars:
nginx_owner: "{{ pasteque_user }}"
nginx_domain: "{{ pasteque_host }}"
nginx_certificates: ["{{ pasteque_host }}"]
nginx_conf: |
server
{
listen [::]:80; listen 80;
server_name {{ pasteque_host }};
return 301 https://$host$request_uri;
}
server
{
listen [::]:443 ssl http2; listen 443 ssl http2;
server_name {{ pasteque_host }};
include snippets/letsencrypt-{{ pasteque_host }}.conf;
add_header Content-Security-Policy "default-src 'self'";
add_header X-Frame-Options DENY;
add_header X-XSS-Protection "1; mode=block";
charset utf-8;
location /::/static
{
alias /home/{{ pasteque_user }}/static/;
expires 30d;
}
location /
{
proxy_pass http://unix:/run/{{ pasteque_user }}/pasteque.sock;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
- name: Clone pasteque
become: true
become_user: "{{ pasteque_user }}"
notify: restart pasteque
git:
repo: https://git.afpy.org/AFPy/pasteque
dest: "/home/{{ pasteque_user }}/src/"
update: yes
- name: Setup or upgrade venv
become: true
become_user: "{{ pasteque_user }}"
command: python3 -m venv --upgrade-deps "/home/{{ pasteque_user }}/venv"
changed_when: False
- name: Install gunicorn in venv
become: true
become_user: "{{ pasteque_user }}"
pip:
name: gunicorn
virtualenv_command: "/usr/bin/python3 -m venv"
virtualenv: "/home/{{ pasteque_user }}/venv/"
- name: Install dependencies in venv
become: true
become_user: "{{ pasteque_user }}"
notify: restart pasteque
pip:
requirements: "/home/{{ pasteque_user }}/src/requirements.txt"
virtualenv_command: "/usr/bin/python3 -m venv"
virtualenv: "/home/{{ pasteque_user }}/venv/"
- name: Create static/ directory
file:
path: /home/{{ pasteque_user }}/static/
state: directory
owner: "{{ pasteque_user }}"
group: "{{ pasteque_user }}"
mode: 0755
- name: Configure Pasteque
notify: restart pasteque
copy:
dest: "/home/{{ pasteque_user }}/src/local_settings.py"
content: |
DISPLAY_NAME = '{{ pasteque_display_name }}'
SECRET_KEY = '{{ pasteque_secret }}'
ALLOWED_HOSTS = ['{{ pasteque_host }}']
TIME_ZONE = 'Europe/Paris'
LANGUAGE_CODE = 'en-US'
DEBUG = False
COMPRESS_ENABLED = False
STATIC_ROOT = "/home/{{ pasteque_user }}/static/"
ADMINS = (("mdk", "julien+pafpy@palard.fr"),)
- name: Migrate db
become: true
become_user: "{{ pasteque_user }}"
notify: restart pasteque
command: "/home/{{ pasteque_user }}/venv/bin/python manage.py migrate"
args:
chdir: "/home/{{ pasteque_user }}/src"
register: migrate_result
changed_when: '" Applying " in migrate_result.stdout'
- name: Collectstatic
become: true
become_user: "{{ pasteque_user }}"
notify: restart pasteque
command: "/home/{{ pasteque_user }}/venv/bin/python manage.py collectstatic --noinput"
args:
chdir: "/home/{{ pasteque_user }}/src"
register: collectstatic_result
changed_when: '"Copying " in collectstatic_result.stdout'
- name: Configure systemd
notify: restart pasteque
copy:
dest: /etc/systemd/system/pasteque.service
content: |
[Unit]
Description=Le pastebin de l'AFPy
After=network.target
[Service]
User={{ pasteque_user }}
Group={{ pasteque_user }}
RuntimeDirectory={{ pasteque_user }}
WorkingDirectory=/home/{{ pasteque_user }}//src/
ExecStart=/home/{{ pasteque_user }}/venv/bin/gunicorn -t 120 -w 1 --bind unix:/run/{{ pasteque_user }}/pasteque.sock webtools.wsgi
[Install]
WantedBy=multi-user.target
- name: Start pasteque
service: name=pasteque enabled=yes state=started daemon_reload=yes
Reference in New Issue View Git Blame Copy Permalink