Drop no longer needed CTFd.
This commit is contained in:
parent
dcb9d4441c
commit
562ca983f6
141
ctfd.yml
141
ctfd.yml
|
@ -1,141 +0,0 @@
|
|||
---
|
||||
|
||||
- hosts: ctfd
|
||||
vars:
|
||||
domain: ctf.eqy.fr
|
||||
owner: ctfd
|
||||
version: master
|
||||
home: "/home/ctfd"
|
||||
letsencrypt_email: julien@palard.fr
|
||||
secret_key: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
34396134346435343464653766663833643061666164323337646137636631643930326633333239
|
||||
3433333563366461646665643739383466343465663733650a326533316138366336333231616162
|
||||
62623562346561663936303861363863626336343437333164343063323533353432653766356334
|
||||
6138343864666637660a383165356630363533376562323663353636373636613035636339626631
|
||||
31643062353434333534333130636237396365633662343964666134333833373439363833323062
|
||||
3032666163643162613766306437356438653538333163346531
|
||||
tasks:
|
||||
- name: Create user
|
||||
user:
|
||||
name: "{{ owner }}"
|
||||
home: "{{ home }}"
|
||||
|
||||
- name: Clone ctfd
|
||||
git:
|
||||
repo: https://github.com/CTFd/CTFd
|
||||
dest: "{{ home }}/CTFd/"
|
||||
become: true
|
||||
become_user: "{{ owner }}"
|
||||
|
||||
- name: Setup secret key
|
||||
copy:
|
||||
content: "{{ secret_key }}"
|
||||
dest: "{{ home }}/CTFd/.ctfd_secret_key"
|
||||
|
||||
- name: Configure nginx
|
||||
include_role: name=nginx
|
||||
vars:
|
||||
nginx_domain: "{{ domain }}"
|
||||
nginx_certificates:
|
||||
- "{{ domain }}"
|
||||
nginx_owner: "{{ owner }}"
|
||||
nginx_conf: |
|
||||
server
|
||||
{
|
||||
listen 80;
|
||||
server_name {{ domain }};
|
||||
access_log /var/log/nginx/{{ domain }}-access.log;
|
||||
error_log /var/log/nginx/{{ domain }}-error.log;
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
server
|
||||
{
|
||||
listen 443 ssl;
|
||||
server_name {{ domain }};
|
||||
access_log /var/log/nginx/{{ domain }}-access.log;
|
||||
error_log /var/log/nginx/{{ domain }}-error.log;
|
||||
include snippets/letsencrypt-{{ domain }}.conf;
|
||||
|
||||
add_header X-Frame-Options DENY;
|
||||
|
||||
charset utf-8;
|
||||
|
||||
location /
|
||||
{
|
||||
proxy_pass http://unix:{{ home }}/ctfd.sock;
|
||||
proxy_redirect off;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
}
|
||||
}
|
||||
|
||||
- name: Install requirements
|
||||
pip:
|
||||
requirements: "{{ home }}/CTFd/requirements.txt"
|
||||
virtualenv_command: "/usr/bin/python3 -m venv"
|
||||
virtualenv: "{{ home }}/venv/"
|
||||
become: true
|
||||
become_user: "{{ owner }}"
|
||||
|
||||
- name: Install MariaDB
|
||||
# CTFd can run on SQLite but with migration issues
|
||||
# See #1988.
|
||||
package:
|
||||
state: present
|
||||
name:
|
||||
- mariadb-server
|
||||
- python3-pymysql
|
||||
|
||||
- name: MariaDB database
|
||||
community.mysql.mysql_db:
|
||||
name: ctfd
|
||||
state: present
|
||||
login_unix_socket: /run/mysqld/mysqld.sock
|
||||
|
||||
- name: MariaDB user
|
||||
community.mysql.mysql_user:
|
||||
state: present
|
||||
name: ctfd
|
||||
priv: 'ctfd.*:ALL'
|
||||
login_unix_socket: /run/mysqld/mysqld.sock
|
||||
|
||||
- name: Configure CTFd to use MariaDB
|
||||
lineinfile:
|
||||
path: '/home/ctfd/CTFd/CTFd/config.ini'
|
||||
regex: '^DATABASE_URL'
|
||||
line: 'DATABASE_URL = mysql+pymysql://ctfd@/ctfd?unix_socket=/run/mysqld/mysqld.sock'
|
||||
notify: Restart CTFd
|
||||
|
||||
- name: Configure systemd
|
||||
copy:
|
||||
dest: "/etc/systemd/system/{{ domain }}.service"
|
||||
content: |
|
||||
[Unit]
|
||||
Description=CTFd ({{ domain }})
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
PIDFile={{ home }}/gunicorn.pid
|
||||
User={{ owner }}
|
||||
Group={{ owner }}
|
||||
RuntimeDirectory=pasteque
|
||||
WorkingDirectory={{ home }}/CTFd/
|
||||
ExecStart={{ home }}/venv/bin/gunicorn --worker-class gevent -w6 -t 120 --pid {{ home }}/gunicorn.pid \
|
||||
--bind unix:{{ home }}/ctfd.sock wsgi:app
|
||||
ExecReload=/bin/kill -s HUP $MAINPID
|
||||
ExecStop=/bin/kill -s TERM $MAINPID
|
||||
PrivateTmp=true
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
- name: Start CTFd
|
||||
service: name="{{ domain }}" enabled=no state=stopped daemon_reload=yes
|
||||
|
||||
handlers:
|
||||
- name: Restart CTFd
|
||||
service: name=ctf.eqy.fr state=restarted
|
Loading…
Reference in New Issue