57 lines
1.8 KiB
YAML
57 lines
1.8 KiB
YAML
---
|
|
|
|
- hosts: mdk
|
|
vars:
|
|
letsencrypt_email: julien@palard.fr
|
|
glowing_bear_version: 0.9.0
|
|
tasks:
|
|
- name: Setup weechat
|
|
include_role: name=weechat
|
|
tags: always
|
|
vars:
|
|
owner: weechat
|
|
|
|
- name: Setup Glowing Bear
|
|
tags: weechat
|
|
unarchive:
|
|
src: https://github.com/glowing-bear/glowing-bear/archive/{{ glowing_bear_version }}.tar.gz
|
|
remote_src: true
|
|
dest: "/usr/local/src/"
|
|
|
|
- name: Configure irc.mdk.fr
|
|
tags: weechat
|
|
include_role: name=nginx
|
|
vars:
|
|
nginx_domain: irc.mdk.fr
|
|
nginx_certificates: [irc.mdk.fr]
|
|
nginx_conf: |
|
|
# Set connection header based on upgrade header
|
|
map $http_upgrade $connection_upgrade {
|
|
default upgrade;
|
|
'' close;
|
|
}
|
|
|
|
server
|
|
{
|
|
listen 443 ssl http2;
|
|
include snippets/letsencrypt-irc.mdk.fr.conf;
|
|
add_header Content-Security-Policy "default-src 'self'; img-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' cdnjs.cloudflare.com; object-src 'none'; frame-src 'none'; font-src cdnjs.cloudflare.com;";
|
|
add_header X-Frame-Options DENY;
|
|
server_name irc.mdk.fr;
|
|
|
|
location /
|
|
{
|
|
root /usr/local/src/glowing-bear-{{ glowing_bear_version }}/;
|
|
index index.html;
|
|
}
|
|
|
|
location /weechat
|
|
{
|
|
proxy_pass http://127.0.0.1:9000;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_read_timeout 4h;
|
|
}
|
|
}
|