Ajout du site de don en test

.gitmodules

@@ -62,3 +62,11 @@
 	path = roles/forum-lqdn
 	url = https://git.laquadrature.net/lqdn-interne/piops-roles/forum-lqdn
 	branch = master
+[submodule "roles/don-lqdn"]
+	path = roles/don-lqdn
+	url = gitlab@git.laquadrature.net:lqdn-interne/piops-roles/don-lqdn.git
+	branch = main
+[submodule "roles/ansible-role-php"]
+	path = roles/ansible-role-php
+	url = https://github.com/geerlingguy/ansible-role-php.git
+	branch = master

group_vars/don/don.yml

+# Variables pour le site de don en test
+
+don_domaine: "don.test.lqdn.fr"
+
+## Don Config
+
+# SQL
+don_sql_database: "don"
+don_sql_user: "don"
+don_sql_password: {{ vault_test_don_sql_password }}
+
+# Payements
+don_base_domain: {{ don_domaine }}
+don_payement_url: "http://localhost:5001/payment"
+don_return_check_url: "http://localhost:5001/check"
+don_site_id: "0"
+don_certificate: ""
+don_ctx_mode: "DEVELOPPEMENT"
+
+# Piplome
+don_piplome_path: ""
+don_piplome_url: ""
+
+# Logs
+
+don_logs: "/home/don/don/logs"
+
+# Campagne
+don_campaign_start_date: ""
+don_campaign_budget: ""
+
+# SMTP
+don_smtp_host: "localhost"
+don_smtp_port: 25
+don_smtp_security: "none" # tls, ssl, or none
+don_smtp_user: ""
+don_smtp_pw: ""
+
+# Env debug
+don_debug: 0
+don_env: "env"
+
+## PHP Config
+
+php_webserver_daemon: "nginx"
+php_enable_php_fpm: true
+php_memory_limit: "128M"
+php_max_execution_time: "90"
+php_upload_max_filesize: "256M"
+php_fpm_pools:
+  - pool_name: don
+    pool_template: www.conf.j2
+    pool_listen: "127.0.0.1:9000"
+    pool_listen_allowed_clients: "127.0.0.1"
+    pool_pm: dynamic
+    pool_pm_max_children: 5
+    pool_pm_start_servers: 2
+    pool_pm_min_spare_servers: 1
+    pool_pm_max_spare_servers: 3
+    pool_pm_max_requests: 500
+
+
+
+## Cerbot config
+certbot_install_method: package
+certbot_admin_email: "{{ sysadmin_email }}"
+certbot_create_if_missing: True
+certbot_create_method: standalone
+certbot_certs:
+    - domains:
+      - {{ don_domaine }}
+certbot_auto_renew_options: '--webroot -w /var/www/letsencrypt && systemctl reload nginx'
+certbot_auto_renew: true
+
+## Nginx config
+nginx_vhosts:
+  - listen: "443 ssl http2"
+    server_name: {{ don_domaine }}
+    access_log: "/var/log/nginx/{{ don_domaine }}_access.log"
+    error_log: "/var/log/nginx/{{ don_domaine }}_error.log"
+    state: "present"
+    template: "{{ nginx_vhost_template }}"
+    filename: "{{ don_domaine }}.https.conf"
+    extra_parameters: |
+      location / {
+        proxy_buffering off;
+        proxy_set_header Referer $http_referer;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Server $host;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Port $server_port;
+        proxy_set_header Host $http_host;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+
+        proxy_pass http://127.0.0.1:9000;
+        proxy_redirect off;
+      }
+      location /.well-known/acme-challenge {
+        alias /var/www/letsencrypt/.well-known/acme-challenge;
+      }
+      ssl_certificate /etc/letsencrypt/live/{{ don_domaine }}/fullchain.pem;
+      ssl_certificate_key /etc/letsencrypt/live/{{ don_domaine }}/privkey.pem;
+      ssl_protocols       TLSv1.1 TLSv1.2;
+      ssl_ciphers         HIGH:!aNULL:!MD5;
+  - listen: "80"
+    server_name: "{{ don_domaine }}"
+    access_log: "/var/log/nginx/{{ don_domaine }}_access.log"
+    error_log: "/var/log/nginx/{{ don_domaine }}_error.log"
+    state: "present"
+    template: "{{ nginx_vhost_template }}"
+    filename: "{{ don_domaine }}.http.conf"
+    extra_parameters: |
+      location / {
+        return 302 https://{{ don_domaine }}$request_uri;
+      }

group_vars/test/test.vault.yml

 $ANSIBLE_VAULT;1.1;AES256
-33343865613863366161303366636164643433313939313964383463633361643836303439366535
-3037653830303866353132336135613266353436336530660a643861616533333866343861333436
-63363135313132643231303762613032313965343831346238343437643532356633653538393866
-6461373936623661380a613965633961613630353636373238613131633031616530316565343235
-38346135396430383435366662376230363661353133373163313564663764313633353935623064
-62336166666535303731633236666239363337393335646435666536613764633831346362316365
-65333830633136343038343236333335663035376432326532343665623734353535336637323662
-31336437633566303663636137323063646437323030623832376264353565396364373462383930
-64613465363330363233366464633965326362383466323836316262316164363333386132373734
-35323535613764343630653062653666356432326438346437366436303037646230326431313732
-35316632336230333664636432663238383963663166306163396632306432343733343235633464
-33656566643661613362663131306232333365363034373565636266653263666135376563396566
-61656531323166373666366465326362636235636535386264353336353434353563623164386338
-62386362346630613361366435376231623832383137303237363835306631353835373130613434
-38386566316233393830353638313834336139386139333930373836623235616536623136653865
-38303633356563663836356564656566303362373933323331633965316539626631633663643638
-64656438653663356636396136343936623932613630643562393838663765623262323037663539
-33346461653631306134316138303761356636616532666465366238383739373465373462666435
-39306136333836313035376362656531356262653465373166363738666564633763316533396436
-37333733363566313262313632633362373963336530373439333266643962636466363462663164
-37376639633533323762303133393430323234343264343438616233313264643430356562613339
-34356265323061393534663636646463356162653035316364663637653738346363313036333865
-646563373730363631363664366463383566
+62353536333439376136363238313461323931323636373462373137373932346662323131333361
+6666346338313530626162326433376135626638633664650a373134343437336438323033306631
+33383066666563343138366466373161663739353631323433623138626532323037636635663034
+6434373931633434360a646337353966316163303862643765663134643531386230303935343332
+62313333666133376163366539633037386337626438383062353730323931363438646661316235
+34363336633634326665653934626635666162313032343130653630343865623866323232623466
+38613365346662613237366335386237656430636332393064376536633331313862373862636536
+66323833396531366565616239653030323261303965613739336530653464366635666463666364
+64643839306662373436313234366563626262356661353130616632393737316535313063663237
+34616365366539323737356165623539383938316437323939616335313730626464663864363261
+30346630363262333634363239623762653030356131303339383861393839666231346566373363
+31616237326636666136336335616436636337643139353336636230336234363031376631626463
+36366566353663343761623739623964343936353938373836316338306363396366653466376162
+64626139633238303061636339313834373666653165323435613539393565653032663066373466
+63643138356333396633326563303764646363396439663862613839363330666339373039613738
+65666232343438303533623735613461336633383864666339616631353336653035666430623732
+64376530643563336138313137356266396537396639373830346538313032613330626461326134
+61316263323136383864616630663333333436323534353964336539353031656264353763346539
+32326662363162313862313862393730363966666239373432373861356264383234396134316131
+33353562663530383866306339323038303430636334373063633630393538643938323463653966
+65346632343961643265613863323737396362383131363865343364643164633164393532303961
+65623062396466643131333337366261376636353564656466383533356661363639346266653434
+39653064613735643461613562366664363166383538626463316439376331646461306435393966
+63333863303736626639656264663766373037386236366362376130663733666334396136653463
+31386364313639313463396531396439366533646534383763366337633730613061313766343430
+34636134386133356339623263646561363765323765323438643366363130623035356137653031
+62306565376231623364383664663035616265633439643039626362616536363538396136373731
+63383237613539653930303864323739653636376333316236343031643065386238393435343934
+3839

ansible-role-php @ 377516f0

+Subproject commit 377516f0f5939c5558008b270f4e02ff4e89a45a

don-lqdn @ f0e2cf71

+Subproject commit f0e2cf717374cfbbe6f86f7276cd2137161a1f59

test.yml

@@ -18,7 +18,7 @@
     - shell-lqdn
     - updates-lqdn
     - security-lqdn
-    - logging-lqdn
+    # - logging-lqdn
   tags:
     - testing
     - base
@@ -40,6 +40,19 @@
     - testing
     - stats
 
+- name: Site de don
+  hosts: don.test.lqdn.fr
+  remote_user: root
+  vars_files:
+      - group_vars/don/don.yml
+  roles:
+    - ansible-role-certbot
+    - ansible-role-nginx
+    - ansible-role-php
+    - don-lqdn
+  tags:
+    - testing
+    - don
 
 - name: Serveur RP
   hosts: rp.test.lqdn.fr