Commit b6e5b3b1 authored by okhin's avatar okhin 🚴

Adding some default for all hosts

parent bbd8b002
---
webserver_user: www-data
libapache2-mod-php: libapache-mod-php5
php_dependencies:
- php5
- php5-common
- php5-mysqlnd
- php5-mcrypt
- php5-curl
- php5-cli
- php-pear
......@@ -49,6 +49,20 @@ wordpress_site:
wordpress_wildcard_certfile: /etc/letsencrypt/live/grange.dev.lqdn.fr/fullchain.pem
wordpress_wildcard_keyfile: /etc/letsencrypt/live/grange.dev.lqdn.fr/privkey.pem
wordpress_vhost:
- servername: "grange.dev.lqdn.fr"
serveralias: "*.grange.dev.lqdn.fr"
documentroot: "{{ wordpress_path }}"
allow_override: "All"
#certificate_file: "{{ wordpress_wildcard_certfile }}"
#certificate_key_file: "{{ wordpress_wildcard_keyfile }}"
extraparameters: |
RewriteRule ^/.* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
Alias /.well-known/acme-challenge/ /var/www/letsencrypt/.well-known/acme-challenge/
#certbot_create_command: "{{ certbot_script }} certonly --webroot --webrootpath /var/www/letsencrypt/ --noninteractive --agree-tos --email {{ cert_item.email | default(certbot_admin_email) }} -d {{ cert_item.domains | join(,)"
#certbot_certs:
......@@ -70,18 +84,17 @@ rp_secret_key: !vault |
rp_site_id: 2
rp_debug: true
apache_vhosts_ssl:
- servername: "grange.dev.lqdn.fr"
serveralias: "*.grange.dev.lqdn.fr"
documentroot: "{{ wordpress_path }}"
allow_override: "All"
certificate_file: "{{ wordpress_wildcard_certfile }}"
certificate_key_file: "{{ wordpress_wildcard_keyfile }}"
extraparameters: |
RewriteRule ^/.* https://%{SERVER_NAME}%{REQUEST_URI} [R,L]
Alias /.well-known/acme-challenge/ /var/www/letsencrypt/.well-known/acme-challenge/
rp_vhost:
- servername: "rp.dev.lqdn.fr"
serveralias: "rp2.dev.lqdn.fr rp.dev.laquadrature.net rp2.dev.laquadrature.net"
documentroot: "{{ rp_path }}"
uwsgi:
socket: /run/uwsgi/app/rp/socket
statics:
- alias: /static/
path: "{{ rp_source_path }}/static/static_root/"
- alias: /robots.txt
path: /var/www/robots.txt
nodejs_version: 6.x
nodejs_packages_update_cache: no
......
Subproject commit 1a61a90ff6bd716b40c8f4b8618a2f99965d7d46
Subproject commit 319ce53db5d3dfcdcb900d86b3ccf3264e3ed2a4
Subproject commit a1bf2db0316037df302e5c4c1f30089300f17f92
Subproject commit 62ba60f933e733836372515d087ddfb17a80f043
Subproject commit da6c36f5c97338d6b15e0429ea7c378355cdb545
Subproject commit 532e09d492946326587e7e85fb4f857c4e0fa993
......@@ -5,42 +5,6 @@
- hosts: all
remote_user: root
vars:
schedule: "*/15 * * * *"
cron_user: root
logfile: /var/log/ansible-pull.log
workdir: /var/lib/ansible/local
repo_url: https://git.laquadrature.net/lqdn-interne/piops.git
tasks:
- name: installe ansible
package:
name: ansible
state: latest
- name: créé le répertoire de travail local
file:
path: "{{ workdir }}"
state: directory
owner: root
mode: 0751
- name: ajoute une entrée cron pour ansible
template:
dest: /etc/cron.d/ansible-pull
src: templates/etc_cron.j2
owner: root
group: root
mode: 0644
- name: ajoute une règle logrotate pour ansible
template:
dest: /etc/logrotate.d/ansible
src: templates/etc_logrotate.j2
owner: root
group: root
mode: 0644
- hosts: webserver,wordpress,rp
remote_user: root
roles:
......@@ -49,14 +13,20 @@
- role: geerlingguy.php-mysql
- role: geerlingguy.certbot
- role: geerlingguy.apache
vars:
# Each apps/site will define it's own vhost file, so not really needed here.
- apache_create_vhosts: false
- hosts: wordpress
environment:
ANSIBLE_VAULT_PASSWORD_FILE: /root/.ansible.vault
remote_user: root
vars_files:
- group_vars/webserver.yml
roles:
- role: geerlingguy.apache
vars:
- webserver_user: www-data
- apache_vhosts_filename: wordpress.conf
- apache_vhosts: "{{ wordpress_vhost }}"
- role: wpcli
- role: wordpress
......@@ -65,5 +35,17 @@
ANSIBLE_VAULT_PASSWORD_FILE: /root/.ansible.vault
remote_user: root
roles:
- role: geerlingguy.apache
vars:
- apache_packages:
- libapache2-mod-proxy-uwsgi
- libapache2-mod-uwsgi
- apache_mods_enabled:
- uwsgi.load
- proxy_uwsgi.load
- webserver_user: www-data
- apache_vhosts_filename: rp.conf
- apache_vhosts_template: templates/uwsgi_apache.conf.j2
- apache_vhosts: "{{ rp_vhost }}"
- role: simplifield.node
- role: rp
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment