forked from ccchb/ansible
Mete role
This commit is contained in:
parent
d1af9ebbbc
commit
ff8ad02776
4 changed files with 71 additions and 0 deletions
23
roles/mete/defaults/main.yml
Normal file
23
roles/mete/defaults/main.yml
Normal file
|
@ -0,0 +1,23 @@
|
|||
---
|
||||
|
||||
mete_domain: kasse.z1.ccchb.de
|
||||
mete_nginx_domains:
|
||||
- kasse.z1.ccchb.de
|
||||
- kasse.zweigstelle.space
|
||||
mete_app_dir: /var/www/kiosk.z1.ccchb.de/mete
|
||||
mete_app_url: "http://127.0.0.1:3000/"
|
||||
mete_nginx_config: |
|
||||
listen [::]:443 ssl http2;
|
||||
listen 443 ssl http2;
|
||||
|
||||
{% for domain in mete_nginx_domains %}
|
||||
server_name {{ domain }};
|
||||
{% endfor %}
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/{{ mete_domain }}/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/{{ mete_domain }}/privkey.pem;
|
||||
ssl_trusted_certificate /etc/letsencrypt/live/{{ mete_domain }}/chain.pem;
|
||||
|
||||
include snippets/certbot.conf;
|
||||
|
||||
...
|
19
roles/mete/tasks/main.yml
Normal file
19
roles/mete/tasks/main.yml
Normal file
|
@ -0,0 +1,19 @@
|
|||
---
|
||||
- name: Install mete systemd unit
|
||||
template:
|
||||
src: service.j2
|
||||
dest: "/etc/systemd/system/mete@{{ mete_domain }}.service"
|
||||
|
||||
- name: Install mete nginx site
|
||||
notify: reload nginx
|
||||
template:
|
||||
src: nginx.j2
|
||||
dest: /etc/nginx/sites-available/{{ mete_domain }}
|
||||
|
||||
- name: Activate mete site
|
||||
file:
|
||||
src: /etc/nginx/sites-available/{{ mete_domain }}
|
||||
dest: /etc/nginx/sites-enabled/{{ mete_domain }}
|
||||
state: link
|
||||
|
||||
...
|
17
roles/mete/templates/nginx.j2
Normal file
17
roles/mete/templates/nginx.j2
Normal file
|
@ -0,0 +1,17 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
server {
|
||||
{{ mete_nginx_config }}
|
||||
|
||||
location / {
|
||||
proxy_pass {{ mete_app_url }};
|
||||
|
||||
satisfy any;
|
||||
|
||||
allow 45.152.242.34;
|
||||
allow 2001:67c:708::/48;
|
||||
|
||||
auth_basic "CCCHB internal";
|
||||
auth_basic_user_file "htpasswd";
|
||||
}
|
||||
}
|
12
roles/mete/templates/service.j2
Normal file
12
roles/mete/templates/service.j2
Normal file
|
@ -0,0 +1,12 @@
|
|||
[Unit]
|
||||
Description=Mete application server on {{ mete_domain }}
|
||||
|
||||
[Service]
|
||||
ExecStart=/bin/bundler exec rails server
|
||||
WorkingDirectory={{ mete_app_dir }}
|
||||
User=www-data
|
||||
Environment=RAILS_ENV=production
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
Loading…
Reference in a new issue