From 79fd998cceb9cb1c87e0962659a7349436255dc1 Mon Sep 17 00:00:00 2001 From: Adrien Luxey Date: Wed, 6 May 2020 12:11:46 +0200 Subject: [PATCH] changed sites loop var to 'site' instead of 'item' --- deployer/roles/build/tasks/backup.yml | 9 +-- deployer/roles/build/tasks/drupal.yml | 24 +++---- deployer/roles/build/tasks/main.yml | 4 ++ deployer/roles/build/tasks/wordpress.yml | 38 +++++------ .../build/templates/drupal/Dockerfile.j2 | 4 +- .../build/templates/drupal/Dockerfile.php.j2 | 4 +- .../templates/drupal/docker-compose.yml.j2 | 12 ++-- .../roles/build/templates/drupal/nginx.j2 | 32 ++++----- .../templates/gitea/docker-compose.yml.j2 | 52 ++++++++++++++ .../roles/build/templates/gitea/nginx.host.j2 | 54 +++++++++++++++ .../build/templates/gitea/nginx/Dockerfile.j2 | 0 .../build/templates/gitea/nginx/nginx.conf.j2 | 67 +++++++++++++++++++ .../templates/wordpress/docker-compose.yml.j2 | 22 +++--- .../build/templates/wordpress/nginx.host.j2 | 32 ++++----- .../templates/wordpress/nginx/nginx.conf.j2 | 4 +- .../templates/wordpress/site/Dockerfile.j2 | 6 +- 16 files changed, 266 insertions(+), 98 deletions(-) create mode 100644 deployer/roles/build/templates/gitea/docker-compose.yml.j2 create mode 100644 deployer/roles/build/templates/gitea/nginx.host.j2 create mode 100644 deployer/roles/build/templates/gitea/nginx/Dockerfile.j2 create mode 100644 deployer/roles/build/templates/gitea/nginx/nginx.conf.j2 diff --git a/deployer/roles/build/tasks/backup.yml b/deployer/roles/build/tasks/backup.yml index e34f39e..7020de7 100644 --- a/deployer/roles/build/tasks/backup.yml +++ b/deployer/roles/build/tasks/backup.yml @@ -3,7 +3,7 @@ # - item: dict describing the site install (cf group_vars/all/vars.yml) # - site_data_path: path of the site's data -- name: "Site's data backups" +- name: "Data backups" block: - name: "Setup weekly backup of site's data" cron: @@ -32,7 +32,7 @@ become: yes when: site_data_path is defined -- name: "Site's database backups" +- name: "Database backups" block: # You need your root MySQL password stored in /root/.my.cnf to avoid # putting the password in the crontab @@ -60,8 +60,3 @@ } become: yes when: item.mysql_database is defined - - - - - diff --git a/deployer/roles/build/tasks/drupal.yml b/deployer/roles/build/tasks/drupal.yml index eeff023..db56584 100644 --- a/deployer/roles/build/tasks/drupal.yml +++ b/deployer/roles/build/tasks/drupal.yml @@ -1,5 +1,5 @@ -- name: "Set site_data_path to {{ www_path }}/{{ item.slug }}" - set_fact: site_data_path="{{ www_path }}/{{ item.slug }}" +- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}" + set_fact: site_data_path="{{ www_path }}/{{ site.slug }}" tags: always @@ -7,9 +7,9 @@ # Render templates # #################### -- name: "Create folder {{ sites_path }}/{{ item.slug }}" +- name: "Create folder {{ sites_path }}/{{ site.slug }}" file: - path: "{{ sites_path }}/{{ item.slug }}" + path: "{{ sites_path }}/{{ site.slug }}" state: directory mode: '750' tags: [docker, nginx, mysql] @@ -17,19 +17,19 @@ - name: Render sexy Dockerfile template: src: drupal/Dockerfile.j2 - dest: "{{ sites_path }}/{{ item.slug }}/Dockerfile" + dest: "{{ sites_path }}/{{ site.slug }}/Dockerfile" tags: docker - name: Render marvelous docker-compose.yml template: src: drupal/docker-compose.yml.j2 - dest: "{{ sites_path }}/{{ item.slug }}/docker-compose.yml" + dest: "{{ sites_path }}/{{ site.slug }}/docker-compose.yml" tags: docker - name: Render swell nginx site config template: src: drupal/nginx.j2 - dest: "/etc/nginx/sites-available/{{ item.url }}" + dest: "/etc/nginx/sites-available/{{ site.url }}" become: yes tags: nginx @@ -41,18 +41,18 @@ # MySQL equivalent: # create user @ identified by ; # grant all on .* to @; -- name: "Add database user {{ item.mysql_username }}@{{ item.subnet_site_ip }} and grant all privileges on {{ item.mysql_database }}" +- name: "Add database user {{ site.mysql_username }}@{{ site.subnet_site_ip }} and grant all privileges on {{ site.mysql_database }}" mysql_user: # Credentials to log in MySQL login_host: localhost login_user: root login_password: "{{ mysql_root_password }}" # Credentials of the new db user - host: "{{ item.subnet_site_ip }}" - name: "{{ item.mysql_username }}" - password: "{{ item.mysql_password }}" + host: "{{ site.subnet_site_ip }}" + name: "{{ site.mysql_username }}" + password: "{{ site.mysql_password }}" # Grants - priv: "{{ item.mysql_database }}.*:all" + priv: "{{ site.mysql_database }}.*:all" state: present tags: mysql diff --git a/deployer/roles/build/tasks/main.yml b/deployer/roles/build/tasks/main.yml index 30822fd..97a1a8a 100644 --- a/deployer/roles/build/tasks/main.yml +++ b/deployer/roles/build/tasks/main.yml @@ -3,12 +3,16 @@ - name: Build Wordpress sites include_tasks: wordpress.yml loop: "{{ sites }}" + loop_control: + loop_var: site when: item.type == "wordpress" tags: wordpress - name: Build Drupal sites include_tasks: drupal.yml loop: "{{ sites }}" + loop_control: + loop_var: site when: item.type == "drupal" tags: drupal diff --git a/deployer/roles/build/tasks/wordpress.yml b/deployer/roles/build/tasks/wordpress.yml index 1daaeb9..25cf61c 100644 --- a/deployer/roles/build/tasks/wordpress.yml +++ b/deployer/roles/build/tasks/wordpress.yml @@ -1,5 +1,5 @@ -- name: "Set site_data_path to {{ www_path }}/{{ item.slug }}_wp-content" - set_fact: site_data_path="{{ www_path }}/{{ item.slug }}_wp-content" +- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}_wp-content" + set_fact: site_data_path="{{ www_path }}/{{ site.slug }}_wp-content" tags: always @@ -62,33 +62,29 @@ # Render templates # #################### -- name: "Create folder {{ sites_path }}/{{ item.slug }}" +- name: "Create folder {{ sites_path }}/{{ site.slug }}" file: - path: "{{ sites_path }}/{{ item.slug }}" + path: "{{ sites_path }}/{{ site.slug }}" state: directory mode: '750' tags: [docker, nginx] -- name: "Create {{ sites_path }}/{{ item.slug }} sub-directories" +- name: "Create {{ sites_path }}/{{ site.slug }} sub-directories" file: - path: "{{ sites_path }}/{{ item.slug }}/{{ filetree_item.path }}" + path: "{{ sites_path }}/{{ site.slug }}/{{ item.path }}" state: directory - mode: "{{ filetree_item.mode }}" + mode: "{{ item.mode }}" with_filetree: "../templates/wordpress/" - loop_control: - loop_var: filetree_item - when: filetree_item.state == 'directory' + when: item.state == 'directory' tags: [docker, nginx] - name: Render template files template: - src: "{{ filetree_item.src }}" - dest: "{{ sites_path }}/{{ item.slug }}/{{ filetree_item.path | regex_replace('.j2','') }}" - mode: "{{ filetree_item.mode }}" + src: "{{ item.src }}" + dest: "{{ sites_path }}/{{ site.slug }}/{{ item.path | regex_replace('.j2','') }}" + mode: "{{ item.mode }}" with_filetree: "../templates/wordpress/" - loop_control: - loop_var: filetree_item - when: filetree_item.state == 'file' + when: item.state == 'file' tags: [docker, nginx] @@ -99,18 +95,18 @@ # MySQL equivalent: # create user @ identified by ; # grant all on .* to @; -- name: "Add database user {{ item.mysql_username }}@{{ item.subnet_site_ip }} and grant all privileges on {{ item.mysql_database }}" +- name: "Add database user {{ site.mysql_username }}@{{ site.subnet_site_ip }} and grant all privileges on {{ site.mysql_database }}" mysql_user: # Credentials to log in MySQL login_host: localhost login_user: root login_password: "{{ mysql_root_password }}" # Credentials of the new db user - host: "{{ item.subnet_site_ip }}" - name: "{{ item.mysql_username }}" - password: "{{ item.mysql_password }}" + host: "{{ site.subnet_site_ip }}" + name: "{{ site.mysql_username }}" + password: "{{ site.mysql_password }}" # Grants - priv: "{{ item.mysql_database }}.*:all" + priv: "{{ site.mysql_database }}.*:all" state: present tags: mysql diff --git a/deployer/roles/build/templates/drupal/Dockerfile.j2 b/deployer/roles/build/templates/drupal/Dockerfile.j2 index 122facd..461ab87 100644 --- a/deployer/roles/build/templates/drupal/Dockerfile.j2 +++ b/deployer/roles/build/templates/drupal/Dockerfile.j2 @@ -8,6 +8,6 @@ RUN echo "sendmail_path = /usr/bin/msmtp -t " > /usr/local/etc/php/conf.d/sendma RUN echo "\ account default\n\ -host {{ item.subnet_gateway_ip }}\n\ +host {{ site.subnet_gateway_ip }}\n\ port 25\n\ -from php@{{ item.url }}\n" > /etc/msmtprc \ No newline at end of file +from php@{{ site.url }}\n" > /etc/msmtprc \ No newline at end of file diff --git a/deployer/roles/build/templates/drupal/Dockerfile.php.j2 b/deployer/roles/build/templates/drupal/Dockerfile.php.j2 index 1b28f87..198d69f 100644 --- a/deployer/roles/build/templates/drupal/Dockerfile.php.j2 +++ b/deployer/roles/build/templates/drupal/Dockerfile.php.j2 @@ -62,9 +62,9 @@ RUN { \ # Configure msmtp RUN echo "\ account default\n\ -host {{ item.subnet_gateway_ip }}\n\ +host {{ site.subnet_gateway_ip }}\n\ port 25\n\ -from php@{{ item.url }}\n" > /etc/msmtprc +from php@{{ site.url }}\n" > /etc/msmtprc # Send mails using msmtp RUN echo "sendmail_path = /usr/bin/msmtp -t " > /usr/local/etc/php/conf.d/sendmail.ini diff --git a/deployer/roles/build/templates/drupal/docker-compose.yml.j2 b/deployer/roles/build/templates/drupal/docker-compose.yml.j2 index 8a54da7..0a76892 100644 --- a/deployer/roles/build/templates/drupal/docker-compose.yml.j2 +++ b/deployer/roles/build/templates/drupal/docker-compose.yml.j2 @@ -1,7 +1,7 @@ version: '3' -# Generated by ansible for site {{ item.url }} -# At {{ item.subnet_site_ip }} on {{ item.subnet_cidr_address }} +# Generated by ansible for site {{ site.url }} +# At {{ site.subnet_site_ip }} on {{ site.subnet_cidr_address }} services: drupal: @@ -13,16 +13,16 @@ services: # - /var/www/html/profiles # - /var/www/html/sites # We want a host volume for the themes directory to easily work on theming - - "{{ www_path }}/{{ item.slug }}/themes:/var/www/html/themes" - - "{{ www_path }}/{{ item.slug }}/sites:/var/www/html/sites" + - "{{ www_path }}/{{ site.slug }}/themes:/var/www/html/themes" + - "{{ www_path }}/{{ site.slug }}/sites:/var/www/html/sites" # Fix the container's IP networks: net: - ipv4_address: "{{ item.subnet_site_ip }}" + ipv4_address: "{{ site.subnet_site_ip }}" networks: net: ipam: driver: default config: - - subnet: "{{ item.subnet_cidr_address }}" + - subnet: "{{ site.subnet_cidr_address }}" diff --git a/deployer/roles/build/templates/drupal/nginx.j2 b/deployer/roles/build/templates/drupal/nginx.j2 index 6fa86f7..9a763d0 100644 --- a/deployer/roles/build/templates/drupal/nginx.j2 +++ b/deployer/roles/build/templates/drupal/nginx.j2 @@ -1,19 +1,19 @@ -# Generated by ansible for site {{ item.url }} -# At {{ item.subnet_site_ip }} on {{ item.subnet_cidr_address }} +# Generated by ansible for site {{ site.url }} +# At {{ site.subnet_site_ip }} on {{ site.subnet_cidr_address }} server { listen 80; listen [::]:80; - server_name {{ item.url }} www.{{ item.url }}; + server_name {{ site.url }} www.{{ site.url }}; # Let's Encrypt include snippets/letsencrypt.conf; location / { -{% if item.redirect_to_www %} - return 301 https://www.{{ item.url }}$request_uri; +{% if site.redirect_to_www %} + return 301 https://www.{{ site.url }}$request_uri; {% else %} - return 301 https://{{ item.url }}$request_uri; + return 301 https://{{ site.url }}$request_uri; {% endif %} } } @@ -21,20 +21,20 @@ server { server { listen 443 ssl; listen [::]:443 ssl; - server_name {{ item.url }} www.{{ item.url }}; + server_name {{ site.url }} www.{{ site.url }}; - access_log /var/log/nginx/{{ item.slug }}-access.log; + access_log /var/log/nginx/{{ site.slug }}-access.log; error_log /var/log/nginx/error.log; -{% if item.redirect_to_www %} +{% if site.redirect_to_www %} # Redirect non-www to www - if ($host = {{ item.url }}) { - rewrite ^ https://www.{{ item.url }}$request_uri permanent; + if ($host = {{ site.url }}) { + rewrite ^ https://www.{{ site.url }}$request_uri permanent; } {% else %} # Redirect www to non-www - if ($host = www.{{ item.url }}) { - rewrite ^ https://{{ item.url }}$request_uri permanent; + if ($host = www.{{ site.url }}) { + rewrite ^ https://{{ site.url }}$request_uri permanent; } {% endif %} @@ -42,14 +42,14 @@ server { include snippets/letsencrypt.conf; include snippets/ssl-params.conf; - ssl_certificate /etc/letsencrypt/live/{{ item.url }}/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/{{ item.url }}/privkey.pem; + ssl_certificate /etc/letsencrypt/live/{{ site.url }}/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/{{ site.url }}/privkey.pem; include snippets/header-params_server.conf; location / { include snippets/header-params_location.conf; - proxy_pass http://{{ item.subnet_site_ip }}:80; + proxy_pass http://{{ site.subnet_site_ip }}:80; } } diff --git a/deployer/roles/build/templates/gitea/docker-compose.yml.j2 b/deployer/roles/build/templates/gitea/docker-compose.yml.j2 new file mode 100644 index 0000000..cd3d72c --- /dev/null +++ b/deployer/roles/build/templates/gitea/docker-compose.yml.j2 @@ -0,0 +1,52 @@ +version: '3' + +# Generated by ansible for site {{ item.url }} +# On network {{ item.subnet_cidr_address }}: +# - web server (nginx) at {{ item.subnet_nginx_ip }} +# - site (gitea) at {{ item.subnet_site_ip }} + +services: + site: + # build: site + image: gitea/gitea:1.11.4 + restart: always + environment: + APP_NAME: "Gitea: git with a cup of coffee" + DOMAIN: "{{ item.url }}" + ROOT_URL: "{{ item.url }}" + USER_UID: "{{ item.user_uid }}" + USER_GID: "{{ item.user_gid }}" + DB_TYPE: mysql + DB_HOST: "{{ item.subnet_gateway_ip }}" + DB_USER: "{{ item.mysql_username }}" + DB_PASSWD: "{{ item.mysql_password }}" + DB_NAME: "{{ item.mysql_database }}" + volumes: + - "{{ site_data_path }}:/data" + - "/etc/timezone:/etc/timezone:ro" + - "/etc/localtime:/etc/localtime:ro" + networks: + net: + ipv4_address: "{{ item.subnet_site_ip }}" + + nginx: + build: nginx + restart: always + depends_on: + - site + volumes: + - "{{ site_data_path }}:/data" + networks: + net: + ipv4_address: "{{ item.subnet_nginx_ip }}" + + +networks: + net: + ipam: + driver: default + config: + - subnet: "{{ item.subnet_cidr_address }}" + +volumes: + html_data: diff --git a/deployer/roles/build/templates/gitea/nginx.host.j2 b/deployer/roles/build/templates/gitea/nginx.host.j2 new file mode 100644 index 0000000..bc146f7 --- /dev/null +++ b/deployer/roles/build/templates/gitea/nginx.host.j2 @@ -0,0 +1,54 @@ +# Generated by ansible for site {{ item.url }} +# At {{ item.subnet_site_ip }} on {{ item.subnet_cidr_address }} + +server { + listen 80; + listen [::]:80; + server_name {{ item.url }} www.{{ item.url }}; + + # Let's Encrypt + include snippets/letsencrypt.conf; + + location / { +{% if item.redirect_to_www %} + return 301 https://www.{{ item.url }}$request_uri; +{% else %} + return 301 https://{{ item.url }}$request_uri; +{% endif %} + } +} + +server { + listen 443 ssl; + listen [::]:443 ssl; + server_name {{ item.url }} www.{{ item.url }}; + + access_log /var/log/nginx/{{ item.slug }}-access.log; + error_log /var/log/nginx/{{ item.slug }}-error.log; + +{% if item.redirect_to_www %} + # Redirect non-www to www + if ($host = {{ item.url }}) { + rewrite ^ https://www.{{ item.url }}$request_uri permanent; + } +{% else %} + # Redirect www to non-www + if ($host = www.{{ item.url }}) { + rewrite ^ https://{{ item.url }}$request_uri permanent; + } +{% endif %} + + # Let's Encrypt + include snippets/letsencrypt.conf; + + include snippets/ssl-params.conf; + ssl_certificate /etc/letsencrypt/live/{{ item.url }}/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/{{ item.url }}/privkey.pem; + + include snippets/header-params_server.conf; + location / { + include snippets/header-params_location.conf; + + proxy_pass http://{{ item.subnet_nginx_ip }}:80; + } +} diff --git a/deployer/roles/build/templates/gitea/nginx/Dockerfile.j2 b/deployer/roles/build/templates/gitea/nginx/Dockerfile.j2 new file mode 100644 index 0000000..e69de29 diff --git a/deployer/roles/build/templates/gitea/nginx/nginx.conf.j2 b/deployer/roles/build/templates/gitea/nginx/nginx.conf.j2 new file mode 100644 index 0000000..6b3400f --- /dev/null +++ b/deployer/roles/build/templates/gitea/nginx/nginx.conf.j2 @@ -0,0 +1,67 @@ +user www-data www-data; +worker_processes 1; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + +events { + worker_connections 1024; +} + + +http { + charset utf-8; + + include /etc/nginx/mime.types; + default_type application/octet-stream; + + set_real_ip_from {{ item.subnet_gateway_ip }}; + log_format main '$http_x_real_ip - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + ## + # Basic Settings + ## + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 15s; + types_hash_max_size 2048; + server_tokens off; + client_max_body_size 10M; + client_body_timeout 60; + # server_names_hash_bucket_size 64; + server_name_in_redirect off; + + + ## + # Gzip Settings + ## + + gzip on; + gzip_disable "msie6"; + + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_buffers 16 8k; + gzip_http_version 1.1; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + + + include /etc/nginx/conf.d/*.conf; + + + server { + listen 80 default; + listen [::]:80 default; + server_name {{ item.url }} www.{{ item.url }}; + + location / { + proxy_pass http://{{ item.subnet_site_ip }}:3000; + } +} \ No newline at end of file diff --git a/deployer/roles/build/templates/wordpress/docker-compose.yml.j2 b/deployer/roles/build/templates/wordpress/docker-compose.yml.j2 index f3b5c80..a20302c 100644 --- a/deployer/roles/build/templates/wordpress/docker-compose.yml.j2 +++ b/deployer/roles/build/templates/wordpress/docker-compose.yml.j2 @@ -1,25 +1,25 @@ version: '3' -# Generated by ansible for site {{ item.url }} -# On network {{ item.subnet_cidr_address }}: -# - web server (nginx) at {{ item.subnet_nginx_ip }} -# - php-fpm (wordpress) at {{ item.subnet_site_ip }} +# Generated by ansible for site {{ site.url }} +# On network {{ site.subnet_cidr_address }}: +# - web server (nginx) at {{ site.subnet_nginx_ip }} +# - php-fpm (wordpress) at {{ site.subnet_site_ip }} services: site: build: site restart: always environment: - WORDPRESS_DB_HOST: "{{ item.subnet_gateway_ip }}" - WORDPRESS_DB_USER: "{{ item.mysql_username }}" - WORDPRESS_DB_PASSWORD: "{{ item.mysql_password }}" - WORDPRESS_DB_NAME: "{{ item.mysql_database }}" + WORDPRESS_DB_HOST: "{{ site.subnet_gateway_ip }}" + WORDPRESS_DB_USER: "{{ site.mysql_username }}" + WORDPRESS_DB_PASSWORD: "{{ site.mysql_password }}" + WORDPRESS_DB_NAME: "{{ site.mysql_database }}" volumes: - "html_data:/var/www/html" - "{{ site_data_path }}:/var/www/html/wp-content" networks: net: - ipv4_address: "{{ item.subnet_site_ip }}" + ipv4_address: "{{ site.subnet_site_ip }}" nginx: build: nginx @@ -31,7 +31,7 @@ services: - "{{ site_data_path }}:/var/www/html/wp-content" networks: net: - ipv4_address: "{{ item.subnet_nginx_ip }}" + ipv4_address: "{{ site.subnet_nginx_ip }}" networks: @@ -39,7 +39,7 @@ networks: ipam: driver: default config: - - subnet: "{{ item.subnet_cidr_address }}" + - subnet: "{{ site.subnet_cidr_address }}" volumes: html_data: diff --git a/deployer/roles/build/templates/wordpress/nginx.host.j2 b/deployer/roles/build/templates/wordpress/nginx.host.j2 index 52ab372..a5a2178 100644 --- a/deployer/roles/build/templates/wordpress/nginx.host.j2 +++ b/deployer/roles/build/templates/wordpress/nginx.host.j2 @@ -1,19 +1,19 @@ -# Generated by ansible for site {{ item.url }} -# At {{ item.subnet_site_ip }} on {{ item.subnet_cidr_address }} +# Generated by ansible for site {{ site.url }} +# At {{ site.subnet_site_ip }} on {{ site.subnet_cidr_address }} server { listen 80; listen [::]:80; - server_name {{ item.url }} www.{{ item.url }}; + server_name {{ site.url }} www.{{ site.url }}; # Let's Encrypt include snippets/letsencrypt.conf; location / { -{% if item.redirect_to_www %} - return 301 https://www.{{ item.url }}$request_uri; +{% if site.redirect_to_www %} + return 301 https://www.{{ site.url }}$request_uri; {% else %} - return 301 https://{{ item.url }}$request_uri; + return 301 https://{{ site.url }}$request_uri; {% endif %} } } @@ -21,20 +21,20 @@ server { server { listen 443 ssl; listen [::]:443 ssl; - server_name {{ item.url }} www.{{ item.url }}; + server_name {{ site.url }} www.{{ site.url }}; - access_log /var/log/nginx/{{ item.slug }}-access.log; + access_log /var/log/nginx/{{ site.slug }}-access.log; error_log /var/log/nginx/error.log; -{% if item.redirect_to_www %} +{% if site.redirect_to_www %} # Redirect non-www to www - if ($host = {{ item.url }}) { - rewrite ^ https://www.{{ item.url }}$request_uri permanent; + if ($host = {{ site.url }}) { + rewrite ^ https://www.{{ site.url }}$request_uri permanent; } {% else %} # Redirect www to non-www - if ($host = www.{{ item.url }}) { - rewrite ^ https://{{ item.url }}$request_uri permanent; + if ($host = www.{{ site.url }}) { + rewrite ^ https://{{ site.url }}$request_uri permanent; } {% endif %} @@ -42,14 +42,14 @@ server { include snippets/letsencrypt.conf; include snippets/ssl-params.conf; - ssl_certificate /etc/letsencrypt/live/{{ item.url }}/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/{{ item.url }}/privkey.pem; + ssl_certificate /etc/letsencrypt/live/{{ site.url }}/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/{{ site.url }}/privkey.pem; include snippets/header-params_server.conf; location / { include snippets/header-params_location.conf; - proxy_pass http://{{ item.subnet_nginx_ip }}:80; + proxy_pass http://{{ site.subnet_nginx_ip }}:80; } } diff --git a/deployer/roles/build/templates/wordpress/nginx/nginx.conf.j2 b/deployer/roles/build/templates/wordpress/nginx/nginx.conf.j2 index ddb3587..a2130d6 100644 --- a/deployer/roles/build/templates/wordpress/nginx/nginx.conf.j2 +++ b/deployer/roles/build/templates/wordpress/nginx/nginx.conf.j2 @@ -15,7 +15,7 @@ http { include /etc/nginx/mime.types; default_type application/octet-stream; - set_real_ip_from {{ item.subnet_gateway_ip }}; + set_real_ip_from {{ site.subnet_gateway_ip }}; log_format main '$http_x_real_ip - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; @@ -59,7 +59,7 @@ http { server { listen 80 default; listen [::]:80 default; - server_name {{ item.url }} www.{{ item.url }}; + server_name {{ site.url }} www.{{ site.url }}; root /var/www/html; index index.php; diff --git a/deployer/roles/build/templates/wordpress/site/Dockerfile.j2 b/deployer/roles/build/templates/wordpress/site/Dockerfile.j2 index 2220d0a..8b08dff 100644 --- a/deployer/roles/build/templates/wordpress/site/Dockerfile.j2 +++ b/deployer/roles/build/templates/wordpress/site/Dockerfile.j2 @@ -8,15 +8,15 @@ RUN echo "sendmail_path = /usr/bin/msmtp -t " > /usr/local/etc/php/conf.d/sendma # RUN "cat << EOF > /etc/msmtprc # account default -# host {{ item.subnet_gateway_ip }} +# host {{ site.subnet_gateway_ip }} # port 25 # EOF" RUN echo "\ account default\n\ -host {{ item.subnet_gateway_ip }}\n\ +host {{ site.subnet_gateway_ip }}\n\ port 25\n\ -from php@{{ item.url }}\n" > /etc/msmtprc +from php@{{ site.url }}\n" > /etc/msmtprc # Should be UID & GID=33 # USER www-data:www-data \ No newline at end of file