diff --git a/deployer/group_vars/all/vars.yml b/deployer/group_vars/all/vars.yml index 5b6dea9..c1e80bd 100644 --- a/deployer/group_vars/all/vars.yml +++ b/deployer/group_vars/all/vars.yml @@ -17,7 +17,7 @@ wordpress: gitea: version: 1.12.1 synapse: - version: v1.15.1-py3 + version: v1.18.0 postgres: pg_hba_path: "/etc/postgresql/9.6/main/pg_hba.conf" diff --git a/deployer/roles/build/tasks/drupal.yml b/deployer/roles/build/tasks/drupal.yml index 159c70b..be99eb3 100644 --- a/deployer/roles/build/tasks/drupal.yml +++ b/deployer/roles/build/tasks/drupal.yml @@ -1,65 +1,70 @@ --- -- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}" - set_fact: site_data_path="{{ www_path }}/{{ site.slug }}" - tags: always + +- block: # Used for tagging all tasks with "drupal" + + - name: "Set site_data_path to {{ www_path }}/{{ site.slug }}" + set_fact: site_data_path="{{ www_path }}/{{ site.slug }}" + tags: always -#################### -# Render templates # -#################### + #################### + # Render templates # + #################### -- name: "Create folder {{ sites_path }}/{{ site.slug }}" - file: - path: "{{ sites_path }}/{{ site.slug }}" - state: directory - mode: '750' - tags: [docker, nginx, mysql] + - name: "Create folder {{ sites_path }}/{{ site.slug }}" + file: + path: "{{ sites_path }}/{{ site.slug }}" + state: directory + mode: '750' + tags: [docker, nginx, mysql] -- name: Render sexy Dockerfile - template: - src: drupal/Dockerfile.j2 - dest: "{{ sites_path }}/{{ site.slug }}/Dockerfile" - tags: docker + - name: Render sexy Dockerfile + template: + src: drupal/Dockerfile.j2 + dest: "{{ sites_path }}/{{ site.slug }}/Dockerfile" + tags: docker -- name: Render marvelous docker-compose.yml - template: - src: drupal/docker-compose.yml.j2 - dest: "{{ sites_path }}/{{ site.slug }}/docker-compose.yml" - tags: docker + - name: Render marvelous docker-compose.yml + template: + src: drupal/docker-compose.yml.j2 + dest: "{{ sites_path }}/{{ site.slug }}/docker-compose.yml" + tags: docker -- name: Render swell nginx site config - template: - src: drupal/nginx.j2 - dest: "/etc/nginx/sites-available/{{ site.url }}" - become: yes - tags: nginx + - name: Render swell nginx site config + template: + src: drupal/nginx.j2 + dest: "/etc/nginx/sites-available/{{ site.url }}" + become: yes + tags: nginx -####################### -# MySQL configuration # -####################### + ####################### + # MySQL configuration # + ####################### -- name: "Setup MySQL" - import_tasks: mysql.yml - tags: mysql + - name: "Setup MySQL" + import_tasks: mysql.yml + tags: mysql -################# -# Setup backups # -################# + ################# + # Setup backups # + ################# -- name: "Setup backups" - import_tasks: backup.yml - tags: backup + - name: "Setup backups" + import_tasks: backup.yml + tags: backup -################### -# SSL certificate # -################### + ################### + # SSL certificate # + ################### -# - name: Create Let's Encrypt certificate -# This seems hard, see: -# https://docs.ansible.com/ansible/latest/modules/acme_certificate_module.html#acme-certificate-module -# https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04 -# Maybe using shell directly? e.g. -# certbot certonly --webroot -w /var/www/letsencrypt -d \ No newline at end of file + # - name: Create Let's Encrypt certificate + # This seems hard, see: + # https://docs.ansible.com/ansible/latest/modules/acme_certificate_module.html#acme-certificate-module + # https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04 + # Maybe using shell directly? e.g. + # certbot certonly --webroot -w /var/www/letsencrypt -d + + tags: drupal # /block \ No newline at end of file diff --git a/deployer/roles/build/tasks/gitea.yml b/deployer/roles/build/tasks/gitea.yml index 0774378..02d17fb 100644 --- a/deployer/roles/build/tasks/gitea.yml +++ b/deployer/roles/build/tasks/gitea.yml @@ -1,29 +1,33 @@ --- -- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}" - set_fact: site_data_path="{{ www_path }}/{{ site.slug }}" - tags: always -#################### -# Render templates # -#################### +- block: # Used for tagging all tasks with "gitea" -- name: "Render templates" - import_tasks: render.yml - tags: render + - name: "Set site_data_path to {{ www_path }}/{{ site.slug }}" + set_fact: site_data_path="{{ www_path }}/{{ site.slug }}" + tags: always -####################### -# MySQL configuration # -####################### + #################### + # Render templates # + #################### -- name: "Setup MySQL" - import_tasks: mysql.yml - tags: mysql + - name: "Render templates" + import_tasks: render.yml + tags: render -################# -# Setup backups # -################# + ####################### + # MySQL configuration # + ####################### -- name: "Setup backups" - import_tasks: backup.yml - tags: backup - \ No newline at end of file + - name: "Setup MySQL" + import_tasks: mysql.yml + tags: mysql + + ################# + # Setup backups # + ################# + + - name: "Setup backups" + import_tasks: backup.yml + tags: backup + + tags: gitea # / block \ No newline at end of file diff --git a/deployer/roles/build/tasks/main.yml b/deployer/roles/build/tasks/main.yml index 01c7d58..057339c 100644 --- a/deployer/roles/build/tasks/main.yml +++ b/deployer/roles/build/tasks/main.yml @@ -6,7 +6,7 @@ loop_control: loop_var: site when: site.type == "wordpress" - tags: wordpress,sites + tags: wordpress - name: Build Drupal sites include_tasks: drupal.yml @@ -14,7 +14,7 @@ loop_control: loop_var: site when: site.type == "drupal" - tags: drupal,sites + tags: drupal - name: Build Gitea sites include_tasks: gitea.yml @@ -22,7 +22,7 @@ loop_control: loop_var: site when: site.type == "gitea" - tags: gitea,sites + tags: gitea - name: Build Synapse sites include_tasks: synapse.yml @@ -30,4 +30,4 @@ loop_control: loop_var: site when: site.type == "synapse" - tags: synapse,sites + tags: synapse diff --git a/deployer/roles/build/tasks/synapse.yml b/deployer/roles/build/tasks/synapse.yml index ed3eaa0..72ec85a 100644 --- a/deployer/roles/build/tasks/synapse.yml +++ b/deployer/roles/build/tasks/synapse.yml @@ -1,62 +1,64 @@ --- -- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}" - set_fact: site_data_path="{{ www_path }}/{{ site.slug }}" - tags: always +- block: # Used for tagging all tasks with "synapse" -#################### -# Render templates # -#################### + - name: "Set site_data_path to {{ www_path }}/{{ site.slug }}" + set_fact: site_data_path="{{ www_path }}/{{ site.slug }}" -- name: "Render templates" - import_tasks: render.yml - tags: render + #################### + # Render templates # + #################### -########################## -# Generate configuration # -########################## + - name: "Render templates" + import_tasks: render.yml + tags: render -- name: "Create folder {{ site_data_path }}" - file: - path: "{{ site_data_path }}" - state: directory - mode: "770" - group: "www-data" - tags: config + ########################## + # Generate configuration # + ########################## -- name: "Copy homeserver.yaml to {{ site_data_path }}" - copy: - src: "{{ sites_path }}/{{ site.slug }}/homeserver.yaml" - dest: "{{ site_data_path }}/homeserver.yaml" - remote_src: yes - tags: config + - block: # Used for tagging all tasks with "config" + - name: "Create folder {{ site_data_path }}" + file: + path: "{{ site_data_path }}" + state: directory + mode: "770" + group: "www-data" -- name: "Let synapse generate missing configuration files" - docker_container: - name: synapse_config_generator - image: "matrixdotorg/synapse:{{ synapse.version }}" - command: "generate" - volumes: - - "{{ site_data_path }}:/data" - env: - SYNAPSE_SERVER_NAME: "{{ site.url }}" - SYNAPSE_REPORT_STATS: "no" - UID: "{{ site.user_uid }}" - GID: "{{ site.user_gid }}" - tags: config + - name: "Copy homeserver.yaml to {{ site_data_path }}" + copy: + src: "{{ sites_path }}/{{ site.slug }}/homeserver.yaml" + dest: "{{ site_data_path }}/homeserver.yaml" + remote_src: yes + + - name: "Let synapse generate missing configuration files" + docker_container: + name: synapse_config_generator + image: "matrixdotorg/synapse:{{ synapse.version }}" + command: "generate" + volumes: + - "{{ site_data_path }}:/data" + env: + SYNAPSE_SERVER_NAME: "{{ site.url }}" + SYNAPSE_REPORT_STATS: "no" + UID: "{{ site.user_uid }}" + GID: "{{ site.user_gid }}" + tags: config -############################ -# PostgreSQL configuration # -############################ + ############################ + # PostgreSQL configuration # + ############################ -- name: "Setup PostgreSQL" - import_tasks: postgres.yml - tags: postgres + - name: "Setup PostgreSQL" + import_tasks: postgres.yml + tags: postgres -################# -# Setup backups # -################# + ################# + # Setup backups # + ################# -- name: "Setup backups" - import_tasks: backup.yml - tags: backup \ No newline at end of file + - name: "Setup backups" + import_tasks: backup.yml + tags: backup + + tags: synapse # / block \ No newline at end of file diff --git a/deployer/roles/build/tasks/wordpress.yml b/deployer/roles/build/tasks/wordpress.yml index f15114a..24a9a4a 100644 --- a/deployer/roles/build/tasks/wordpress.yml +++ b/deployer/roles/build/tasks/wordpress.yml @@ -1,99 +1,104 @@ --- -- name: "Set site_data_path to {{ www_path }}/{{ site.slug }}_wp-content" - set_fact: site_data_path="{{ www_path }}/{{ site.slug }}_wp-content" - tags: always + +- block: # Used for tagging all tasks with "wordpress" + + - name: "Set site_data_path to {{ www_path }}/{{ site.slug }}_wp-content" + set_fact: site_data_path="{{ www_path }}/{{ site.slug }}_wp-content" + tags: always -############################### -# Create wp-content if needed # -############################### + ############################### + # Create wp-content if needed # + ############################### -- name: Is it a new install? - stat: - path: "{{ site_data_path }}/index.php" - register: wpcontent - tags: bootstrap + - name: Is it a new install? + stat: + path: "{{ site_data_path }}/index.php" + register: wpcontent + tags: bootstrap -- name: Populate wp-content folder - block: - - name: "Clear folder {{ site_data_path }}" - file: - path: "{{ site_data_path }}" - state: absent - - name: "Download Wordpress v{{ wordpress.version }} archive" - get_url: - url: "https://wordpress.org/wordpress-{{ wordpress.version }}.tar.gz" - dest: "/tmp/wordpress.tgz" - checksum: "{{ wordpress.checksum }}" - - name: "Extract Wordpress v{{ wordpress.version }} archive" - unarchive: - src: "/tmp/wordpress.tgz" - dest: /tmp - remote_src: yes - - name: "Copy wp-content folder to destination" - copy: - src: /tmp/wordpress/wp-content/ - dest: "{{ site_data_path }}" - remote_src: yes - # group: www-data - # mode: '0660' - # directory_mode: '0770' - - name: Set proper access rights to wp-content tree - file: - path: "{{ site_data_path }}" - state: directory - recurse: yes - group: www-data - mode: "u=rwX,g=rwX,o=" + - name: Populate wp-content folder + block: + - name: "Clear folder {{ site_data_path }}" + file: + path: "{{ site_data_path }}" + state: absent + - name: "Download Wordpress v{{ wordpress.version }} archive" + get_url: + url: "https://wordpress.org/wordpress-{{ wordpress.version }}.tar.gz" + dest: "/tmp/wordpress.tgz" + checksum: "{{ wordpress.checksum }}" + - name: "Extract Wordpress v{{ wordpress.version }} archive" + unarchive: + src: "/tmp/wordpress.tgz" + dest: /tmp + remote_src: yes + - name: "Copy wp-content folder to destination" + copy: + src: /tmp/wordpress/wp-content/ + dest: "{{ site_data_path }}" + remote_src: yes + # group: www-data + # mode: '0660' + # directory_mode: '0770' + - name: Set proper access rights to wp-content tree + file: + path: "{{ site_data_path }}" + state: directory + recurse: yes + group: www-data + mode: "u=rwX,g=rwX,o=" - - name: "Remove downloaded content" - file: - path: "{{ toremove }}" - state: absent - loop: - - /tmp/wordpress.tgz - - /tmp/wordpress - loop_control: - loop_var: toremove + - name: "Remove downloaded content" + file: + path: "{{ toremove }}" + state: absent + loop: + - /tmp/wordpress.tgz + - /tmp/wordpress + loop_control: + loop_var: toremove - when: wpcontent.stat.exists is not defined or wpcontent.stat.exists == False - tags: bootstrap + when: wpcontent.stat.exists is not defined or wpcontent.stat.exists == False + tags: bootstrap -#################### -# Render templates # -#################### + #################### + # Render templates # + #################### -- name: "Render templates" - import_tasks: render.yml - tags: render + - name: "Render templates" + import_tasks: render.yml + tags: render -####################### -# MySQL configuration # -####################### + ####################### + # MySQL configuration # + ####################### -- name: "Setup MySQL" - import_tasks: mysql.yml - tags: mysql + - name: "Setup MySQL" + import_tasks: mysql.yml + tags: mysql -################# -# Setup backups # -################# + ################# + # Setup backups # + ################# -- name: "Setup backups" - import_tasks: backup.yml - tags: backup + - name: "Setup backups" + import_tasks: backup.yml + tags: backup -################### -# SSL certificate # -################### + ################### + # SSL certificate # + ################### -# - name: Create Let's Encrypt certificate -# This seems hard, see: -# https://docs.ansible.com/ansible/latest/modules/acme_certificate_module.html#acme-certificate-module -# https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04 -# Maybe using shell directly? e.g. -# certbot certonly --webroot -w /var/www/letsencrypt -d + # - name: Create Let's Encrypt certificate + # This seems hard, see: + # https://docs.ansible.com/ansible/latest/modules/acme_certificate_module.html#acme-certificate-module + # https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-ansible-on-ubuntu-18-04 + # Maybe using shell directly? e.g. + # certbot certonly --webroot -w /var/www/letsencrypt -d + + tags: wordpress # / block \ No newline at end of file diff --git a/deployer/roles/deploy/tasks/drupal.yml b/deployer/roles/deploy/tasks/drupal.yml index 6b14a91..054526d 100644 --- a/deployer/roles/deploy/tasks/drupal.yml +++ b/deployer/roles/deploy/tasks/drupal.yml @@ -2,10 +2,14 @@ # Needs variables: # - site: dict describing the site install (cf group_vars/all/vars.yml) -- name: Include nginx tasks - include_tasks: nginx.yml - tags: nginx +- block: # Used for tagging all tasks with "drupal" -- name: Include docker tasks - include_tasks: docker.yml - tags: docker + - name: Include nginx tasks + import_tasks: nginx.yml + tags: nginx + + - name: Include docker tasks + import_tasks: docker.yml + tags: docker + + tags: drupal \ No newline at end of file diff --git a/deployer/roles/deploy/tasks/gitea.yml b/deployer/roles/deploy/tasks/gitea.yml index a7ec8f0..98f80bb 100644 --- a/deployer/roles/deploy/tasks/gitea.yml +++ b/deployer/roles/deploy/tasks/gitea.yml @@ -2,10 +2,14 @@ # Needs variables: # - site: dict describing the site install (cf group_vars/all/vars.yml) -- name: Include docker tasks - include_tasks: docker.yml - tags: docker +- block: # Used for tagging all tasks with "gitea" -- name: Include nginx tasks - include_tasks: nginx.yml - tags: nginx + - name: Include docker tasks + import_tasks: docker.yml + tags: docker + + - name: Include nginx tasks + import_tasks: nginx.yml + tags: nginx + + tags: gitea \ No newline at end of file diff --git a/deployer/roles/deploy/tasks/synapse.yml b/deployer/roles/deploy/tasks/synapse.yml index a7ec8f0..c9361a8 100644 --- a/deployer/roles/deploy/tasks/synapse.yml +++ b/deployer/roles/deploy/tasks/synapse.yml @@ -2,10 +2,14 @@ # Needs variables: # - site: dict describing the site install (cf group_vars/all/vars.yml) -- name: Include docker tasks - include_tasks: docker.yml - tags: docker +- block: # Used for tagging all tasks with "synapse" -- name: Include nginx tasks - include_tasks: nginx.yml - tags: nginx + - name: Include docker tasks + import_tasks: docker.yml + tags: docker + + - name: Include nginx tasks + import_tasks: nginx.yml + tags: nginx + + tags: synapse \ No newline at end of file diff --git a/deployer/roles/deploy/tasks/wordpress.yml b/deployer/roles/deploy/tasks/wordpress.yml index 6b14a91..4ee8466 100644 --- a/deployer/roles/deploy/tasks/wordpress.yml +++ b/deployer/roles/deploy/tasks/wordpress.yml @@ -2,10 +2,14 @@ # Needs variables: # - site: dict describing the site install (cf group_vars/all/vars.yml) -- name: Include nginx tasks - include_tasks: nginx.yml - tags: nginx +- block: # Used for tagging all tasks with "wordpress" -- name: Include docker tasks - include_tasks: docker.yml - tags: docker + - name: Include nginx tasks + import_tasks: nginx.yml + tags: nginx + + - name: Include docker tasks + import_tasks: docker.yml + tags: docker + + tags: wordpress \ No newline at end of file