WIP generating site configuration

ansible/group_vars/all/vars.yml

@@ -10,9 +10,9 @@ sites:
     # What kind of service is that?
     type: wordpress
     # Subnet addresses
-    subnet_cidr_address: 172.27.0.0/24
-    subnet_gateway_ip: 172.27.0.1
-    subnet_site_ip: 172.27.0.2
+    subnet_cidr_address: 172.27.1.0/24
+    subnet_gateway_ip: 172.27.1.1
+    subnet_site_ip: 172.27.1.2
     
     mysql_database: rdb
     mysql_username: rdb

ansible/group_vars/all/vault.yml

@@ -1,9 +1,12 @@
 $ANSIBLE_VAULT;1.1;AES256
-64613132623931393566346236303131623137326233643334626630346233333933363135666132
-6331386332666238623539613361633836613837343530610a623632666231366436666136303764
-66333939643963323830326161646332633632336164366635613634366138663932393866356464
-3066396637656636380a626635366239363866653335333661346432313566356635303338313963
-34613666396637346536616365323636376466626637313134346266353230376166303031353461
-65633731623463393736663136303931666637303130353531353930663437353835346532373833
-63346539653439383138303732656637323562336265616338323133343863356235346265616130
-63333639666263363361
+31616336646162653732636532313464313632303932376532636465323836663938356630663236
+3761366235343066333133623030623532636566306433650a313433303236623333663837326231
+66613662623261373136386439353839633564356663316564613238353861396265386266353461
+3637666538346465370a313465643665333264646639353638623139383235336437373162613965
+61393237613832613661353266636664616661373362626265656136393539663938303463386563
+32616331643533646631613331383930363831383763636638326264346366363837353133626531
+32316539393837333035643833383239386166393061626630623939653232316161653538313938
+64316437343738306537306434663365653135353566363133396532306563306531656534653761
+34303963303231353061653933656335396339343138663335366435663461353931393531616239
+31313564346234353765343631653530343632616539383433303634333338323633633638326132
+643561303631356266313864623937313062

ansible/inventory

@@ -1 +1 @@
-serenity ansible_user=adrien ansible_host=92.243.8.85
+serenity ansible_host=92.243.8.85 ansible_user=adrien ansible_become_pass="{{ vault_adrien_serenity_password }}"

ansible/roles/build/tasks/wordpress.yml

@@ -12,4 +12,10 @@
 - name: Render marvelous docker-compose.yml
   template:
     src: docker-compose.yml.j2
-    dest: "{{ sites_path }}/{{ item.slug }}/docker-compose.yml"
+    dest: "{{ sites_path }}/{{ item.slug }}/docker-compose.yml"
+
+- name: Render swell nginx site config
+  template:
+    src: nginx-wordpress.j2
+    dest: "/etc/nginx/sites-available/{{ item.url }}"
+  become: yes

ansible/roles/build/templates/Dockerfile.j2

@@ -4,11 +4,16 @@ RUN apt-get update; \
 	apt-get install -y --no-install-recommends msmtp; \
 	rm -rf /var/lib/apt/lists/*
 
-RUN echo "sendmail_path = /usr/sbin/msmtp -t " > /usr/local/etc/php/conf.d/sendmail.ini
+RUN echo "sendmail_path = /usr/bin/msmtp -t " > /usr/local/etc/php/conf.d/sendmail.ini
 
-RUN cat << EOF > /etc/msmtprc
-account default
-host {{ item.subnet_gateway_ip }}
-port 25
-EOF
+# RUN "cat << EOF > /etc/msmtprc
+# account default
+# host {{ item.subnet_gateway_ip }}
+# port 25
+# EOF"
 
+RUN echo "\
+account default\n\
+host {{ item.subnet_gateway_ip }}\n\
+port 25\n\
+from php@{{ item.url }}" > /etc/msmtprc

ansible/roles/build/templates/docker-compose.yml.j2

@@ -12,8 +12,8 @@ services:
       WORDPRESS_DB_USER: "{{ item.mysql_username }}"
       WORDPRESS_DB_PASSWORD: "{{ item.mysql_password }}"
       WORDPRESS_DB_NAME: "{{ item.mysql_database }}"
-    volumes: 
-      - "{{ www_path }}/{{ item.slug }}_wp-content:/var/www/html/wp-content"
+#    volumes: 
+#      - "{{ www_path }}/{{ item.slug }}_wp-content:/var/www/html/wp-content"
     networks:
       net:
         ipv4_address: "{{ item.subnet_site_ip }}"

ansible/roles/build/templates/nginx-site.conf.j2

@@ -1,35 +0,0 @@
-# Generated by ansible for site {{ site_url }} 
-# At {{ subnet_site_ip }} on {{ subnet_cidr_address }}
-
-server {
-  listen 80;
-  listen [::]:80;
-  server_name {{ site_url }};
-
-  rewrite ^ https://{{ site_url }}$request_uri permanent;
-}
-
-server {
-  listen 443 ssl;
-  listen [::]:443 ssl;
-  server_name {{ site_url }};
-
-  access_log  /var/log/nginx/{{ site_name }}-access.log;
-  error_log   /var/log/nginx/error.log;
-
-  # Let's Encrypt
-  include snippets/letsencrypt.conf;
-
-  include snippets/ssl-params.conf;
-  ssl_certificate /etc/letsencrypt/live/{{ site_url }}/fullchain.pem;
-  ssl_certificate_key /etc/letsencrypt/live/{{ site_url }}/privkey.pem;
-  
-  include snippets/header-params_server.conf;
-  location / {
-    include snippets/header-params_location.conf;
-  
-    proxy_pass http://{{ subnet_site_ip }}:80;
-  }
-}
-
-

ansible/roles/build/templates/nginx-wordpress.j2

@@ -0,0 +1,40 @@
+# Generated by ansible for site {{ item.url }} 
+# At {{ item.subnet_site_ip }} on {{ item.subnet_cidr_address }}
+
+server {
+  listen 80;
+  listen [::]:80;
+  server_name {{ item.url }};
+
+  # Let's Encrypt
+  include snippets/letsencrypt.conf;
+
+  location / {
+    return 301 https://$server_name$request_uri;
+  }
+}
+
+server {
+  listen 443 ssl;
+  listen [::]:443 ssl;
+  server_name {{ item.url }};
+
+  access_log  /var/log/nginx/{{ item.slug }}-access.log;
+  error_log   /var/log/nginx/error.log;
+
+  # Let's Encrypt
+  include snippets/letsencrypt.conf;
+
+  include snippets/ssl-params.conf;
+  ssl_certificate /etc/letsencrypt/live/{{ item.url }}/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/{{ item.url }}/privkey.pem;
+  
+  include snippets/header-params_server.conf;
+  location / {
+    include snippets/header-params_location.conf;
+  
+    proxy_pass http://{{ item.subnet_site_ip }}:80;
+  }
+}
+
+