adrien/automation
adrien/automation
1
1
Fork 0
Code Issues Pull requests Releases Wiki Activity

WIP generating site configuration

Browse source
This commit is contained in:
Adrien Luxey 2020-04-01 09:41:12 +02:00
parent 62061a03fc
commit 9efcd4aa62
8 changed files with 75 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
ansible/group_vars/all/vars.yml
View file

@ -10,9 +10,9 @@ sites:
# What kind of service is that? # What kind of service is that?
type: wordpress type: wordpress
# Subnet addresses # Subnet addresses
subnet_cidr_address: 172.27.0.0/24 subnet_cidr_address: 172.27.1.0/24
subnet_gateway_ip: 172.27.0.1 subnet_gateway_ip: 172.27.1.1
subnet_site_ip: 172.27.0.2 subnet_site_ip: 172.27.1.2
mysql_database: rdb mysql_database: rdb
mysql_username: rdb mysql_username: rdb

19
ansible/group_vars/all/vault.yml
View file

@ -1,9 +1,12 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
64613132623931393566346236303131623137326233643334626630346233333933363135666132 31616336646162653732636532313464313632303932376532636465323836663938356630663236
6331386332666238623539613361633836613837343530610a623632666231366436666136303764 3761366235343066333133623030623532636566306433650a313433303236623333663837326231
66333939643963323830326161646332633632336164366635613634366138663932393866356464 66613662623261373136386439353839633564356663316564613238353861396265386266353461
3066396637656636380a626635366239363866653335333661346432313566356635303338313963 3637666538346465370a313465643665333264646639353638623139383235336437373162613965
34613666396637346536616365323636376466626637313134346266353230376166303031353461 61393237613832613661353266636664616661373362626265656136393539663938303463386563
65633731623463393736663136303931666637303130353531353930663437353835346532373833 32616331643533646631613331383930363831383763636638326264346366363837353133626531
63346539653439383138303732656637323562336265616338323133343863356235346265616130 32316539393837333035643833383239386166393061626630623939653232316161653538313938
63333639666263363361 64316437343738306537306434663365653135353566363133396532306563306531656534653761
34303963303231353061653933656335396339343138663335366435663461353931393531616239
31313564346234353765343631653530343632616539383433303634333338323633633638326132
643561303631356266313864623937313062

2
ansible/inventory
View file

@ -1 +1 @@
serenity ansible_user=adrien ansible_host=92.243.8.85 serenity ansible_host=92.243.8.85 ansible_user=adrien ansible_become_pass="{{ vault_adrien_serenity_password }}"

6
ansible/roles/build/tasks/wordpress.yml
View file

@ -13,3 +13,9 @@
template: template:
src: docker-compose.yml.j2 src: docker-compose.yml.j2
dest: "{{ sites_path }}/{{ item.slug }}/docker-compose.yml" dest: "{{ sites_path }}/{{ item.slug }}/docker-compose.yml"
- name: Render swell nginx site config
template:
src: nginx-wordpress.j2
dest: "/etc/nginx/sites-available/{{ item.url }}"
become: yes

17
ansible/roles/build/templates/Dockerfile.j2
View file

@ -4,11 +4,16 @@ RUN apt-get update; \
apt-get install -y --no-install-recommends msmtp; \ apt-get install -y --no-install-recommends msmtp; \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*
RUN echo "sendmail_path = /usr/sbin/msmtp -t " > /usr/local/etc/php/conf.d/sendmail.ini RUN echo "sendmail_path = /usr/bin/msmtp -t " > /usr/local/etc/php/conf.d/sendmail.ini
RUN cat << EOF > /etc/msmtprc # RUN "cat << EOF > /etc/msmtprc
account default # account default
host {{ item.subnet_gateway_ip }} # host {{ item.subnet_gateway_ip }}
port 25 # port 25
EOF # EOF"
RUN echo "\
account default\n\
host {{ item.subnet_gateway_ip }}\n\
port 25\n\
from php@{{ item.url }}" > /etc/msmtprc

4
ansible/roles/build/templates/docker-compose.yml.j2
View file

@ -12,8 +12,8 @@ services:
WORDPRESS_DB_USER: "{{ item.mysql_username }}" WORDPRESS_DB_USER: "{{ item.mysql_username }}"
WORDPRESS_DB_PASSWORD: "{{ item.mysql_password }}" WORDPRESS_DB_PASSWORD: "{{ item.mysql_password }}"
WORDPRESS_DB_NAME: "{{ item.mysql_database }}" WORDPRESS_DB_NAME: "{{ item.mysql_database }}"
volumes: # volumes:
- "{{ www_path }}/{{ item.slug }}_wp-content:/var/www/html/wp-content" # - "{{ www_path }}/{{ item.slug }}_wp-content:/var/www/html/wp-content"
networks: networks:
net: net:
ipv4_address: "{{ item.subnet_site_ip }}" ipv4_address: "{{ item.subnet_site_ip }}"

35
ansible/roles/build/templates/nginx-site.conf.j2
View file

@ -1,35 +0,0 @@
# Generated by ansible for site {{ site_url }}
# At {{ subnet_site_ip }} on {{ subnet_cidr_address }}
server {
listen 80;
listen [::]:80;
server_name {{ site_url }};
rewrite ^ https://{{ site_url }}$request_uri permanent;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name {{ site_url }};
access_log /var/log/nginx/{{ site_name }}-access.log;
error_log /var/log/nginx/error.log;
# Let's Encrypt
include snippets/letsencrypt.conf;
include snippets/ssl-params.conf;
ssl_certificate /etc/letsencrypt/live/{{ site_url }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ site_url }}/privkey.pem;
include snippets/header-params_server.conf;
location / {
include snippets/header-params_location.conf;
proxy_pass http://{{ subnet_site_ip }}:80;
}
}

40
ansible/roles/build/templates/nginx-wordpress.j2 Normal file
View file

@ -0,0 +1,40 @@
# Generated by ansible for site {{ item.url }}
# At {{ item.subnet_site_ip }} on {{ item.subnet_cidr_address }}
server {
listen 80;
listen [::]:80;
server_name {{ item.url }};
# Let's Encrypt
include snippets/letsencrypt.conf;
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name {{ item.url }};
access_log /var/log/nginx/{{ item.slug }}-access.log;
error_log /var/log/nginx/error.log;
# Let's Encrypt
include snippets/letsencrypt.conf;
include snippets/ssl-params.conf;
ssl_certificate /etc/letsencrypt/live/{{ item.url }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ item.url }}/privkey.pem;
include snippets/header-params_server.conf;
location / {
include snippets/header-params_location.conf;
proxy_pass http://{{ item.subnet_site_ip }}:80;
}
}