From 0335a47667c714f5292872d7f9e13bdebbb357c1 Mon Sep 17 00:00:00 2001 From: Yohann D'ANELLO Date: Sun, 26 Jul 2020 12:05:41 +0200 Subject: [PATCH] Anonymize data, fix remittance import, better Ansible --- ansible/roles/2-nk20/tasks/main.yml | 3 +- ansible/roles/4-nginx/tasks/main.yml | 5 ++ .../roles/4-nginx/templates/nginx_note.conf | 50 +++++++++++++++++++ apps/scripts | 2 +- 4 files changed, 58 insertions(+), 2 deletions(-) create mode 100644 ansible/roles/4-nginx/templates/nginx_note.conf diff --git a/ansible/roles/2-nk20/tasks/main.yml b/ansible/roles/2-nk20/tasks/main.yml index d150a1b6..2aca0698 100644 --- a/ansible/roles/2-nk20/tasks/main.yml +++ b/ansible/roles/2-nk20/tasks/main.yml @@ -11,7 +11,7 @@ git: repo: https://gitlab.crans.org/bde/nk20.git dest: /var/www/note_kfet - version: beta-soon + version: master force: true - name: Use default env vars (should be updated!) @@ -19,6 +19,7 @@ src: "env_example" dest: "/var/www/note_kfet/.env" mode: 0644 + force: false - name: Update permissions for note_kfet dir file: diff --git a/ansible/roles/4-nginx/tasks/main.yml b/ansible/roles/4-nginx/tasks/main.yml index 427fe1df..32fa651a 100644 --- a/ansible/roles/4-nginx/tasks/main.yml +++ b/ansible/roles/4-nginx/tasks/main.yml @@ -15,6 +15,11 @@ group: www-data state: link +- name: Disable default Nginx site + file: + dest: /etc/nginx/sites-enabled/default + state: absent + - name: Copy conf of UWSGI file: src: /var/www/note_kfet/uwsgi_note.ini diff --git a/ansible/roles/4-nginx/templates/nginx_note.conf b/ansible/roles/4-nginx/templates/nginx_note.conf new file mode 100644 index 00000000..8a84c03c --- /dev/null +++ b/ansible/roles/4-nginx/templates/nginx_note.conf @@ -0,0 +1,50 @@ +# the upstream component nginx needs to connect to +upstream note{ + server unix:///var/www/note_kfet/note_kfet.sock; # file socket +} + +# configuration of the server +server { + # the port your site will be served on + # the domain name it will serve for + server_name nk20-beta.crans.org; # substitute your machine's IP address or FQDN + charset utf-8; + + # max upload size + client_max_body_size 75M; # adjust to taste + + # Django media + location /media { + alias /var/www/note_kfet/media; # your Django project's media files - amend as required + } + + location /static { + alias /var/www/note_kfet/static; # your Django project's static files - amend as required + } + + # Finally, send all non-media requests to the Django server. + location / { + uwsgi_pass note; + include /var/www/note_kfet/uwsgi_params; # the uwsgi_params file you installed + } + + listen 443 ssl; + ssl_certificate /etc/letsencrypt/live/nk20-beta.crans.org/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/nk20-beta.crans.org/privkey.pem; + include /etc/letsencrypt/options-ssl-nginx.conf; + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; + +} + +server { + if ($host = nk20-beta.crans.org) { + return 301 https://$host$request_uri; + } + + + listen 80; + server_name nk20-beta.crans.org; + return 404; + + +} diff --git a/apps/scripts b/apps/scripts index 748ad7eb..126e5fa1 160000 --- a/apps/scripts +++ b/apps/scripts @@ -1 +1 @@ -Subproject commit 748ad7eb4813f2bb2f273a5e29cadeda1d58c3a1 +Subproject commit 126e5fa1e468298133f582b1dd1d380092b1eec8